Application Security Engineer Jobs in Gurgaon - For a Client of Teamlease Digital
Job Description
Required:
· Minimum of 5-8 years’ experience in application security development, security testing, deployment and security management phases;
· Deep interest in application specific vulnerabilities, code development and infrastructure knowledge;
· Investigative and analytical problem-solving skills;
· Experience in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.)
· Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles;
· Hands-on experience in running, installing and managing DAST solutions such as web inspect and AppScan;
· Hands-on experience in performing code review of dot Net, Java and Swift and objective C code;
· Hands-on experience in running , installing and managing SAST solutions such as Checkmarx and Fortify
· Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk;
· Hands-on experience in integrating security tools in DevOps processes;
· Hands-on on at least one CI/CD tool set such as team city, Bamboo, Jenkins, Chef, Puppet, selenium;
· Knowledge of cloud environments and deployment solutions such as server less computing;
· Hands on experience in penetration testing of mobile, desktop and web applications.
· Hands on experience on application containers such as Dockers and Kubernetes;
· Possession of excellent oral and written communication skill; and
· Knowledge of one or more scripting languages for automation and complex searches
Preferred:
· Bachelors in computer science or other technical fields;
· Experience with application monitoring, Managed Services business primarily on DevOps, Threat and Vulnerability Management for Application infrastructure, source code verification, link analysis, and threat modeling;
· Solid and demonstrable comprehension of Information Security including OWASP/SANS, Security Test Case development (or mis-use case), OOAD notations, emerging threats, attacks, and vulnerability management
· Understanding of security essentials including; networking concepts, defense strategies, and current security technologies
· Ability to research and characterize security threats to include identification and classification of application related threat indicators; and
· Certification such as SANS Secure Coding, Security Engineering, Web Application Security, ISC2 CSSLP, OSCP etc. are preferred.
