Application Security Assessment Manager
Job Description:
Job Title: Application Security Assessment Manager
Department: RMD
Reports to: CISO
Experience: 5-8 years of application security testing, Penetration testing and Secure Code review and managing team of Application assessors for thick clients, web and mobile applications
Required Qualification: BE / MCA/ M.Tech – IT/Cyber Security
Preferred Qualification: Professional Certification like Certified Ethical Hacker / Offensive Security Certified Professional (OSCP).
Skill, Knowledge & Trainings:
Understanding and hands on experience of various security tools such as Burp Suite, Acunetix, Checkmarx, ZAP, Echo Mirage, Fiddler, sqlmap, nmap and operating systems like Kali linux.
Knowledge of OWASP, Common Vulnerabilities and Exposures.
Familiarity with security frameworks like ISO 27001 and risk management methodologies. Core Competencies:
Web, mobile and Thick client application penetration testing
Secure Code review using tools like Checkmarx
Hands on experience on black box and white box security assessments.
Can perform Threat profiling and Threat modelling, Analyze vulnerabilities, perform an impact analysis and risk mapping as per standards such as OWASP, Common Vulnerabilities and Exposures (CVE)
Functional Competencies: An analytical mind with excellent problem-solving ability.
Outstanding communication and organization skills.
Ability to work under pressure in a fast paced environment.
Managing Application security testing teams and ensuring that the applications are effectively assessed with in the planned timelines. Job Purpose: To perform and manage team to complete Application security and Secure Code assessments to identify the vulnerabilities in business applications and ensures the applications security risks are identified and support in mitigation. Area of Operations Key Responsibility Application Security assessments The calendar for App sec is drawn for every year and ensure that planned application testing is carried out as per schedule
Lead the team of Application testers and participate in the application security assessments as mentor
Ensure that the applications are effectively assessed with in the planned timelines.
Understand the application and business flow.
Prepare the test plan and test cases for the application security testing.
Tool based and manual “web application and Mobile application” security / penetration testing.
Tool based and manual “thick client (exe based)” application security / penetration testing
Tool based “Secure Code review” for application source code.
Review the detailed Application security assessment reports and ensure that reports are complete in all aspects and issues are published to the respective teams.
Presents the Appsec findings to business owners and the management.
Discussing the reported vulnerabilities with the application development team for remediation.
Carry out Periodic Application security assessments and Secure code review.
Carry out pre-implementation Application security assessments and Secure code review.
Carry out validation testing for the fixed vulnerabilities.
Support the development team in understanding the application security issues.
Maintains secure application development practices.
Company Profile
RBI Bank created group which is leading Financial company into --- and settlement functions provide guaranteed --- and settlement functions for transactions in Money, G-Secs, Foreign Exchange and Derivative markets. It also provides non-guaranteed settlement for Rupee interest rate derivatives and cross-currency transactions through --- CLS Bank. It has also set up a Trade Repository to enable financial institutions to report ---ir transactions in OTC derivatives.
Apply Now
- Interested candidates are requested to apply for this job.
- Recruiters will evaluate your candidature and will get in touch with you.