Jobbeschreibung:

Job Responsibilities Support asset development, process establishment. Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CheckMarx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. Reporting/Dashboarding/Retesting and participation in conference calls with clients to review assessment results and consult with the clients on remediation options. Participating/Driving conference calls with potential clients to scope out newly requested security projects and estimate effort and resource requirement to complete the project etc.

Skills Required Mandatory: 8-10 years of strong Application Security experience in S-SDLC Threat Modeling, Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing, Firmware Assessment. Expert in Application Security process establishment. Through exposure on DevSecOps implementation/integration. Deep hands-on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. Security tool experience - HCL AppScan/CMx/Forfity/Nessus/MetaSpolit, Web Proxy Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. Independent global client handling AppSec delivery exposure. >=2 years. Moderate exposure on AppSec technical solutioning, estimation and RFP/RFI response, Client presentation. Excellent interpersonal skill.

• Depending on the work environment, the subject matter expert may lead or be an active participant of a work-group with the need for specialized knowledge.
• Meet all agreed-upon turnaround times for deliverables, deliverable reviews, or deliverable sign-off
• Understands, articulates and implements best practices related to his area of expertise.
• Provides guidance on how his area of capability can resolve an organizational need and actively participates in all phases of the solution life cycle. Design Solutions and best practices to meet clients objective.
• Work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data