Conduct architecture reviews and design reviews of web and mobile applications, APIs and identify security gaps.
Provide recommendations for enhancing security controls.
Follow ups with application/system owners to mitigate the identified security gaps within the provided timeline.
Develop and enhance Application Security Standards, Secure coding practices, secure configuration guidelines, etc.
Assist and provide responses to internal and external audits.
Evaluate technologies for securing the web/mobile applications.
Prepare dashboards for management review
Bachelor’s degree in any discipline.
5-8 yrs experience in Application Security Assessments.
Knowledge of Application Security Standards such as OWASP, Mitre, etc.
Knowledge of common application security flaws, threat modelling, security controls and common security libraries.
Understanding of security principles including cryptography, access control, authentication, 2FA, system security, data flow, firewall, WAF etc.
Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences
Knowledge of cloud services and cloud security controls.
Good analytical and presentation skills.
Ability to learn and quickly grasp new technologies/concepts.
Security certifications preferred but equivalent knowledge will be considered.