Vacancy expired!
- Having extensive knowledge on threat modeling/design review.
- Having knowledge on different threat modeling tools(Like Threat modeler, securicad, Microsoft TMT, LTMT).
- Good knowledge on cloud (Azure, AWS, Google Cloud Platform)
- Having good knowledge on devsecops and automated tool for devsecops.
- Good knowledge on container security.
- Having basic knowledge on cloud security posture management.
- Implemented Secure SDLC (Analyze and design Secure architecture, Design Application based on that, Prepare secure coding guidelines across projects and also reviewed support project architecture and code on security aspects)
- Experience in conducting vulnerability assessment like source code review i.e., SAST, DAST and remediation guidance of the risks identified in the applications based on OWASP,SANS methodology.
- False positive review of the findings and ensure timely closure of the vulnerabilities.
- Analyzed security testing reports and design suitable solutions based on application architecture.
- Extensive experience and development expertise in Core Java, Advance java, Spring, Spring MVC, Spring Boot, Hibernate, JPA.
- Good knowledge on FOSS analysis & Have basic knowledge on container security.
- Experience in agile projects and have hands-on-experience in managing the entire security software development life-cycle involving requirement analysis, system study, designing, architecture, coding, unit testing, debugging and documentation.
- Business domain knowledge on e-governance, real estate domain, office automation and entertainment domain.
- Awareness on the Indian Cyberlaws, Intellectual Property Rights, data privacy regulations like EU-GDPR