This job offer is not available in your country.

Web Application Security

NETSACH GLOBALChennai, Tamil Nadu, India

25 days ago

Job description

Greetings from Netsach - A Cyber Security Company.

We are looking for Web Application Security consultant with minimum of 3+ years of relevant experience in an information security function with good background in information technology, stakeholder management and people management. Their primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles / patterns / controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads.

Job Title : Web Application Security

Exp : 3+yrs

Location : Chennai, Onsite

Job Type : Full-Time

Interested candidates please share your updated resume at emily@netsach.co.in

Key Skills Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.

Tools and Technologies Burp Suite, Postman, Tenable Nessus, Checkmarx SAST, GitHub and good knowledge about monolithic and microservice architecture and pipeline driven security.

Technical Requirement

Web Application Security Owasp top 10 , CVSS etc
Security Code Review manual code review in Git etc
API Security Review Open shift, container review etc.
Database Security Requirements to enhance security on Database
Web Server Security Requirements to enhance security on the web server
Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.
Integration review How the application connects with different systems, performed security review on those integrations.
Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.

Knowledge & Skill Set :

Expert at the Web application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc.

Good understanding of Microservice based architecture (Technical)

Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection / detection & API / Micro services Security

Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST / SAST tools and building Evil Stories (Technical).

The Analyst / Engineer should be able to understand how different systems work and what security controls are implemented in such integrations.

The Analyst / Engineer should be capable in understanding the hardening standards, creating one if not available, and perform the testing against the hardening standards.

The Analyst / Engineer should be capable of assessing security flaws in underlying infrastructure and the connected components.

The Analyst / Engineer should be capable of assessing the security flaws in the Transport Layer.

The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise.

The Analyst / Engineer can understand and interpret potential issues found in source or compiled code.

The Analyst / Engineer has automation skills / capability in the form of scripting or similar.

The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures.

Desirable Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and / or during agile ceremonies, via Evil Stories.

The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance.

The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams.

The Analyst / Engineer can interpret and understand vulnerability assessment reports and calculate inherent and / or residual risks based on the assessment of such reports.

Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team.

Good negotiation skills will be desirable Must have good judgment skills to decide on an exception approval.

Ability to enforce improvements when necessary, using Influence rather than Policing measures Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders.

Knowledge of application of Agile methodologies / principles such as Scrum or Kanban

Soft Skills :

Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective

Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement good architecture principles to lower technical debt

Assertive personality; should be able to hold her / his own in a project board or work group setting

Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.

Ability to work under pressure and meet tough / challenging deadlines

Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not

Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint

Has strong decision making, planning and time management skills.

Can work independently.

Has a positive and constructive attitude

Education

Bachelors degree in a computer-related field such as computer science, cyber / information security discipline, physics, mathematics or similar

Certifications

General Information Security : OSCP, CEH, CISM / CISA or similar

General Cloud Security : CCSK / CCSP or similar

Specific Cloud Security : Azure Security or similar

Network Security : CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist

Thank You

Emily Jha

emily@netsach.co.in

Netsach - A Cyber Security Company

www.netsach.co.in

Create a job alert for this search

Application Security • Chennai, Tamil Nadu, India

Related jobs

Application Security Head

ADANI GROUPINDIA

Conduct regular security assessments of applications to identify and prioritize vulnerabilities.Perform penetration testing on web and mobile applications to simulate real-world cyber-attacks and u...Show moreLast updated: 30+ days ago

Security Engineer I (Application Security)

coinswitchINDIA

PeepalCo is a house for brands serving India with tailored wealth-tech products, Making Money Equal for All.Founded by Ashish Singhal, Govind Soni, and Vimal Sagar Tiwari, PeepalCos products includ...Show moreLast updated: 30+ days ago

Senior Application Security Architect

BinanceINDIA

Senior Application Security Architect.Security & IT Helpdesk Security.Binance is a leading global blockchain ecosystem behind the worlds largest cryptocurrency exchange by trading volume and regis...Show moreLast updated: 30+ days ago

