Application Security Auditor - Bank

We have an opportunity with one of premium banks in India

Location: Mumbai

Job description:-

Job Description: Application Security Auditor

Reporting Structure

Reports to Sr. VP, Systems Audit

Education:

- B. Tech, MCA

Experience (years):

- 5 years of experience in Audits and Risk assessment services of web and client based applications

- Must have experience in conducting risk assessment of business and support applications

- Must have hands-on experience in evaluating OWASP security practices for applications

- Must have experience in Coding and application development

- Strong knowledge of programming languages for application and mobile

- Experience in carrying out code review and black/grey/white box testing is a plus

- Excellent written, oral communication and presentation skills

- Excellent organizational, communication and interpersonal skills

- Ability to work independently or as part of a team

Industry: Information technology / Financial services

Responsibilities - Developing project plans, work programs, evaluating system controls, documenting results, making recommendations, and communicating information to stakeholders

- Conduct Audit of the web, mobile and client-based applications- internal and those exposed to the Internet

- Audit of application design components, User Access Control, Website communication, application layer,interfaces to databases etc.

- Audit change management, patch management, incident management, backup management.

- Audit the development practices (S-SDLC) and coding practices

- Develop and maintain audit checklist and documents

- Work closely with the VAPT team

- Should be a self-learner and must keep updated with latest threats and vulnerabilities researched/discovered

Certifications

- MCSD

- Certification in Mobile application Security testing

- CISA

- Oracle certified, Java certifications