Application Security Assessment Manager

Application Security Assessment Manager

1 Nos.
45085
Full Time
5.0 Year(s) To 8.0 Year(s)
19.00 LPA TO 20.00 LPA
IT Infrastructure & IT Security / Support
Banking/Financial Services
B.Tech/B.E. - Computers
Job Description:

Job Title: Application Security Assessment Manager

Department: RMD

Reports to: CISO

Experience: 5-8 years of application security testing, Penetration testing and Secure Code review and managing team of Application assessors for thick clients, web and mobile applications

Required Qualification: BE / MCA/ M.Tech – IT/Cyber Security

Preferred Qualification: Professional Certification like Certified Ethical Hacker / Offensive Security Certified Professional (OSCP).

Skill, Knowledge & Trainings:

Understanding and hands on experience of various security tools such as Burp Suite, Acunetix, Checkmarx, ZAP, Echo Mirage, Fiddler, sqlmap, nmap and operating systems like Kali linux.

Knowledge of OWASP, Common Vulnerabilities and Exposures.

Familiarity with security frameworks like ISO 27001 and risk management methodologies. Core Competencies:

Web, mobile and Thick client application penetration testing

Secure Code review using tools like Checkmarx

Hands on experience on black box and white box security assessments.

Can perform Threat profiling and Threat modelling, Analyze vulnerabilities, perform an impact analysis and risk mapping as per standards such as OWASP, Common Vulnerabilities and Exposures (CVE)

Functional Competencies: An analytical mind with excellent problem-solving ability.

Outstanding communication and organization skills.

Ability to work under pressure in a fast paced environment.

Managing Application security testing teams and ensuring that the applications are effectively assessed with in the planned timelines. Job Purpose: To perform and manage team to complete Application security and Secure Code assessments to identify the vulnerabilities in business applications and ensures the applications security risks are identified and support in mitigation. Area of Operations Key Responsibility Application Security assessments The calendar for App sec is drawn for every year and ensure that planned application testing is carried out as per schedule

Lead the team of Application testers and participate in the application security assessments as mentor

Ensure that the applications are effectively assessed with in the planned timelines.

Understand the application and business flow.

Prepare the test plan and test cases for the application security testing.

Tool based and manual “web application and Mobile application” security / penetration testing.

Tool based and manual “thick client (exe based)” application security / penetration testing

Tool based “Secure Code review” for application source code.

Review the detailed Application security assessment reports and ensure that reports are complete in all aspects and issues are published to the respective teams.

Presents the Appsec findings to business owners and the management.

Discussing the reported vulnerabilities with the application development team for remediation.

Carry out Periodic Application security assessments and Secure code review.

Carry out pre-implementation Application security assessments and Secure code review.

Carry out validation testing for the fixed vulnerabilities.

Support the development team in understanding the application security issues.

Maintains secure application development practices.

Company Profile

RBI Bank created group which is leading Financial company into --- and settlement functions provide guaranteed --- and settlement functions for transactions in Money, G-Secs, Foreign Exchange and Derivative markets. It also provides non-guaranteed settlement for Rupee interest rate derivatives and cross-currency transactions through --- CLS Bank. It has also set up a Trade Repository to enable financial institutions to report ---ir transactions in OTC derivatives.

Apply Now

  • Interested candidates are requested to apply for this job.
  • Recruiters will evaluate your candidature and will get in touch with you.

Similar Jobs

Sr Tech Support Engineer - AVS
Windows operating systems,Linux,Windows patching,ADS
KMBL/App Security Technology Risk/ Goregaon
Secure Coding,Vulnerability,SAST ,DAST
Red Team Assessment-Mumbai
Red Team,Penetration testing
Application Security - Thane
Application security,Web Applications,Mobile Application,Vulnerability Testing
Application Security - Mumbai
application security,web application,VAPT