Freshersworld does not charge any amount for job placement. Beware of fraudsters who ask you to pay on the pretext of giving a job. Know More

Post A Job

Application Security Engineer Jobs in Hyderabad - S&P Global

Application Security Engineer

S&P Global
experience-icon 0 to 3 Years
salary-icon Not disclosed
qualification-icon BCA, BE/B.Tech, Other Course
Expired

Posted: 12 Jan 21

Job Description

S&P Global Corporate

The Role: Application Security Engineer

Grade: 10

The Location: Hyderabad-Skyview

The Team

The Application security team is responsible to protect applications & product within the company which are built to empower the markets, the responsibility includes the team to protect from bad actors & making sure security hygiene is encompassed in the software development

The Impact

This role would be responsible for running Static & dynamic scans with in the SDLC, resource would also be responsible for working with developers to remediate the findings, provide fix recommendations, train the developers to implement secure coding practices, Code and Automate deployment of various tools in CI/CD

What’s In It For You

S&P’s environment gives a greater exposure to cutting edge technologies which the applicant could benefit for career progression the work environment is very flexible. The person in this role will also lead in securely building the application, deployment, and operations of all of our systems.

Responsibilities
  • Refine and drive widespread adoption of our secure development lifecycle process
  • Build partnerships with other development teams, be a source of expertise in security best practices
  • Architect tooling solutions evaluate them, deploy and work with developers to integrate them
  • Perform hands on assessments by reviewing code, identifying issues & providing recommendations to fix them
  • Develop and deliver engaging and memorable security trainings
  • lead enterprise wide penetration tests
  • Provide detailed guidance and support to teams in application vulnerability remediation
  • Build out secure API’s by partnering with developers and make sure the utilization is baked into development cadence
  • Provide application security guidance on cloud environments as well as non-cloud environments
  • Communicate relevant metrics and trends to the technology leadership team.
  • Ensure stakeholder satisfaction
  • Code and Automate deployment of various tools in CI/CD using Ansible

Basic Qualifications

What We’re Looking For:

4+ years of Experience in Application security

1+ years of Experience in Development [ Java, .Net, Python, Powershell]

Seeking a motivated and collaborative application security lead to help us implement secure development lifecycle program. This role requires interpersonal skills as well as a deep and broad understanding of S&P’s overall business strategy, overall architecture and products. The individual must be technical and collaborative with an ability to influence Architects & Developers to build security into the Software Development Lifecycle.
  • Generalists who love learning new things and concocting creative security solutions for novel and risky functionality
  • 4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and threat modeling
  • 1+ years experience in conducting mobile pentest’s & assessments
  • Experience with static code analysis tools (Fortify)
  • Experience with Dynamic analysis tools (WebInspect)
  • Experience with Software Composition Analysis (Whitesource)
  • Experience using Xcode, MobSF, Charles, Genymotion , other mobile pentesting tools
  • Deep understanding of common web application attacks

Preferred Qualifications

  • Experience & ability to run
    • Dynamic vulnerability assessments (DVA)
    • Static vulnerability assessments (SVA) – Code reviews
    • Software composition analysis (SCA)
    • Mobile vulnerability Assessments (MVA) – IOS & Android
    • Penetration Tests
    • Training & Empowering Developers on Security principles & coding practices
    • Define security in design requirements in software development & work with developers to bake it in the design
    • Perform hands on Application Security assessments using commercial & open source tools
    • Configure scans & establish baseline scans using Fortify/Webinspect
    • Vulnerability Research & Discovery.
    • Work with the Development team to provide recommendations & build maturity levels to enable self service

    Good To Have Working Knowledge On The Below Tools/Platforms
    • HP Webinspect, HP Fortify, Kali Linux, Burp suite pro, Charles proxy, Dex 2 jar, Azure Devops, Jenkins, Ansible, Genymotion, Whitesource, Twistlock, Threat modeler, wireshark, tcpdump, ZAP. 

    Job Particulars

    Education BCA, BE/B.Tech, Other Course
    Who can apply Freshers and Experienced (0 to 3 Years )
    Hiring Process Face to Face Interview
    Employment Type0
    Job Id1089779
    Locality Address
    State Telangana
    Country India

    About Company

    S&P Global
    Jobs By Location
    Job & career videos
    scroll-icon scroll-icon
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    scroll-icon youtube-img
    ARE YOU A FRESHER? REGISTER NOW
    Looking for your first Dream Job?
    Update Resume
    Upload Resume