Security Engineer -OWASP

Must Have skills: OWASP methodologies

Job Description

IT SECURITY

MUMBAI

Job Summary

Our Client in INDIA is currently looking for an IT Security Professional, within the Security Scans teams.

The new joiner will work on Security & Compliance scans for Internet facing assets, Intranet application, Intranet servers and all infrastructures including container, Firewall, Proxy etc. assets across Asia-Pacific.

The new joiner will not only perform day-to-day scan and follow-up of the remediation, but also onboard new assets and investigate improving the reporting.

Excellent communication & presentation skills will be needed, to help any party involved understand the risk.

Given the diversity of activities, the new team members will have the opportunity over time to expand their knowledge & responsibilities on the other topics managed by the teams.

Years of experience needed 3 7 Years

Technical Skills:

Security tool deployment, Data analytics

Responsibilities

Direct Responsibilities

1. - Work on the remediation titles to be actionable good understanding of vulnerabilities

2. - Provide data cleaning rules where needed need understanding of Databases and Scripting

3. - Coordinate with Global counterparts

4. - Automatize reporting in GCSD experience in scripting.

5. - Work closely with regional production security teams to transition scanning & reporting activities

6. - Document SOP for operational teams (tools maintenance and IVM activities)

Contributing Responsibilities

1. Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan

2. Contribute to Internal Audit response activities.

3ply with regulatory requirements and internal guidelines.

4. Contribute to improvement of tools used by Production Security to follow-up on the Security Incidents

Technical & Behavioral Competencies

OWASP methodologies application is a mandatory.

2 4-year experience in IT Security minimum

University degree, preferably in Computer Science with spec. in IT Security

Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.

Curious and highly implicated in IT Security

Team player

Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries.

Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes.

Experience in a multi-cultural environment is appreciated.

CEH or Any Security certifications are appreciated.

Experience in Development languages and scripting is appreciated.