Senior Application Security Specialist

Role Summary

• Responsible to ensure the implementation of security standards and compliance practices in various SDLC phases.
• Lead and mentor the team, collaborate with onsite and offshore teams to implement and ensure application security standards and practices.
• Perform various application security audits, tests and assessments to ensure security complaince within SLA.

Role Description

• Review the application features and enhancement design, perform code review and provide security specific recommendations and best practises in each SDLC phase
• Perform penetration test on web applications, identify the vulnerabilities, report security issues, suggest remediation measures and guide the development team to resolve the issue
• Execute automated scan on web applications using various SAST and DAST tools, triage the issues, identify true positives and work with the development team for resolution
• Collaborate with development team to review, recommend and consult on security concerns and set secure architecture standards
• Perform security controls assessments, recommend and update application security policies and procedures to keep up with the security trends and changing internal and external requirements
• Perform domain audits with help of OSNIT tools
• Collaborate with clients and third parties, provide technical support for penetration tests and audit of the products
• Review, evaluate and recommend security best practices for AWS cloud specific implementations of SDLC
• Analyse, review and suggest new application installations, test various features and fuctionalities and collaborate with IT helpdesk team through the process of application whitelisting
• Design and implement application and web-based security trainings across the organization
• Develop tools to automate security testing, design and implement strategies to enhance the efficiency of secuity bug discovery and resolution
• Lead and mentor the team, provide technical and non-technical guidance for their overall development
• Lead the vulnerabiility management by collaborating with development leads, managers to ensure vulnerabalities are remediated within SLA

.

Exposure and Experience

• Minimum 6 years experience in web application security
• Expert knowledge in Software Development Life Cycle
• Experience in Security Controls Assessment, Vulnerability Management, Penetration Testing and Application Whitelisting.
• Domain knowledge on Investment Banking/Wealth Management would be an added advantage
• Education: BTech/ M Tech