Application Security - BFSI

- Experienced in application security testing (source code review and application penetration tests) web, mobile, APIs, Thick Clients and Plugins

- Demonstrated knowledge of recognized security industry standards and leading practices knowledge i.e. OWASP, SANS & NIST guidelines & testing methodologies and current and emerging threats

- Well versed with different authentication mechanism such SAML, AD, Oauth OpenID, OTP

- Should have knowledge of Dynamic and Static application security testing, black box and grey box testing.

- Web Application Firewall (WAF) Fundamentals, tuning existing deployment to increase protection

- Will be responsible for handling internal and RBI Audits

- Hands on experience in Security testing tools like Burp Suite/Acunetix/Metasploit/Kali.

- Familiarity with cloud security controls and best practices

- CICD knowledge will be addon