Team Member – IRM-SUPPORT SERVICES-Information Risk Management Team

DepartmentInformation Risk ManagementLocationKotak Infinity

• Conduct architecture reviews and design reviews of web and mobile applications, APIs and identify security gaps.
• Provide recommendations for enhancing security controls.
• Follow ups with application/system owners to mitigate the identified security gaps within the provided timeline.
• Develop and enhance Application Security Standards, Secure coding practices, secure configuration guidelines, etc.
• Assist and provide responses to internal and external audits.
• Evaluate technologies for securing the web/mobile applications.
• Prepare dashboards for management review
• Bachelor’s degree in any discipline.
• 5-8 yrs experience in Application Security Assessments.
• Knowledge of Application Security Standards such as OWASP, Mitre, etc.
• Knowledge of common application security flaws, threat modelling, security controls and common security libraries.
• Understanding of security principles including cryptography, access control, authentication, 2FA, system security, data flow, firewall, WAF etc.
• Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences
• Knowledge of cloud services and cloud security controls.
• Good analytical and presentation skills.
• Ability to learn and quickly grasp new technologies/concepts.
• Security certifications preferred but equivalent knowledge will be considered.

Read Full Description