SME - Web App firewall, Cloud Security, Palo Alto Firewalls

HCLTech


Date: 9 hours ago
City: Greater Noida, Uttar Pradesh
Contract type: Full time
Greater Noida, Uttar Pradesh
Job Summary

Job Summary : Application Security Engineer The Application Security Engineer (Threat Modeling) operates as a mid-level individual contributor focused on securing our business-standard web applications. In this role, you will own the day-to-day security-by-design initiatives by systematically applying the STRIDE methodology to identify architectural flaws before code deployment. You will collaborate directly with product engineering teams to uncover and mitigate Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege risks.

Job Description : Professional Skills\\\\r\\\\n• Independent Execution: Ability to manage multiple threat modeling projects concurrently with guidance only on highly complex architectures.\\\\r\\\\n• Engineering Empathy: Skill in collaborating constructively with software engineers, offering practical remediation advice rather than just pointing out flaws.\\\\r\\\\n• Clear Communication: Ability to articulate technical security risks and their direct business impacts clearly in both written reports and verbal discussions.\\\\r\\\\n

Key Responsibilities

Job Responsibilities : Key Responsibilities • Conduct STRIDE Assessments: Independently perform threat modeling on core web applications, APIs, and microservices using the STRIDE framework. • Deconstruct Web Architecture: Analyze data flow diagrams (DFDs), component architecture, and trust boundaries to map out potential attack paths. • Define Actionable Requirements: Translate STRIDE findings into clear, developer-friendly user stories and acceptance criteria within Jira or engineering backlogs. • Track Mitigation Lifecycles: Monitor the implementation of security controls (e.g., proper encryption, secure session handling, robust logging) and verify remediation. • Maintain Threat Repositories: Keep threat models up to date as application features evolve, maintaining a clear picture of the application\'s risk posture.

Skill Requirements

Skill Requirement : • Web App Security Expertise: Solid understanding of web technologies, HTTP protocols, browser security (CORS, CSP, SameSite cookies), and the OWASP Top 10. • Practical STRIDE Skills: Demonstrated experience breaking down functional application designs into STRIDE categories to catch flaws early. • Modern Development Stack: Familiarity with standard web stacks (e.g., React, Node.js, Java, .NET) and modern CI/CD software pipelines. • Threat Modeling Tooling: Hands-on experience with tools like the Microsoft Threat Modeling Tool, OWASP Threat Dragon, IriusRisk, or similar diagramming solutions.

Other Requirements

Other Requirement : Technical Qualifications • Experience: 3 to 5 years of experience in Application Security, Product Security, or software development with a heavy focus on security design. • Web App Security Expertise: Solid understanding of web technologies, HTTP protocols, browser security (CORS, CSP, SameSite cookies), and the OWASP Top 10. • Practical STRIDE Skills: Demonstrated experience breaking down functional application designs into STRIDE categories to catch flaws early. • Modern Development Stack: Familiarity with standard web stacks (e.g., React, Node.js, Java, .NET) and modern CI/CD software pipelines. • Threat Modeling Tooling: Hands-on experience with tools like the Microsoft Threat Modeling Tool, OWASP Threat Dragon, IriusRisk, or similar diagramming solutions.

#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Gerente Control Logístico

CNH Industrial, Greater Noida, Uttar Pradesh
2 days ago
Descripción del puesto Gerente Control Logístico ID de solicitud de puesto: 4916 Ubicación del puesto: Greater Noida - India Category for Job Posting: Finanzas Job Type for Job Posting: Tiempo completo Working Mode for Job Posting: Totalmente presencial #body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-Enviar candidatura ahora Sobre nosotros Innovación. Sustentabilidad. Productividad. Así es...

Senior Resident / Attending Consultant– Emergency & Trauma Care

Sarvodaya Healthcare, Greater Noida, Uttar Pradesh
2 weeks ago
Non Medical 3-6 Years Sarvodaya Hospital, Greater Noida West (Noida Extension) Job Description Assess, diagnose, and manage emergency and trauma patients. Perform emergency procedures such as intubation, central line insertion, suturing, CPR, and resuscitation. Stabilize critically ill patients and coordinate referrals to appropriate specialties. Monitor patients under observation and ensure timely documentation. Participate in trauma codes, cardiac arrests, and disaster...

Sales Manager Holiday Inn Express Greater Noida Knowledge Park

Holiday Inn Express, Greater Noida, Uttar Pradesh
3 weeks ago
Your day to day Financial returns Monitors competitor’s activities and assists in marketing intelligence Aware of sales strategy and goals when selling to negotiate optimum rate for the benefit of the business Sells all facets of the hotel with a view to optimizing opportunities for revenue growth Monitors existing business and inputs into sales strategy meetings to maximize opportunities Grows...