Executive at innova-amtech llp
Views:267 Applications:27 Rec. Actions:Recruiter Actions:4
Innova AmTech - System Administrator - Security (3-5 yrs)
We have an good opportunity for profile System Administrator (Security). It is based out in Gurgaon Location. Person who have looking for change for this role.
Job Description Summary :
- Work with developers to refine security checkpoints in the SDLC that are based on the PCI Data Security Standard and other industry-accepted doctrine such as NIST SP 800-115 and/or ISO security standards.
- Develop secure coding standards that are based on industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT Secure Coding to address common coding vulnerabilities.
- Use automated tools to perform source code security analyses to identify vulnerabilities and attack vectors in web applications.
- Work with information security analysts to refine web application penetration testing methods and breadth of security services.
- Obtain and review all required artifacts as part of go, no go analyses at security checkpoint phases in the development cycle.
- Assist with periodic security risk assessments, IT security audits, and management reporting.
- Review and coordinate changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model.
- You will design /build application security and improve the product security design /implementation
- You must have thorough understanding of OWASP top 10, SANS 25 application security vulnerabilities
- You must have understanding of Application frameworks: e.g. Java,.net, MVC
- You must have understanding of Attack Vectors against APIs / How to identify gaps and prevent attacks
Key Requirement for the Position :
- Work experience with the PCI Data Security Standard with a focus on web application security methods.
- Security risk assessment and systems security audit work experience is highly desired.
- Experience working with common application security tools such as Fortify or Burp Suite is a plus.
- Excellent verbal and written communication skills.
- Self-starter with the ability to perform tasks as an individual contributor or as a project lead.
- Experience in web ethical hacking, fuzzing (Fuzz testing)
Qualifications : Certification B. Tech/MCA or BCA/BSC/B.COM with Cisco/Microsoft/Security