Source Code Reviewer

We are seeking for a candidate with 4-8 years of experience in cyber security testing, specifically within the Banking, Financial Services, and Insurance (BFSI) sector. The ideal candidate will also have hands-on experience with DevOps practices. This role involves reviewing and auditing application code to identify security flaws, recommending remediation strategies, and ensuring adherence to secure coding guidelines.

Candidate Requirements

1. Bachelor's/Master's degree in Computer Science, Information Technology, or a related field
2. 4-8 years of experience in software development, with a focus on the BFSI sector
3. Proficient in

   one or more programming languages such as Java, C#, .NET, or Python

4. Hands-on experience with

   DevOps tools and practices, including CI/CD pipelines, containerization (Docker), and orchestration (Kubernetes)

5. Strong understanding of

   BFSI industry

   processes, regulations, and standards
6. Experience with database management systems such as

   SQL Server, Oracle, or MySQL

7. Knowledge of software development methodologies, such as Agile and DevOps
8. Familiarity with security standards and practices relevant to the BFSI sector, including encryption, data masking, and regulatory compliance
9. Strong problem-solving skills and attention to detail
10. Excellent communication skills and the ability to work effectively in a team environment

Key Responsibilities and Outcomes

1. Conduct secure code reviews for applications developed in

   .NET and Java

   to identify security vulnerabilities
2. Utilize OWASP Top 10 guidelines to analyze and mitigate common security risks such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF)
3. Collaborate with development teams to integrate secure coding practices into the software development lifecycle (SDLC)
4. Provide actionable recommendations and guidance on code remediation to developers
5. Develop and maintain secure coding standards and best practices documentation
6. Assist in the development and implementation of security tools and automated code review processes
7. Stay up-to-date with the latest security trends, vulnerabilities, and technology developments
8. Conduct security training and awareness sessions for development teams
9. Participate in security assessments and penetration testing as needed