- Very strong technical understanding of the secure coding practices to develop secure code. Very good knowledge on OWASP vulnerabilities and remediation methods.
- He/she must have an experience in defining and setting up a team to perform application security testing as part of our SDLC process and lead the team, must have hands on experience on the manual testing tools like burp tools
- Strong ability to conduct internal application security tests on internal and cloud based applications, work with the Quality control team to develop test cases and execute these test cases
- Knowledge of security scanner tools like Burp, Acunetix, Nessus
- Conduct exploitation testing using off-the-shelf or self-developed exploitation tools and document findings for client remediation
- Perform application/application services vulnerability assessment & penetration testing, and source code reviews
- Serve as the point person for all external inquiries involving data security compliance issues, questions, resolution. This person should have experience with large organizations and have ability to interact with customers on security and privacy aspect
- Good understanding of attacks such as dhcp starvation, dns spoofing, email spoofing, phishing, DOS, DDOS, ARP poisoning, XSS, CSRF, SQL Injection, XXE, et c.
- Strong written and verbal communication to interact with internal & external stakeholders including clients.
- Fill out client’s risk assessment templates and questions to map criteria like Security, Integrity, Privacy etc. with respective policy and procedure documents and controls
- SMART by GEP is a SAAS (Software as a Service) solution deployed in the cloud environment. The service is used by fortune clients, the responsibility of this role is to lead the application security team to secure the application. Build a secure coding practice as the part of the SDLC (Software development life cycle) process to identify security bugs in the development stage and work with the development team to fix these issues
- Collaborate with the development and engineering team to identify and evaluate the new technology to enhance the effectiveness of the controls by automating the process
Why Join us?
GEP is different. It’s a place where individuality is prized and talent respected. We don’t spout jargon, but remain focused on what is real and effective. We are a meritocracy where good ideas and great people get noticed, results matter, and ability and hard work drive achievements.
We recognize people who make a genuine difference by rewarding them well. We’re also a learning organization, actively looking for people to help shape, grow and continually improve us.
Are you one of us?