Global Fintech MNC Requires Infrastructure and Application Security Specialist - Bangalore

One if our client a Global MNC a global leader in influencing customer behavior to drive revenue and add value for our clients. With a unique blend of industry and sector specialists, the group develops and delivers market-leading products and services to help build, manage and optimize customer relationships across four core capabilities: Loyalty, Lifestyle Benefits, Insurance and Assistance.We drive customer devotion. We give your customers compelling reasons to engage, spend more and become loyal advocates - whilst delivering commercial results for your business.

As a worldwide leader in loyalty marketing and CRM, & builds loyalty and creates devotion. From acquiring customers and understanding them as individuals, to creating relationships that engage, reward and inspire loyalty, we turn customers into advocates and relationships into profit - " and have done for over 25 years.PFB the details-

Key Responsibilities

- Leading APAC Application and Infrastructure Security topics by defining, rolling out and mplementing DevSecOps to improve Group Application Security Level.

- Work with development and IT Ops teams to conduct security testing as well as technical audit and compliance review against business applications.

- Explain and demonstrate vulnerabilities and provide recommendations for mitigation, follow-up with development and IT Ops teams for vulnerability remediation.

- Organize training to development and IT Ops teams to improve the core security knowledge such as secure coding principal and techniques.

- Lead the on-boarding, administrating and supporting the BUs for multiple security platforms of SAST, DAST and IAST.

- Assist with implementing and designing automated security checks within the CI/CD.

- Take action to maintain compliance to security standards and policy, escalate non- compliance and critical application risk in a timely and effective manner

- Report on key compliance and operational metrics of application security.

Basic Qualifications :

- Degree/Diploma in Computer-related discipline, or equivalent work experience.

- 3 ~ 5 years of hands-on experience as a software developer or relevant experience.

- Proven experience on VAPT/WAF, application/infrastructure/mobile App security testing, security code analysis and technical reviews.

- Knowledge and understanding of security frameworks and methodologies for controls, compliance and auditing - NIST, ISO27001, PCI-DSS, OWASP, SSDLC

- Related industry certifications such as CEH, CISSP, CSSLP, GSSP-.NET, GSSP-Java, GWEB, GWAPT, OSCP, CREST is a plus.

- Fluent in both English and Madarin.

Preferred Skillset

- Professional - Application Security

- Familiar with HTTP/HTTPS, JavaScript, Java, .NET, SOAP, WSDL, REST, SSL standards, PKI infrastructure, security models and common API client architecture.

- Familiar with industrial DevOps and security testing tools such as but not limited to Rapid7, Acunetix, SonarQube, Checkmarx, Sonar, VSTS, Jenkins and Kali Linux

- Knowledge of common security protocols such as SSL/TLS, OAuth 2.0, SAML, Open ID Connect, LDAP, Radius etc. and crypto libraries such as Open SSL, JWT etc.

- Familiar with common web application vulnerabilities, OWASP Top 10 Risk

- Hands-on experience with web application and network security testing

Personal :

- Demonstrated critical thinking, situational analysis and problem solving skills and mindset.

- Ability to independently conduct research into application security issue, standards, and products is required

- Good inter-personnel skill, highly self-motivated, autodidact and willing to do more.

If the position interests you kindly apply.

Puneesh - 9548238406

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.