Job Description

Scope f work:

• Provide security consultancy, technical guidance, expertise and solutions.
• SME for Database Security (DAM ,Datasunrise Product )
• Supprting Container Security product (Aquasec)
• Advise and review application security design to detect potential security issues and for each issue, propose and drive remediation tasks.
• Help application team in developing and implementing security test and verification scripts for testing and validating security controls/issues.
• Able to engage and execute security vulnerability scanning activities (VAPT/SAST/DAST/MAST activities etc) & triage security findings.
• Define scope and review the results of security tests, reviews, and audits to ensure security assurance is achieved.
• Identify and assess cyber risks in the application and network.
• Perform threat modelling on security-critical applications.
• Recommend and drive cyber security solutions and initiatives to improve the cyber security of the organisation.
• Deliver security projects, such as the implementation of security software, POC of DevSecOps tool and create rules/scripts that help identify latest security issues
• Ensure clients\' compliance policies/procedures are met through ongoing security reviews, audits, and exercises.
  

• AWS cloud security

• Database security, preferably with experience in Datagard (DAM)

• CISSP/CCSP/CCSK/OSCP/CSSLP certification or its equivalent is preferred

• In-depth knowledge of security concepts regarding web, iOS, Android and Rest API security. Understanding of current and emerging security technologies and threats.

• Proficient with methodologies, tools, best practices and processes across various cybersecurity areas.

• Proven experience with threat modelling and risk analysis.

• Ability to gather written and verbal information from multiple sources, and assess and consolidate risks to provide appropriate recommendations.

• Hands-on experience with vulnerability analysis frameworks and tools.
  

• Familiar with standard of security posture including planning and running Security Compliance Check, Security Vulnerability Scanning

• Familiar with IM8 policies

• Familiar with SSO, OIDC/SAML and MFA Framework