eClinicalWorks
Location
Mumbai | India
Job description
Position Overview :The Security Analyst is expected to perform vulnerability assessment, security analysis, penetration testing, code review of the product/modules and report the findings in defect tracking tool. It also includes but not limited to re analyze the findings and work with developers for the fixes.Job Functions/Responsibilities :1) Manual Testing :- Perform threat modelling- Perform architectural analysis- Perform logical security assessment- Monitor third party and internal API's, SDK and libraries are up to date.- Generate assessment report- Report your findings as per severity- Participate in secure SDLC by reviewing functional and design documents.- Perform manual and automated code reviews by using IAST, SAST and DAST tools.2) Automation testing :- To use automated scanning tools - Review false positives and true positives- Generate assessment report- Report your findings as per severity- Analyze reports from interactive source code review tool for false positives and include it in the report.3) Analysis and reporting : - Create detailed assessment report as per eClinicalWorks standard.- Report issues as per severity- Review, analyze external pen test report.- Follow up and review the fixes4) Ad hoc request :- Work on Ad hoc request related to application security.- Conduct pen. Test, Design reviews as per the request- Participate in release management by periodically assessing builds and patches as required by QA and RM teams.- Work with Cross functional teams like Architect, Engineering, QA, DevOps, support, implementation and customers to meet security requirements as required by business need based on various assessment, events and incidents.- Work with 3rd party vendors to provide them support required for penetration testing.5) Trainings and knowledge transfer :- Conduct periodic security awareness training as per the requirement bases on global standards (ref:hirist.tech)
Job tags
Salary
