Job Description :
Skills and Responsibilities:
Manage, modify and tweak the Application and database security scan profile as per the company''s baseline standards.
Perform security analysis of the different layers of the systems (application database layers)
Perform manual testing and automated system vulnerability assessment scans using various web, application, OS and database vulnerability scanners (IBM AppScan and Guardium Database Scanner)
Perform application security testing on both native and web based mobile applications on different mobile platforms (iOS)Review the security architecture of systems and create security test plans based on existing and planned controls and recommendations.
Review scanner reports and work with the application development community to remediate issues following a risk based approach.
Work with DBA and application development teams, to discuss vulnerabilities through recommending and monitoring of remediation activities.
Maintain detailed documentation of test procedures and findings in the Vulnerability management system.
Perform manual vulnerability assessment and penetration testing of applications, produce report walk development team through issues.
Continuously monitor the published vulnerabilities for various application, operating system and database layer.
Analyze the impact of the vulnerabilities on the environment and accordingly publish the advisories to the different stakeholders in the Fund.
Based on the publicly disclosed vulnerabilities determine the patching priority and notify the stakeholder
Education & Certifications (two or more):
Bachelor’s Degree in Computer Science, or Computer Engineering
Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM),
Global Information Assurance Certification (GIAC),
Certified Secure Software Lifecycle Professional (CSSLP),
Information Systems Security Management Professional (ISSMP)