This post may contain affiliate links so I earn a commission. Please read my disclosure for more info.
A Career Opportunity with Principal Global Services, Pune
Hiring Orgnization: Principal Global Services
Job Location: Pune, Maharashtra
Employment Type: Full Time
Experience: 5+ Years
Valid Through: Please check official website for more details
Base Salary: Best In the Industry
Category: Jobs in Pune
Principal Global Services is a Global In-house Center, dedicated to supporting Principal Financial Group achieve our common purpose of empowering and enabling our customers across the globe by protecting and advancing their financial well-being through retirement, insurance and asset management solutions.
Since our inception in 2006, our continued focus has been to take our services to the next level of providing solutions, which has been further reinforced with stimulating results and a clear strategic direction.
|Employment Type||Full Time|
|Industry||Information Technology & Services|
|Job Functions||Information Technology|
- The application security consultant is responsible for working with application development and infrastructure teams to ensure applications are designed, coded, and implemented securely.
- S/he will be will act as a subject matter expert on design review, code review, and dynamic analysis.
- This is a hands-on technical position that you will find yourself collaborating with multiple groups across the organization. Strong communication skills are needed to explain complex security to a wide variety of technical levels.
- Experience as a developer is helpful, but not required.
This role reports to Delivery Manager / Sr. Delivery Manager / Solution Architect / Sr. Solution Architect
In order of importance, list the essential functions (9 maximum) of this position and estimate the percentage of time spent on each (for non-officer). Begin with an action verb and describe an end result. Note: Accountabilities transfer directly to the performance appraisal form.
- Recognized as a go to person for internal product security engineering questions/requests
- Ability to perform proactive research to detect new attack vectors Ability to work in a fast-paced environment
- Ability to consider the context of the organization and environment to properly prioritize issues
- Can think about problems from an out-of-the box perspective, doesn’t always default to industry norms
- Strong ability to analyze and resolve cyber security issues.
- Ability to Conduct design review, code review, and dynamic analysis
- Serve as a subject matter expert for application development teams
- Ability to Communicate effectively with a wide variety of technical levels
Graduate from any stream preferably Computer Science or Engineering
Cyber security professional with real-world attack simulation design experience to assess and significantly improve the effectiveness of an entire information security program
Perform web and mobile application testing, source code reviews, embedded, API, thick client security assessment review
- 5+ Years of Experience in Application Penetration Testing, Secure Development Life Cycle ( nice to have)
- Sound knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, WASC, etc.) and programming patterns that lead to them, as well as remediation techniques
- Sound Knowledge on Network Protocols.
- Experience with enterprise applications (architecture, development, support, and troubleshooting)
- Working knowledge of authentication and identity management technologies
- Strong interpersonal and communication skills; ability to work in a team environment
- Ability to work independently with minimal direction; self-starter/self-motivated
- Perform web, API endpoints, Thick client, embedded, mobile Application Vulnerability testing.
- Meet with application team to collect information and determine scope of testing
- Install, configure, use and maintain scanning and testing tools. Knowledge/Experience of working with required tools, Burp Suite & IBM Security AppScan, Veracode, Interactive TCP relay, winhex, echo Mirage is required.
- Manually verify security vulnerabilities identified by automated tools
- Perform manual testing to supplement results of automated scanning and testing tools
- Provide status and resolve issues that impact testing as required
- Document identified security vulnerabilities and related matters in a clear, concise and timely manner
- Meet with the application teams to review, describe and explain identified security vulnerabilities and possible remediation
- Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities
- Knowledge of current threat landscape both globally and locally, various cyber security domains, focusing on application security
- Strong understanding of OWASP, NIST and CAPEC frameworks
- OSCP, OSWE, ISC2 CISSP, CSSLP, GIAC GWAPT, GIAC GSSP-Java, GIAC GSSP-NET Preferred
For More Information Visit : Principal Global Services, Pune, Maharashtra, India
|Jobs in Aurangabad @ Siemens Technology India, Aurangabad|
|For IT Jobs in Pune Checkout: JobYojana.com|
|Top IT Companies in Pune|
Please Share resume on Official Sites, Third Party Website may use data for unwanted reasons.