This job ad has been posted over 30 days ago...

9

applicants

Hiring for Code Review - Paladion Networks / Mumbai Full-time

at Paladion Networks in Mumbai (Published at 16-08-2017)

Job Description:

The Secure Code Review service is part of the Security Testing Services Team. It is a part of Application Security testing service and is the process of identifying, documenting, and consulting on specific Application Security threats and vulnerabilities, associated likelihood and impact, and mitigating controls. Results of the assessment are documented in a report which consists of the security plan, list vulnerabilities. Secure Code Review is a process to identify and assess risks present in applications using a hybrid static analysis methodology.

Job Profile Details:

  • The candidate is expected to execute/Lead primarily Secure Code Review projects
  • The candidate is expected to execute/Lead Application Security and Penetration Testing projects as well as business demands
  • The candidate will be expected to gain in-depth knowledge and understanding of computer applications, including various languages (i.e. Java, ASP, .NET, C++, C#, etc.).
  • The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis* The candidate will be expected to do likelihood determination, impact analysis and risk determination.
  • Job would require prioritizing risk responses including solution recommendation and documentation.
  • Candidate will be required to demonstrate strong communication (verbal and written) and, problem-solving capabilities
  • Selected individual will be expected to successfully comprehend large complex applications written by others from reading code and application design.
  • May have to handle multiple complex assignments simultaneously.
  • Engage with both business people and technical people within and outside the organization from a project scope definition, project execution, project closure perspectives
  • Communicate complex subjects in easy to understand terms and stay current with emerging technologies and industry trends
  • Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.
  • The candidate should be able to successfully lead and execute projects, mentor and train junior resources with focus on enhancing their skill sets
  • The candidate should be open for onsite deployments as business demands

Skills required: 3+ years of Secure Code Review Experience

  • Experience with web-based application development
  • 3 years combined experience with J2EE (servlet/JSP) and/or .NET (C#/VB.Net and ASP.NET)
  • Knowledge of Design Patterns
  • Experience with relational databases from an application development perspective
  • Application security testing experience
  • Secure code review experience
  • Ability to handle difficult situations and to provide alternative solutions or workarounds
  • Flexible and creative in helping to find acceptable solutions
  • Experience in training and mentoring others
  • Good communication and writing skills with the ability to talk to both business people and technical people

Preferred Skills:

• Framework experience (Struts, Spring)
• Understanding of AJAX and web services
• Knowledge of application security vulnerabilities such as the OWASP Top 10
• Experience in Application Security Audits will be a plus.
• Software Maintenance Experience
• Security certification
• Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.)
o Basic understanding of the following protocols/technologies:
o SSL/TLS
• Cryptography (symmetric and asymmetric encryption, PKI, etc.)
• Ability to work on multiple complex assignments simultaneously
• Ability to work alone or in groups

Note: Applications have been closed.



Recent jobs at Paladion Networks


Viewed: 756 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend