This job ad has been posted over 30 days ago...



Application Security Researcher Full-time

at Nichepro Technologies in Banglore (Published at 08-07-2015)

Title: Application Security Analyst

The position is based in Bangalore, India

The candidate will:
1. Perform and lead assessments across all Corporate IT operations and services performing application security audits.
2. Conduct Threat modelling and design reviews during the design phases of the development lifecycle.
3. Summarize and document results of testing for management reporting including proper disposition of test exceptions.
4. Cultivate working relationships with various IT and Business groups acting in a consultative capacity for various projects by helping them understand security vulnerabilities.
5. Identify application security risks and requirements for new projects and system developments.
6. Develop security test plans and integrate into the software development lifecycle.
7. Perform/oversee security testing and manage remediation of identified vulnerabilities
8. Monitor and proactively report on current threats and vulnerabilities to application security.
9. Deliver application Security Trainings and awareness sessions.


Must Have

1. 2‐3 years of Application Security assessment experience.
2. Bachelor or Master's Degree in Information Systems, Computer Science, Information Technology.
3. Knowledge of common IT technologies (OS, databases, network devices, applications)
4. Experience with implementing and auditing controls from industry and regulatory frameworks and standards (e.g., NIST, ISO, PCI‐DSS, OWASP, etc.).
5. Architecture review Knowledge – Threat modelling concepts
6. Automation and Manual Code review Experience.
7. Application Penetration Testing experience.
8. Experience on both commercial and open source tools ( Burpsuite, metasploit, Checkmarx, Whitehat Sentinel, AppScan, WebInspect, Fortify, Paros,Nessus, nmap, wikto, nikto sqlmap)
9. Hands on experience in Dynamic security testing.
10. Understanding of OWASP top 10 and mitigation techniques.
11. Strong project management skills and ability to multi‐task.
12. Highly motivated and proactive.
13. Detail oriented, analytical and essential a team‐player.
14. Strong communications skills to be able to interact with technical and non‐technical colleagues.

Good to have

1. Familiarity in one or more of the following areas: Linux/Windows system security, networking, mobile device security, cloud technologies (IaaS, SaaS environments, etc.), and web technologies
2. Network Security testing experience.
3. Development back ground Java/J2EE preferably.

Note: Applications have been closed.

Viewed: 1585 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend