Tech Lead - #941469

24 7 ai

Date: 1 week ago
City: Bengaluru, Karnataka
Contract type: Full time

The overall responsibility of the team is to provide assurance to the management on the Information Security, Compliance and Risk Management of the organization globally. The candidate would be expected to work with various teams to identify and implement the Product application and Infrastructure security requirements globally.

Minimum requirements (Education Qualification & Work Experience)

  • Qualification Required: Bachelor/Master Degree in either Computer Engineering or Information science
  • Certification preferred: OSCP, OSCE, ECSA|LPT, CPT, CEH
  • Minimum experience: 5-7 years in Vulnerability Management- Application, Infrastructure Cloud, Mobile Security stream, secure code review and IoT

Competency Requirements :

  • Hands-on experience in performing Network, Web-based, cloud applications security assessments including threat modelling, vulnerability assessments, and penetration testing.
  • Knowledge of current information security trends.
  • Knowledge of security bug classification frameworks such as CVSS and DREAD, and experience applying security bug classification methods.
  • Experience on Web Service vulnerability assessment
  • Knowledge on Mobile Applications (IOS/Android)
  • Understanding and familiarity with common code review methods and standards
  • Develop POCs to demonstrate security issues.
  • Experience with web application vulnerability scanning tools (e.g., Acunetix, NTO Spider, Burpsuite Pro, Web Inspect, Core Impact)
  • Experience with Network assessment tools and Exploitations (e.g., Kali Framework, Qualys Guard, Nessus, Nexpose, Nmap, Metasploit, Saint)
  • Experience in performing static code review (e.g., Checkmarx, HP Fortify, IBM Appscan Source)
  • Experience in atleast 2 scripting languages such as Python, Perl, PHP, Ruby etc.
  • Capable to assess an application using OWASP, OSSTMM, CESG, CREST, NIST, ISSAF, PTES methodologies
  • Knowledge of standard SDLC practices and flexible to work on Agile Modules
  • Minimum 5-7 years work experience in application and network security
  • Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB)) and DAST code review will be an add-on
  • Knowledge of operating systems preferably Windows / Linux / UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipments.
  • Experience in providing technical oversight to other project team members to maintain engagement quality.
  • Experience in mentoring, coaching staff and ability to lead teams under demanding circumstances to accomplish project team objectives.
  • Good understanding of PCI, SOC and GDPR security guidelines and rules

Other Requirements:

  • Strong ethics and understanding of ethics in business and information security
  • Proficiency in English (both written and oral communication skills)
  • Ability to complete tasks and deliver professionally written reports for clients
  • Ability to present findings to technical staff and executives
  • Ability to interact with 247 customers to review their requirements

Job Responsibilities

  • Carry out and own closures for Vulnerability Assessment and Penetration Testing for Infra, Web Applications and Web Services/API.
  • Perform both Manual and Automated Security Testing for identifying vulnerabilities.
  • Perform periodic Configuration audits on Network Devices, Servers and other critical functions.
  • Perform code review across a variety of programming languages and provide recommendations for preventive and corrective actions.
  • Performing assessments of SDLC processes
  • Developing testing scripts and procedures
  • Other security-related projects that may be assigned according to skills
  • Continually evaluates Application architecture in order to enhance process design
  • Evaluate suspected vulnerabilities, work with subject matter experts, and recommend corrective actions.
  • Evaluating security products and recommending the solutions
  • Advisor to various projects regarding Secure Coding Standards and Security Information Management

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a CV

Similar Jobs

M&C Web Professional

Ericsson, Bengaluru, Karnataka
29 minutes ago
About this opportunity Unit Overview The Hub India Web Tools and Technology unit within Group Function Marketing & Communications (GFMC) is responsible for the development and production projects of capabilities, systems, and tools for the global Marketing & Communications staff. We are seeking a highly skilled and creative Digital Marketing Web UX Professional to join our team. The position reports...

Adobe Campaign Developer | 6-9 Years | Mumbai, Bangalore, Chennai

Capgemini, Bengaluru, Karnataka
15 hours ago
Job DescriptionSupport and Maintenance of customers Adobe Campaign Classic platformResponsible for handling tickets in Production environmentPerform RCA on recurring issue and provide permanent fixesMonitoring of the workflow and taking corrective actionsCoordination of system-related activities between user and multiple technical teamsResponsible for the upkeep and maintenance of Adobe Campaign application servers and coordination with DBA'sUnderstanding integration of Adobe with other applications.Primary...

Recruiter, Professional Search

Kornferry, Bengaluru, Karnataka
20 hours ago
Position SummaryWe are seeking entry-level Recruiters to join our Professional Search team in Bangalore to support our Interim practice. In this role, you will support our US business, working US hours and responsibilities will include:Focus on direct sourcing methodologies to attract top talent for roles across the region.Managing the recruitment cycle from initial hiring manager briefing through to offer management.Engage...