Talent.com
This job offer is not available in your country.
Web Application Security

Web Application Security

NETSACH GLOBALChennai, Tamil Nadu, India
25 days ago
Job description

Greetings from Netsach - A Cyber Security Company.

We are looking for Web Application Security consultant with minimum of 3+ years of relevant experience in an information security function with good background in information technology, stakeholder management and people management. Their primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles / patterns / controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads.

Job Title : Web Application Security

Exp : 3+yrs

Location : Chennai, Onsite

Job Type : Full-Time

Interested candidates please share your updated resume at emily@netsach.co.in

Key Skills Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.

Tools and Technologies Burp Suite, Postman, Tenable Nessus, Checkmarx SAST, GitHub and good knowledge about monolithic and microservice architecture and pipeline driven security.

Technical Requirement

  • Web Application Security Owasp top 10 , CVSS etc
  • Security Code Review manual code review in Git etc
  • API Security Review Open shift, container review etc.
  • Database Security Requirements to enhance security on Database
  • Web Server Security Requirements to enhance security on the web server
  • Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.
  • Integration review How the application connects with different systems, performed security review on those integrations.
  • Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.

Knowledge & Skill Set :

  • Expert at the Web application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc.
  • Good understanding of Microservice based architecture (Technical)
  • Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection / detection & API / Micro services Security
  • Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST / SAST tools and building Evil Stories (Technical).
  • The Analyst / Engineer should be able to understand how different systems work and what security controls are implemented in such integrations.
  • The Analyst / Engineer should be capable in understanding the hardening standards, creating one if not available, and perform the testing against the hardening standards.
  • The Analyst / Engineer should be capable of assessing security flaws in underlying infrastructure and the connected components.
  • The Analyst / Engineer should be capable of assessing the security flaws in the Transport Layer.
  • The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise.
  • The Analyst / Engineer can understand and interpret potential issues found in source or compiled code.
  • The Analyst / Engineer has automation skills / capability in the form of scripting or similar.
  • The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures.
  • Desirable Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and / or during agile ceremonies, via Evil Stories.
  • The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance.
  • The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams.
  • The Analyst / Engineer can interpret and understand vulnerability assessment reports and calculate inherent and / or residual risks based on the assessment of such reports.
  • Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team.
  • Good negotiation skills will be desirable Must have good judgment skills to decide on an exception approval.
  • Ability to enforce improvements when necessary, using Influence rather than Policing measures Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders.
  • Knowledge of application of Agile methodologies / principles such as Scrum or Kanban
  • Soft Skills :

  • Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective
  • Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement good architecture principles to lower technical debt
  • Assertive personality; should be able to hold her / his own in a project board or work group setting
  • Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.
  • Ability to work under pressure and meet tough / challenging deadlines
  • Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not
  • Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint
  • Has strong decision making, planning and time management skills.
  • Can work independently.
  • Has a positive and constructive attitude
  • Education

    Bachelors degree in a computer-related field such as computer science, cyber / information security discipline, physics, mathematics or similar

    Certifications

  • General Information Security : OSCP, CEH, CISM / CISA or similar
  • General Cloud Security : CCSK / CCSP or similar
  • Specific Cloud Security : Azure Security or similar
  • Network Security : CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist
  • Thank You

    Emily Jha

    emily@netsach.co.in

    Netsach - A Cyber Security Company

    www.netsach.co.in

    Create a job alert for this search

    Application Security • Chennai, Tamil Nadu, India

    Related jobs
    Application Security Head

    Application Security Head

    ADANI GROUPINDIA
    Conduct regular security assessments of applications to identify and prioritize vulnerabilities.Perform penetration testing on web and mobile applications to simulate real-world cyber-attacks and u...Show moreLast updated: 30+ days ago
    Security Engineer I (Application Security)

    Security Engineer I (Application Security)

    coinswitchINDIA
    PeepalCo is a house for brands serving India with tailored wealth-tech products, Making Money Equal for All.Founded by Ashish Singhal, Govind Soni, and Vimal Sagar Tiwari, PeepalCos products includ...Show moreLast updated: 30+ days ago
    Senior Application Security Architect

    Senior Application Security Architect

    BinanceINDIA
    Senior Application Security Architect.Security & IT Helpdesk Security.Binance is a leading global blockchain ecosystem behind the worlds largest cryptocurrency exchange by trading volume and regis...Show moreLast updated: 30+ days ago
    Full Stack Web Application Developer II

    Full Stack Web Application Developer II

    Bristol Myers SquibbINDIA
    Those arent words that are usually associated with a job.But working at Bristol Myers Squibb is anything but usual.Here, uniquely interesting work happens every day, in every department.From optimi...Show moreLast updated: 30+ days ago
    Application Security Specialist [Cyber Hygiene]

