No more applications are being accepted for this job

Consultant - Source Code Review and Cloud Security - Bengaluru, India - CyRAACS™

CyRAACS™ Bengaluru, India

2 weeks ago

Technology / Internet

Description

Job Overview:

We are seeking a dynamic and experienced Consultant specializing in Source Code Review and Cloud Security to join our cybersecurity consulting team. As a Consultant in this role, you will be responsible for providing expert guidance and technical expertise to clients in evaluating and enhancing the security of their applications and cloud environments. You will play a critical role in identifying security vulnerabilities in source code, assessing cloud security risks, and delivering actionable recommendations to improve overall security posture.

Responsibilities:

Conduct thorough reviews and analysis of source code to identify security vulnerabilities, coding errors, and design flaws

Utilize automated scanning tools, static code analysis techniques, and manual inspection methods to assess the security of applications

Identify and prioritize security weaknesses related to authentication, authorization, input validation, cryptography, and other security-sensitive areas

Strong understanding of OWASP security guidelines

Evaluate the security architecture, configurations, and controls of clients' cloud environments (e.g., AWS, Azure, GCP)

Identify security risks and compliance gaps in cloud deployments, including misconfigurations, access control issues, and data protection concerns

Assess the effectiveness of cloud security measures and provide recommendations for improving security posture and meeting compliance requirements

Develop and execute test plans, including manual testing techniques and automated scanning tools, to assess the security of applications and cloud environments.

Prepare detailed assessment reports documenting findings, security risks, and actionable recommendations for clients.

Collaborate with client teams to prioritize and implement security remediation actions, including code fixes, configuration changes, and security controls enhancements.

Provide guidance and support to clients in implementing secure coding practices, secure configuration guidelines, and best practices for cloud security.

Deliver training sessions and workshops to educate client teams on secure coding practices, source code security, and cloud security best practices.

Stay abreast of the latest trends, technologies, and threats in source code security and cloud security.

Qualifications:

Bachelor's degree in Computer Science, Information Security, or related field. Master's degree preferred.

2+ years of experience in cybersecurity, with a focus on source code review and cloud security.

Strong understanding of software development principles, programming languages, and secure coding practices.

Experience conducting source code reviews, static analysis, and manual code inspection.

Proficiency in cloud computing platforms such as AWS, Azure, or GCP, including knowledge of cloud security controls and best practices.

Hands-on experience with security assessment tools and frameworks, such as static code analysis tools, vulnerability scanners, and penetration testing tools.

Excellent analytical, problem-solving, and communication skills, with the ability to convey complex technical concepts to both technical and non-technical audiences.

Relevant certifications such as Certified Secure Software Lifecycle Professional (CSSLP), or Certified Cloud Security Professional (CCSP) are a plus.

Ability to work independently and collaboratively in a client-facing consulting role.