Secure Software applications and infrastructure from potential vulnerabilities and attacks. Drive product privacy and cybersecurity features and enhancements. Ability to work in a fast-paced, rapidly changing, Agile, competitive environment.
responsibilities :
Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
Oversee the management and remediation of identified security flaws within our development platforms
Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
Drive vulnerability assessment and penetration testing (VAPT) activities for multiple R&D applications, implement DEVSECOPS across the product line
CI/CD integration of SAST and DAST platforms
requirements-expected :
A professional with a certain level of knowledge and at least 8 years of expertise in Software application pen testing
Knowledge of the DevSecOps framework, understanding on NIST, OWASP, MITRE, CWE etc
An understanding of programming languages such as C#, Perl, JavaScript, Python and/or PHP
Understanding of TCP/IP, common networking ports and protocols, OSI model
Knowledge of Threat modelling and risk assessment techniques
Up-to-date knowledge of cybersecurity threats, current best practices, and latest software.
An understanding of programs such as HP Fortify, Puppet, Chef, ThreatModeler, Checkmarx, Aqua. They may also need to know Kubernetes/ Docker. Security assessment tools (e.g. NESSUS, NMap, BurpSuite, ZAP, OWASP tools, Kali Linux tools, Fuzzing tools)
Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
Knowledge of one or more SSO methodologies (SAML, LDAP, OpenID)
Experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
The job demands to have deep product knowledge to ensure the clinical functionality, expected operating environment, and interoperability to accurately determine a product’s privacy and security risks.
Education: Bachelor of Technology / Master of Technology in: Computer Science (CS), Information Technology (IT), Electrical Engineering (EE), Electronics and Communication (EC), Electronics and Instrumentation (EI)