    Application Security Specialist [Cyber Hygiene]

    UBSINDIA
    At UBS, we embrace flexible ways of working when the role permits.We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working.Our purpose-led culture an...Show moreLast updated: 30+ days ago
    Senior Lead Application Security Engineer

    Senior Lead Application Security Engineer

    BAKER HUGHESINDIA
    Lead Application Security Engineer.Would you like to innovate with the latest energy technology?.Do you enjoy being part of a successful team?. Join our Digital Technology team.We operate at the hea...Show moreLast updated: 30+ days ago
    IS - Sr. Application Security Engineer (L09)

    IS - Sr. Application Security Engineer (L09)

    SynchronyINDIA
    Application Security Engineer (L09).Synchrony (NYSE : SYF) is a premier consumer financial services company delivering one of the industrys most complete digitally enabled product suites.Our experie...Show moreLast updated: 30+ days ago
    Ethical Hacker Web & Mobile Application Penetration Testing

    Ethical Hacker Web & Mobile Application Penetration Testing

    Miamin Systems incINDIA
    Key Responsibilities : Proven expertise & track record in Web and Mobile application Penetration testing (Web, Mobile, API / Webservices) Proven expertise & track record in Network and system Penetr...Show moreLast updated: 30+ days ago
    • Promoted
    Application Security Lead

    Application Security Lead

    Oak TitaniumChennai, IN
    Job Title : Application Security Lead .We are a rapidly growing cybersecurity firm delivering advanced security solutions to enterprises across the Middle East, Europe, and the United States.Our mis...Show moreLast updated: 17 days ago
    Security Analyst - API Security

    Security Analyst - API Security

    Lennox India Technology CentreChennai, Tamil Nadu, India
    Dynamic Application Security Testing (DAST).REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc. Static Application Security Testing (SAST).DevOps, developers, and ...Show moreLast updated: 13 days ago
    • Promoted
    Senior Application Security Analyst

    Senior Application Security Analyst

    Global Infovision Private LimitedChennai, IN
    Job Title : Application Security Analyst.Skills : Threat Modeling, Secure SDL, Dev secops & (Comm skills).Show moreLast updated: 1 day ago
    Senior Security Engineer (Application & Cloud Security)

    Senior Security Engineer (Application & Cloud Security)

    Tazapay Pte LtdChennai, Tamil Nadu, India
    Job Title - Senior Security Engineer (Application & Cloud Security).Tazapay is a cross border payment service provider.They offer local collections via local payment methods, virtual accounts a...Show moreLast updated: 26 days ago
    • Promoted
    Web Application Developer

    Web Application Developer

    VerventChennai, IN
    The Web Application Full Stack Developer will be responsible for developing the Web module feature implementation for Financial Technology applications and needs to works on both the front-end and ...Show moreLast updated: 17 days ago
    Web Security appliance

    Web Security appliance

    Anicalls (Pty) LtdChennai, India
    Standard protocols such as SMTP, DNS, FTP, SSH, TCP / IP.UNIX system administrator skills.Knowledge of Web protocols and proxies servers. Industry Security Certifications : CCNA Security, CISSP or equi...Show moreLast updated: 30+ days ago
    Web Application Firewall

    Web Application Firewall

    Tata Consultancy ServicesChennai, Tamil Nadu, India
    TCS has been a great pioneer in feeding the fire of Young Techies like you.We are a global leader in the technology arena and there's nothing that can stop us from growing together.TCS Hiring for W...Show moreLast updated: 13 days ago
    • Promoted
    Application Security Engineer

    Application Security Engineer

    TELUS DigitalChennai, IN
    We are a Digital Customer Experience organization, with a comprehensive coverage of IT Services from Traditional Services to Next Gen Digital Services. At TELUS Digital, we focus on lean, agile, hum...Show moreLast updated: 1 day ago
    Software Developer - Web Application

    Software Developer - Web Application

    McKinsey & CompanyChennai
    Driving lasting impact and building long-term capabilities with our clients is not easy work.You are the kind of person who thrives in a high performance / high reward culture - doing hard things, pi...Show moreLast updated: 17 days ago
    Senior Application Security Engineer

    Senior Application Security Engineer

    GenChennai,Tamil Nadu,IND
    We’re not just a company; we’re a global force.Fiercely committed to ensuring that everyone, everywhere, can live their lives digitally safe. Our family of brands – Norton, Avast, LifeLock, Avira, A...Show moreLast updated: 17 days ago