Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Jobs

Interviews

Home
>
Jobs in Bengaluru
>
BNP Paribas
>
Assistant Manager / Manager - Application Security Testing (DAST)

Assistant Manager / Manager - Application Security Testing (DAST)

BNP Paribas

7 - 12 years

9 - 14 Lacs

Bengaluru

Posted:2 months ago| Platform:

Apply

Skills Required

Application Security Testing Fortify SAML OAUTH2 Kerberos Webinspect One Time Passwords Coverity SANS OWASP SiteMinder IT risk assessment Blackduck AppScan BurpSuite AppSpider Checkmarx Qualys Sonatype

Work Mode

Work from Office

Job Type

Full Time

Job Description

Position Purpose

The purpose of the position is to help with the information security topics mentioned in the direct responsibilities.

Responsibilities

Direct Responsibilities

- Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans.
Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate.
Knowledge of Secure Development methodologies and frameworks.
Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity
Well-versed in conducting Security Review, Assessments and providing recommendations.
Knowledge of OWASP, SANS standards.
Experience in Process Improvement, Controls Enhancement and Reporting.
- Engaging with organization wide risk and control groups, including internal audit and territory control teams.
- Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls.

Contributing Responsibilities

Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process
Knowledge of single-sign-on security strategies (e.g. SAML, OAUTH2, SiteMinder etc.)
Excellent understanding of authentication related mechanisms (Kerberos, One Time Passwords, PKI)
Good understanding of cryptography and its practical uses within secure application development
Familiarity with common security vulnerabilities (e.g. OWASP Top 10)
Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them.
Excellent knowledge of programming best practices, design patterns, etc.
Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues.
Well-developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors.

Technical & Behavioral Competencies

Excellent knowledge of programming best practices, design patterns, etc.
Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues.
Well-developed written communication skills with the ability to summarize key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors.
Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity, Sonatype, Blackduck
Well-versed in conducting Security Review, Assessments and providing recommendations.
Knowledge of OWASP, SANS standards.
Experience in Process Improvement, Controls Enhancement and Reporting.
Excellent Inter personal and presentation skills
Strong in verbal and written communication
Ability to liaise with cross-functional stakeholders globally
Clear understanding of application and data security
Must be flexible, independent, self-motivated
Good analytical skills

Specific Qualifications (if required)

- CEH, SSCP, OSCP certified.

- Technical Graduate (Computer Science) Preferable.

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Communication skills - oral & written

Ability to share / pass on knowledge

Active listening

Transversal Skills: (Please select up to 5 skills)

Ability to understand, explain and support change

Analytical Ability

Ability to develop and adapt a process

Ability to develop and leverage networks

Ability to manage / facilitate a meeting, seminar, committee, training

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 7 years

More Jobs at BNP Paribas

BNP Paribas is hiring For Senior Support Analyst!

Bengaluru

4 - 8 yrs

INR 10 - 19 Lacs

Senior Support Analyst

Bengaluru

4 - 8 yrs

INR 10 - 18 Lacs

Java Full Stack Developer - Looking For Immediate joiner

Chennai

6 - 11 yrs

INR 0 - 1 Lacs

BNP Paribas is looking For a Product Owner!

Chennai

8 - 13 yrs

INR 15 - 25 Lacs

Full Stack Engineer

Chennai, Tamil Nadu, India

Experience: Not specified

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.