<p><p>Senior Security Consultant Application Security & Audit</p><br/><p><b>Location : </b>Pan India / Remote</p><br/><p><b>Experience : </b>10+ Years</p><br/><p><b>Role Overview :</b></p><br/><p>We are seeking a highly experienced and technically proficient Senior Security Consultant to specialize in Application Security and Audit.
With over 10 years of experience, the ideal candidate will be a subject matter expert, responsible for designing, implementing, and auditing robust security controls across our applications and cloud infrastructure.
This role requires a strong blend of hands-on technical skills, strategic thinking about cloud architecture, and a deep commitment to maintaining regulatory compliance.</p><br/><p><b>Key Responsibilities :</b></p><br/><p><b>Application Security & Audit :</b></p><br/><p>- Lead and execute comprehensive application security audits, identifying vulnerabilities and providing actionable remediation guidance based on industry best practices.</p><br/><p>- Advise development teams on secure coding practices and methodologies, including performing code reviews and training developers.</p><br/><p>- Expertly utilize frameworks such as the OWASP Top 10 and the OWASP Application Security Verification Standard (ASVS) to guide testing and development efforts.</p><br/><p>- Design and implement security solutions related to identity, access, and data protection.</p><br/><p>- Oversee the management of digital certificates, Public Key Infrastructure (PKI), and Single Sign-On (SSO) configurations to ensure secure authentication and encryption.</p><br/><p><b>Cloud & Infrastructure Security :</b></p><br/><p>- Apply solid knowledge of cloud security architecture across major platforms, including Azure, AWS, and GCP, advising on secure configurations, networking, and services.</p><br/><p>- Configure and monitor security tools such as SIEM (e.g., Splunk, Microsoft Sentinel) for effective threat detection, incident response, and security analytics.</p><br/><p>- Utilize and manage vulnerability scanners and EDR/XDR platforms to maintain continuous visibility and protection across endpoints and cloud workloads.</p><br/><p>- Implement and audit network security concepts including firewalls, proxies, Intrusion Detection/Prevention Systems (IDS/IPS), and VPNs.</p><br/><p><b>Compliance & Automation :</b></p><br/><p>- Maintain a working understanding of regulatory compliance frameworks (e.g., GDPR, HIPAA, SOC 2) and industry certifications, ensuring all applications and systems adhere to required standards.</p><br/><p>- Drive efficiency by utilizing scripting languages (e.g., Python, PowerShell) to automate security tasks, reporting, and compliance checks.</p><br/><p>- Develop and document security policies, standards, and procedures for secure software development and operational security.</p><br/><p><b>Required Skills & Expertise :</b></p><br/><p><b>Experience:</b> 10+ years in Information Security, with a strong focus on Application Security, Cloud Security, and GRC/Audit functions.</p><br/><p><b>Cloud Security:</b> Deep knowledge of cloud security controls and services in at least one major provider (Azure, AWS, or GCP).</p><br/><p><b>Security Tools:</b> Hands-on experience with security tools including SIEM (Splunk, Sentinel), vulnerability scanners, and EDR/XDR solutions.</p><br/><p><b>Network Security:</b> Proficient in network security concepts (Firewalls, Proxies, IDS/IPS, VPNs).</p><br/><p><b>AppSec & Audit:</b> Expertise in secure coding, code review methodologies, and the OWASP Top 10.</p><br/><p><b>Cryptography & Identity:</b> Proven experience managing digital certificates, PKI, and SSO Strong ability to automate security tasks using scripting (e.g., Python, Familiarity with major regulatory compliance frameworks and industry certifications.</p><br/><p><b>Soft Skills:</b> Excellent verbal and written communication, leadership, and consulting skills.</p><br/></p> (ref:hirist.tech)