Job
Description
Role & responsibilities Manual Testing : Perform threat modelling • Perform application architectural analysis • Perform logical security assessment • Generate assessment report • Report your findings as per severity Analysis and reporting: • Create detailed assessment report as per eClinicalWorks standard. • Report issues as per severity • Monitor, maintain, and analyze WAF (Web Application Firewall) and alerts on WAF (Web • Application Firewall) and Web Traffic Logs on SIEM tool, identify the potential threats / • intruders behaviors and take quick steps to block the suspicious attempts. • Managing and monitoring web application rules and policies across the enterprise. • Monitor, maintain, and analyze WAF (Web Application Firewall) and alerts on WAF (Web • Application Firewall) and Web Traffic Logs on SIEM tool, identify the potential threats / intruders behaviors and take quick steps to block the suspicious attempts. • Managing and monitoring web application rules and policies across the enterprise. • Work with Security teams to tune control systems to best meet the need of the business. • Managing the day to day governance of the enterprise web application firewalls, database firewall, and other security controls which includes configuration tuning, troubleshooting, as well as defining and executing escalation criteria. • Identify the different attack patterns for our websites and analyze the traffic by proposing new custom rules to block the suspicious traffic. • Conduct web application security scans, analyze results for false positives, prioritize vulnerabilities, and research and propose remediation steps . • Conduct routine log review of information security events, investigating and responding as necessary Maintain and enhance monitoring capabilities to ensure the integrity of eClinicalWorks. • Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and associated metrics Administer and maintain security products (vulnerability management, web application firewall, SIEM, DLP) • Launch and track investigations to resolution, recognizes attacks based on their signatures. • Differentiate false positives from true intrusion attempts. • Document computer security policies, procedures and provide alternative solutions to requests that violate policies. • Understand the customer requirements and developed Security Policies to prevent attacks. • Actively investigate the latest in security vulnerabilities, advisories, incidents and notify concerned when appropriate. • Update the Knowledge base to effectively communicate information internally or customers. • Adhere to policies, procedures, and security practices. • Other duties as assigned. Ad hoc request : Work on Ad hoc request related to application security • Work with Cross functional teams like Architect, Engineering, QA, DevOps, support, implementation and customers to meet security requirements as required by business need based on various assessment, events and incidents. Knowledge: • Understanding of OWASP Top 10, SANS Top 25 and WASC, NIST. • Black Box, Grey Box security assessment of web application, Mobile application. • Experience of identification and mitigation of vulnerabilities • Good knowledge of TCP/IP and other application and network level protocols. • Security in SDLC (Application Security)