Full Stack Web Application Developer II

Bristol Myers SquibbINDIA

Those arent words that are usually associated with a job.But working at Bristol Myers Squibb is anything but usual.Here, uniquely interesting work happens every day, in every department.From optimi...Show moreLast updated: 30+ days ago

Application Security Specialist [Cyber Hygiene]

UBSINDIA

At UBS, we embrace flexible ways of working when the role permits.We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working.Our purpose-led culture an...Show moreLast updated: 30+ days ago

Senior Lead Application Security Engineer

BAKER HUGHESINDIA

Lead Application Security Engineer.Would you like to innovate with the latest energy technology?.Do you enjoy being part of a successful team?. Join our Digital Technology team.We operate at the hea...Show moreLast updated: 30+ days ago

IS - Sr. Application Security Engineer (L09)

SynchronyINDIA

Application Security Engineer (L09).Synchrony (NYSE : SYF) is a premier consumer financial services company delivering one of the industrys most complete digitally enabled product suites.Our experie...Show moreLast updated: 30+ days ago

Ethical Hacker Web & Mobile Application Penetration Testing

Miamin Systems incINDIA

Key Responsibilities : Proven expertise & track record in Web and Mobile application Penetration testing (Web, Mobile, API / Webservices) Proven expertise & track record in Network and system Penetr...Show moreLast updated: 30+ days ago

Promoted

Application Security Lead

Oak TitaniumChennai, IN

Job Title : Application Security Lead .We are a rapidly growing cybersecurity firm delivering advanced security solutions to enterprises across the Middle East, Europe, and the United States.Our mis...Show moreLast updated: 17 days ago

Security Analyst - API Security

Lennox India Technology CentreChennai, Tamil Nadu, India

Dynamic Application Security Testing (DAST).REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc. Static Application Security Testing (SAST).DevOps, developers, and ...Show moreLast updated: 13 days ago

Promoted

Senior Application Security Analyst

Global Infovision Private LimitedChennai, IN

Job Title : Application Security Analyst.Skills : Threat Modeling, Secure SDL, Dev secops & (Comm skills).Show moreLast updated: 1 day ago

Senior Security Engineer (Application & Cloud Security)

Tazapay Pte LtdChennai, Tamil Nadu, India

Job Title - Senior Security Engineer (Application & Cloud Security).Tazapay is a cross border payment service provider.They offer local collections via local payment methods, virtual accounts a...Show moreLast updated: 26 days ago

Promoted

Web Application Developer

VerventChennai, IN

The Web Application Full Stack Developer will be responsible for developing the Web module feature implementation for Financial Technology applications and needs to works on both the front-end and ...Show moreLast updated: 17 days ago

Web Security appliance

Anicalls (Pty) LtdChennai, India

Standard protocols such as SMTP, DNS, FTP, SSH, TCP / IP.UNIX system administrator skills.Knowledge of Web protocols and proxies servers. Industry Security Certifications : CCNA Security, CISSP or equi...Show moreLast updated: 30+ days ago

Web Application Firewall

Tata Consultancy ServicesChennai, Tamil Nadu, India

TCS has been a great pioneer in feeding the fire of Young Techies like you.We are a global leader in the technology arena and there's nothing that can stop us from growing together.TCS Hiring for W...Show moreLast updated: 13 days ago

Promoted

Application Security Engineer

TELUS DigitalChennai, IN

We are a Digital Customer Experience organization, with a comprehensive coverage of IT Services from Traditional Services to Next Gen Digital Services. At TELUS Digital, we focus on lean, agile, hum...Show moreLast updated: 1 day ago

Software Developer - Web Application

McKinsey & CompanyChennai

Driving lasting impact and building long-term capabilities with our clients is not easy work.You are the kind of person who thrives in a high performance / high reward culture - doing hard things, pi...Show moreLast updated: 17 days ago

Senior Application Security Engineer

GenChennai,Tamil Nadu,IND

We’re not just a company; we’re a global force.Fiercely committed to ensuring that everyone, everywhere, can live their lives digitally safe. Our family of brands – Norton, Avast, LifeLock, Avira, A...Show moreLast updated: 17 days ago