Application Security Consultant

Heptarc Technology Solutions Private Limited

8 - 13 years

6 - 11 Lacs

Bengaluru Karnataka India

Posted:4 days ago| Platform: Foundit logo

Apply

Skills Required

SAST SCA Ruby/Rails

Work Mode

On-site

Job Type

Full Time

Job Description

Education
: Bachelor's degree required.
Security Expertise
:
Deep familiarity with
OWASP Top 10
and other
security concerns
for web applications.
Deep understanding of
OWASP Application Security Verification Standards (ASVS)
.
In-depth understanding of
SAST
(Static Application Security Testing),
DAST
(Dynamic Application Security Testing), and
SCA
(Software Composition Analysis) scanning practices.
Tools and Experience
:
Experience using
Veracode
,
Appscan
, or other
enterprise security tools
for scanning.
Understand how to interpret and assess
CVEs
(Common Vulnerability and Exposures) and
CWEs
(Common Weakness Enumeration) found by scanning tools.
Familiarity with
secret management systems
integration.
Technical Expertise
:
Advanced knowledge of
front-end
and
back-end
web application development in at least one technology stack:
.NET
,
Java
,
PHP
,
Ruby/Rails
,
Angular
,
Node.js
, etc.
Proven track record of staying up-to-date with trends, tools, and processes improving security posture.
Documentation & Communication
:
Strong documentation skills and
technical writing abilities
.
Excellent verbal and written communication skills,
English proficiency
required.
Ability to communicate, collaborate, and present effectively across diverse teams.
Team-Oriented
: Ability to work in a fast-paced, dynamic environment while producing high-quality work.

Technical Skills:

SAST
,
DAST
,
SCA
Veracode
,
Appscan
,
HCL
(Dynamic scanning tool)
CVEs
,
CWEs
Secret management systems
.NET
,
Java
,
PHP
,
Ruby/Rails
,
Angular
,
Node.js

Roles and Responsibilities:

Perform
SAST
,
SCA
, and
DAST
scans using industry standard vulnerability scanners.
Use
Veracode
for
SAST/SCA
scanning, configuring the scan platform for correct identification of static code
CWE
and
SCA
derived
CVEs
. This includes coordinating with the app owner to ensure all code branches are included in the compiled binary.
DAST
process includes crawling the target application to identify the directory and file structure, followed by executing
DAST
scans using
HCL
product to identify dynamic issues visible only during code execution.

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.