Security Architect-Application + InfraSEC Manager - Chennai, India - Tech Mahindra

    Tech Mahindra
    Tech Mahindra Chennai, India

    2 weeks ago

    tech mahindra background
    Technology / Internet
    Description

    Position: - Security Architect

    Grade of experience.

    Location-Chennai only

    Mandatory Skill-Knowledge on Application security + Infra, VAPT, OWASP Top 10, SAST, DAST, SOC

    Candidate Experience & Expectations

    Deep knowledge of web Application and mobile applications security testing (VA & PT)


    • Suggest mitigation for identified vulnerabilities


    • Support for Security incident trouble shooting / analysis


    • Suggest solution / mitigation for HP Fortify recommendations


    • Secure coding practice recommendation


    • SOC incidents and threat analysis


    • A clear conceptual understanding of the SDLC


    • Strong knowledge on automated scanning using HP Fortify, Burp suite or similar tools


    • Strong knowledge on network penetration testing.


    • Security knowledge capturing and consolidation


    • Collaboration on product conceptualization for security by design


    • Knowledge on web appsec, ethical hacking, DFRA, CSR


    • Experience in understanding false-positive from the Source code scans


    • Led at least one CSR (Compressive security review)


    • Knowledge static application security testing (SAST), dynamic application security testing (DAST), and open-source security (OSS)


    • Strong understanding of OWASP top 10.


    • Experience in WAF logs analysis


    • Rapid decision-making to prevent delayed releases due to security issues


    • To coordinate with various stakeholders for completion of Audit points observed by internal and external auditor. And Make sure all CERTS in, RBI and various security advisories are checked and recommended action taken on the respective platforms in the application.


    • Outside-the-box thinking to anticipate possible threats


    • Thorough understanding of vulnerabilities found invulnerability assessment and their mitigation Experience in handling client queries regarding security Suggest mitigation for identified vulnerabilities Analyze and closure of Security Incidents. Response for IS Audits ,Comprehensive Security Audits. Ensure that systems ,Organization process & unit practices adhere to organization policies Experience of working on ITIL processes

    Desirable Skills


    • Working knowledge of web and mobile application security


    • Extensive experience in Vulnerability Assessment and Penetration testing, Web Application security


    • Knowledge on kali linux would be an added advantage


    • Knowledge on conducting Security Audits


    • Response for IS Audits ,Comprehensive Security Audits. Ensure that systems ,Organization process & unit practices adhere to organization policies Experience of working on ITIL processes


    • Good knowledge on Threat modeling, cryptography, and common application vulnerabilities


    • Certificate in Certified Application Security Engineer (CASE), Certified Ethical Hacker (Latest CEH)

    Qualifications:

    BE/BTech/MTech/MCA only

    Interested candidates can send me your resume at