Talent.com
This job offer is not available in your country.
Application Security Analyst - CCNA

Application Security Analyst - CCNA

Vitasta ConsultingChennai
30+ days ago
Job description

Primary / General Job Purpose :

  • Encourage Shift Left Mindset - Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle
  • Implement via Influence - Influence stakeholders such as Product Owners, Solution Architects, Developers, Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees
  • Assessments Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes.
  • Key Skills Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.
  • Tools and Technologies Burp Suite, Postman, Tenable Nessus, Checkmarx SAST, GitHub and good knowledge about monolithic and microservice architecture and pipeline driven security.

Application Security - Assessment Skillset :

  • Web Application Security Owasp top 10 , CVSS etc
  • Security Code Review manual code review in Git etc
  • API Security Review Open shift, container review etc.
  • Database Security Requirements to enhance security on Database
  • Web Server Security Requirements to enhance security on the web server
  • Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.
  • Integration review How the application connects with different systems, performed security review on those integrations.
  • Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.

    • Knowledge & Skills - Technical, Functional & Managerial :

  • Expert at the Web Application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc. (Essential)
  • Good understanding of Microservice based architecture (Technical) (Essential)
  • Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection / detection & API / Micro services Security (Essential)
  • Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST / SAST tools and building Evil Stories (Technical) (Essential)
  • The Analyst / Engineer should be able to understand how different systems work and what security controls are implemented in such integrations. (Essential)
  • The Analyst / Engineer should be capable in understanding the hardening standards, creating one if not available, and perform the testing against the hardening standards. (Essential)
  • The Analyst / Engineer should be capable of assessing security flaws in underlying infrastructure and the connected components. (Essential)
  • The Analyst / Engineer should be capable of assessing the security flaws in the Transport Layer. (Essential)
  • The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise.
  • The Analyst / Engineer can understand and interpret potential issues found in source or compiled code
  • The Analyst / Engineer has automation skills / capability in the form of scripting or similar
  • The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures
  • Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and / or during agile ceremonies, via Evil Stories Desirable
  • The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance Desirable
  • The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams. Desirable
  • The Analyst / Engineer can interpret and understand vulnerability assessment reports and calculate inherent and / or residual risks based on the assessment of such reports
  • Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team.
  • Good negotiation skills will be desirable Desirable
  • Must have good judgment skills to decide on an exception approval
  • Ability to enforce improvements when necessary, using Influence rather than Policing measures Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders
  • Knowledge of application of Agile methodologies / principles such as Scrum or Kanban

    • (ref : hirist.tech)

    Create a job alert for this search

    Application Security • Chennai

    Related jobs
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaChennai, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer, SOC

    Senior Security Engineer, SOC

    PoshmarkChennai, Tamil Nadu, India
    Monitor and analyze security event logs and alerts to detect potential incidents, and lead investigations for containment, eradication, and recovery. Lead security incident investigation, containmen...Show moreLast updated: 3 days ago
    • Promoted
    Security Analyst

    Security Analyst

    Total CollectR Virtual Collector & Debt NegotiatorChennai, IN
    SaaS platform that helps businesses manage past-due debt collection accounts.We create better consumer experiences, help our customers collect more and empower our employees to succeed through cust...Show moreLast updated: 3 days ago
    • Promoted
    Lean- Site Continuous Improvement Leader (Oragadam)

    Lean- Site Continuous Improvement Leader (Oragadam)

    GKN AutomotiveOragadam, tamil nadu, in
    Join Us as a Lean – Site Continuous Improvement Leader.Bachelor’s Degree or Equivalent.Are you a change agent with a passion for lean thinking and operational excellence? Do you thrive in environme...Show moreLast updated: 25 days ago
    • Promoted
    Applications Security Engineer

    Applications Security Engineer

    Cyanous Software Private LimitedChennai
    Role Summary : The application security program is designed to ensure that any software developed or acquired meets stringent standards while enabling rapid i...Show moreLast updated: 30+ days ago
    Application Security

    Application Security

    Vitasta Consulting Pvt LtdChennai, TN, Tamil Nadu, IN
    Verdana,Geneva,sans-serif;"> Show moreLast updated: 30+ days ago
    • Promoted
    Application Security Engineer

    Application Security Engineer

    ConfidentialChennai
    Conduct DAST (manual and automated) for web, API, and thick client applications.Perform manual code reviews and mobile application VAPT (static and dynamic). Execute infrastructure VA and configurat...Show moreLast updated: 4 days ago
    • Promoted
    Senior Security Engineer - CyberArk PAM

    Senior Security Engineer - CyberArk PAM

    Cynosure Corporate SolutionsChennai
    Role Purpose : We are seeking a Senior Security Engineer with a strong foundation in security incident response, infrastructure security, and expe...Show moreLast updated: 23 days ago
    • Promoted
    Information Security Analyst - SOX Testing

    Information Security Analyst - SOX Testing

    DDHr SolutionsChennai
    Expertise in ITGC & SOX : - Strong knowledge of IT General Controls (ITGC) and practical experience in ensuring compliance with SOX fra...Show moreLast updated: 6 days ago
    • Promoted
    Director, Application Security

    Director, Application Security

    ConfidentialChennai
    Required Skills / Qualifications : .Strong leadership skills, including program management, performance management, and team development / mentoring. Minimum of 7 years of experience, with at least 2 year...Show moreLast updated: 30+ days ago
    • Promoted
    Security Operations Center Analyst

    Security Operations Center Analyst

    CBTSChennai, Tamil Nadu, India
    Security Implementation and Operations - Operationalize documented compliance policies and deliver day-to-day security operations and support Administer security applications and infrastructures Re...Show moreLast updated: 22 days ago
    • Promoted
    Cloud Security Architect

    Cloud Security Architect

    CloudThatchennai, tamil nadu, in
    Strategic role ensuring secure cloud design by reviewing infrastructure, tools, and practices across full cloud lifecycle. Own end-to-end security in project life cycle.Perform security design revie...Show moreLast updated: 25 days ago
    • Promoted
    PAM Security Analyst

    PAM Security Analyst

    ConfidentialChennai
    Diensten Tech Limited is hiring a.If you have a passion for safeguarding sensitive data and implementing cutting-edge security solutions, we want to hear from you!. Privileged Access Management (PAM...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Analyst - MS Defender

    Cyber Security Analyst - MS Defender

    MizuhoChennai, Tamil Nadu, India
    Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part o...Show moreLast updated: 5 days ago
    • Promoted
    Oracle Cloud ERP Senior Analyst (Security and Risk Management)

    Oracle Cloud ERP Senior Analyst (Security and Risk Management)

    Sikich IndiaChennai, IN
    Oracle Cloud ERP Senior Analyst.Security and Risk Management) with 5+ years of related experience in Oracle Cloud or any other Tier 1 ERP application. Accounting, Advisory, and Technical professiona...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Analyst

    Information Security Analyst

    LexitasChennai, Tamil Nadu, India
    Lexitas is a high growth company.The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driv...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    ConfidentialChennai
    We are hiring a Security Analyst to work on our growing IT Security team.This position will primarily monitor our computer networks and IT assets for security issues. install, operate, and maintain...Show moreLast updated: 30+ days ago
    • Promoted
    Cloud Security

    Cloud Security

    Tata Consultancy ServicesChennai, Tamil Nadu, India
    Tata Consultancy Services is hiring for Cloud Security.Location : Bangalore / Pune / Hyderabad.We are seeking a Cloud DevOps Engineer with hands-on experience in cloud-native environments and prefer...Show moreLast updated: 30+ days ago