Senior Security Engineer

First American

5 - 10 years

10 - 11 Lacs

bengaluru

Posted:4 days ago| Platform:

Apply

Skills Required

c++ coding winforms application development wcf wpf microsoft sdlc sql python

Work Mode

Work from Office

Job Type

Full Time

Job Description

Responsibilities:

Secure the SDLC and automate security analysis and scanning with SAST, DAST, SCA and other tooling.
Perform and Support Manual Penetration Testing
Responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information.
Reviews, develops, tests, and implements security plans, products, and control techniques.
Maintains awareness of security and technology trends and shares that knowledge with others.
Mentor security champions in relevant development and IT functions
Documents security policies and procedures where/when needed.
Provides implementation support for risk assessment and data security procedures and products.
Evaluates new and proposed security systems, products, and technologies.
Reviews circumstances surrounding data security incidents and designs corrective actions.
Contribute to security coding guidelines for different programming languages.
Development experience and skills. C#, .Net, Java, Python, JavaScript, Node JS etc...
Proven capabilities in the analysis, design, development, and implementation using .NET Core, Web API, ASP.Net MVC, WCF, WinForms, WPF, SQL Server, Azure, AWS, etc.
Strong understanding and working experience with Identifying and guiding application teams in remediating OWASP Top 10 Vulnerabilities and SANS Top 25
Lead application security reviews and threat modeling, including code review and dynamic testing.
Implementing software application security controls and designing technical solutions to address security weaknesses
A good understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols)
Lead in development of automated security testing to validate that secure coding best practices are being used.
Strong understanding and experience with common security libraries, security controls, and common security flaws.
Proactively identify and mitigate against application security risks or incidents.
Raise awareness of application security requirements through development and review of application security standards, policies, and processes
Ability to document and effectively communicate technical findings to developer teams and evangelize security practices.

Skills, Knowledge, and Experience:

Bachelor s degree in computer science engineering or related.
5+ years of IT experience.
Experience with at least one Static Application Security Testing (SAST/DAST) tool (e.g., CheckMarx, HP Fortify SCA, Coverity, Veracode, FindBugs, other), its use, reports results interpretation, developer community support in remediating verified code-associated security vulnerabilities. Product configuration & tuning experience a plus
Professional experience with software application security, and its associated standards and practices
Ability to perform Manual Penetration Testing using industry standard tools and technique.
Experience with the results interpretation of Dynamic Application Security Testing (DAST) reports
Experience with variety of assessment tools (e.g., BURP, Nessus, Qualys, SQLMap)
Professional experience as a software application developer in a leading development language (e.g., C#, Java, .NET, C/C++ etc...), having performed web-based application development.
Professional experience with securing web applications (e.g., understanding attack vectors, system or code vulnerabilities)
Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
Excellent verbal and written communication skills
Experience in drafting application security coding standards.
Ability to manage highly complex issues and negotiate solutions.
Knowledge and understanding of Application security threat management and mitigation.
Application security experience with banking/financial services applications.
Certified in Industry renowned certifications like CEH and/or similar certifications.

More Jobs at First American

Dot Net Developer- SSE II

Bengaluru

3 - 6 yrs

INR 8 - 13 Lacs

Senior Examiner- Title Search

Salem, Bengaluru

2 - 7 yrs

INR 3 - 6 Lacs

Senior Consultant

Bengaluru

8 - 13 yrs

INR 25 - 30 Lacs

Staff Engineer SRE

Bengaluru

12 - 17 yrs

INR 11 - 15 Lacs

Process Associate

Bengaluru

15 - 20 yrs

INR 18 - 20 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.