Requirements / Responsibilities:
• Should have 2 – 4 years of experience in technology and information systems for the Web Applications
• Experience with any of the common static and dynamic analysis tools (Fortify, Web Inspect, AppScan, Burp, etc.)
• Knowledge on security standards, security systems and authentication protocols
• Implement secure development best practices and coordinate Vulnerability assessment, penetration testing, code review etc.
• Preferable to have basic development knowledge in .Net / Java /C++ and be able to read and understand the coding logic.
• Should have an understanding on security remediation .
• Collect application vulnerability metrics and introduce automated security checks into application build process
• Must hold either of the Security Certification like CEH .
• Knowledge of OWASP tools and methodologies, SANS, MITRE procedures
• Understanding the common authentication models (SAML, OAuth, OpenID, etc.) is preferred. Working knowledge in Load balancer, WAF, Owasp is preferred
• A software development and application security background is preferred