Risk Assessment Expert

Risk Assessment Expert

2 Nos.
6479
Full Time
5.0 Year(s) To 10.0 Year(s)
10.00 LPA TO 20.00 LPA
Job Description:
Job Description 

 

Purpose of the role

 

Application Security – Risk Assessment & Consultancy group is responsible for ensuring that the organization's applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of applications. The person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy.
 
The role will focus on reviewing application security mechanisms inbuilt into the applications, by carrying out Security reviews i.e. Secure Design Review and Threat Modeling. The job involves working closely with development groups, Enterprise Architecture so that the applications are compliant with company's Information Security Standards.
 
The successful candidate will be able to demonstrate an innovative and enthusiastic approach to technology and problem solving, will display good interpersonal skills and show confidence and ability to interact professionally with people at all levels.

 

Key Accountabilities

  • Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling.
  • Liaison with Developers, Architects, Project Managers to understand the working of an application, how effectively they are implemented and where security mechanisms are employed.
  • Understand the business requirements, evaluate potential products / solutions and provide technical recommendations.
  • Be "hands on" with technology and to contribute to the design, development and support of projects with the Security recommendations.
  • Review design and development artefacts to ensure security quality in the products being developed.
  • Protect company's information assets by promoting the understanding and acceptance of Information Security Policy and Standards.
  • Contribute to Enterprise Architecture in definition of the technology stack and various standards and guidelines for development teams

 

Skills and Experience

  • 5+ years of providing application security services with exposure to application lifecycle security.
  • Strong understanding of attack vectors from OWASP, WASC and mitigation of the same.
  • Strong understanding of general security concepts and principles and application specific security concepts and principles.
  • Strong understanding of Software Development Life Cycle (SDLC) with a focus on security.
  • Strong understanding of protocols (HTTP, HTTPS, SSL, TLS)
  • Strong understanding of Threat Modeling, assessment of impact and likelihood of threat scenarios
  • Strong understanding of applications design and architecture
  • Strong understanding of Encryption (both Symmetric and Asymmetric), hash algorithm its principles and proper applicability.
  • Strong understanding of Public Key Infrastructure, SSL/TLS Protocols and digital signature principles.
  • Strong understanding in  common web technologies, including browsers, HTML, XML, HTML5, Ajax, JASON, WebServices, JavaScript and WebServers, database
  • Understanding and knowledge on other security domains including Network, IAM, Data & Compute
  • Capable of understanding end user requirements from security perspective.
  • Understanding of emerging technologies and corresponding security threats
  • Sound business and technical acumen
  • Problem-solving and critical-thinking skills.
  • Focused and versatile team player
  • Self-motivated, flexible
  • Professional Qualification : CISSP/CSSLP will be an added advantage
Company Profile

--- Technologies has a span history of growth and success. Founded in 1996, --- started off as an IT consulting partner for one of the most recognized brands in the agricultural equipment manufacturing industry. With steady and planned growth, ---’s vision went global in the year 2000, with introduction of offshore operations in Indore, India. Named as of one of the “Fast 500 companies”, --- has grown organically through strategic acquisitions. We currently have over 4500 global employees, and growing.

Apply Now

  • Interested candidates are requested to apply for this job.
  • Recruiters will evaluate your candidature and will get in touch with you.

Similar Jobs

Urgent Opning For Qa/Qc Inspector
Quality Engineer,QA Testing,QC Inspection
Human Resource Intern
HR,Intern,Campus Recruitment,Bulk Hiring
Desktop Support
Technical Support,Desktop & Network,Desktop Support,Desktop Administrator
Business Development Executive
Business Development,Sales ,Client Relationship