<p><p><b>About the job : </b><br/><br/></p><p>Exp : 3-6 Yrs<br/><br/></p><p>Location : Bangalore/ Chennai<br/><br/></p><p>Notice Period : Immediate -30 Max<br/><b><br/></b></p><p><p><b>SKILLS : </b></p><p><br/></p>- Mobile Web Security(Android & IOS)<br/><br/></p><p>- Source Code Review<br/><br/></p><p>- API's<br/><br/></p><p>- Network Security<br/><br/></p><p>- OWASP 10<br/><br/><b>Application Security Assessment Skillset : </b><br/><br/></p><p>1.
Web Application Security Owasp top 10 , CVSS etc<br/><br/></p><p>2.
Security Code Review manual code review in Git etc<br/><br/></p><p>3.
API Security Review Open shift, container review etc.<br/><br/></p><p>5.
Web Server Security Requirements to enhance security on the web server<br/><br/></p><p>6.
Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.<br/><br/></p><p>7.
Integration review How the application connects with different systems, performed security review on those integrations.<br/><br/></p><p>8.
Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.</p><p><br/></p><p>9.
Database Security Requirements to enhance security on Database</p><p><br/><b>Soft Skills : </b><br/><br/></p><p>- Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective<br/><br/></p><p>- Holistic thinking; must balance security and functionality using practical demonstrable examples.<br/><br/></p><p>- Must also contribute to and implement good architecture principles to lower technical debt<br/><br/></p><p>- Assertive personality; should be able to hold her/his own in a project board or work group setting<br/><br/></p><p>- Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner<br/><br/></p><p>- Ability to work under pressure and meet tough/challenging deadlines<br/><br/></p><p>- Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not<br/><br/></p><p>- Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint<br/><br/></p><p>- Has strong decision making, planning and time management skills.<br/><br/></p><p>- Can work independently.<br/><br/></p><p>- Has a positive and constructive attitude</p><br/></p> (ref:hirist.tech)