Are you looking for a Job in App Development Field then this post may be relevant to you.
Job Details:
Position Name : Sr. Consultant – Security Architecture Review+App Sec / Compliance
Location: Mumbai, Maharashtra
Job ID : 933b4d6722f1a2bb
Description : Responsibilities:
Lead SecArch deep dives with the requestor of the assessment
Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
AAA – Authentication, Authorization, Auditing
Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation
Secure data transport and storage
Periodically review security reference architecture (security blueprints) and conduct updates/enhancements
Participate in various Operational and Technology Risk governance processes
Assist in identifying new areas and opportunities of technology investment for the firm
Desired Profile:
Excellent communication skills: written, oral, presentation, listening
Ability to influence through factual reasoning
Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking
Strong focus on delivery when presented with short timelines and increased involvement from senior management
Ability to adjust communication of technology risks vs business risks based on the audience
Security Architecture Skills
Required – In depth knowledge of application and basic knowledge of and network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers
Required – Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy-in.
Required – Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
Required – The candidate must have working experience in the following application/network security domains:
Authentication: SAML, SiteMinder, Kerberos, OpenId
Entitlements and identity management
Data protection, data leakage prevention and secure data transfer and storage
App Security – validation checking, software attack methodologies
Cryptography – encryption and hashing
Required – Even though the SecArch Integrator role is not a development role, the candidate must have understanding in programming, design and application architecture.
Required – In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.
Required – knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby
Other Areas of Expertise
Frameworks, protocols and subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate.
Knowledge of JSP /Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.
Database design and programming experience
Experience of liaising with 3rd Party Entities (exchanges, suppliers, regulators)
Experience in conducting and / or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments
Understanding of geographic regulations and their impact on Security assessments
Previous experience in Financial Services is preferred
CISSP or other industry qualification
Desired – experience working with global organizations
Learn more about our Security Verification Services.
Disclaimer : Applicant must check the company profile before joining Bizplusapp.com is no way responsible for any loss.