This job ad has been posted over 30 days ago...



Web Security Specialist Full-time

at Intel Security in Banglore (Published at 26-03-2015)

Roles & Responsibilities

This position is for a Web Security Specialist for the McAfee Consumer team. The Web Security Specialist will primarily involve in performing Information Security Assessments of Web-based applications including threat modelling, Penetration Testing, Perform Static and Dynamic Analysis of Web based applications, Code reviews, Develop tools and Automation for Security Testing. Provide insights into issues by identifying which flaws can be exploited to cause business risk. It is a unique and challenging role that calls for a strong passion for security, technology and quality, while providing an immense opportunity to design and develop wide-reaching tools that will help in this efforts. Candidate should have experience in analyzing highly scalable and performing web/cloud based systems. Candidate should be an expert in this field and be able to drive the web/cloud security proactively for the team. The security specialist will be responsible for driving the security best practices within the teams and also leading efforts to educate the development teams on the secure development practices. They will also be responsible for inspecting and verifying all the web/cloud based applications in the Consumer teams. They will also be responsible for driving the security practices are being followed by ever team as per the secure development lifecycle and prevent any security vulnerability on the systems and applications being developed by the Consumer teams.

Desired Qualification & Experience

• Bachelor/Master Degree in Computer science & engineering.
• Over 8+ years of relevant web, mobile security experience, security assessments, source code analysis, application security vulnerability research, vulnerability management mitigation and remediation.

Primary Requirements

• Hands-on experience in performing security assessments of web-based applications including threat modelling, vulnerability assessments, and penetration testing.
• Knowledge of current information security threats.
• Knowledge of security bug classification frameworks such as CVSS and DREAD, and experience applying security bug classification methods.
• Development and/or vulnerability testing experience with web frameworks.
• Experience with vulnerability scanners, as well as with web application testing tools such as Burp, OWASP Zap, Nessus, Nmap, NeXpose, Metasploit, Wireshark, IBM Rational AppScan
• Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools
• Experience with software development programming languages such as ASP.NET, C#, Perl, Python, PHP.
• Deep knowledge of Microsoft .NET including XML, LINQ, Multithreading, Asynchronous, Parallel Programming.
• Extensive Hands-on experience in ASP.NET MVC 3+, Web API, WCF, and JavaScript.
• Develop POCs to demonstrate security issues.

Secondary Requirements

• Certifications: CEH, CISSP, OSCP/OSCE and SANS (Gold) are preferable.
• Agile model (Scrum) understanding & experience.
• Ability to work independently with a team of engineers locally and peer teams abroad with minimum guidance.

Nice to have skills

• Exposure to Mobile App Development, HTML 5, CSS3.
• Exposure to BigData Technologies (Hadoop, Map Reduce, Hbase etc.) and cloud technologies.
• Exposure to Java, JSP, Tomcat.
• Experience in software source control systems such as ACCUREV is preferred.

Note: Applications have been closed.

Recent jobs at Intel Security

Viewed: 2673 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend