Job Responsibilities1. Ensure compliance controls are in place to determine security effectiveness and compliance toward meeting regulatory and/or standards compliance.2. Regularly report progress on CVSS scores, identified risks in addition to coordinate efforts with the Security Lead or Project Manager as required.3. Ensure compliance controls are in place to determine security effectiveness and compliance toward meeting regulatory and/or standards compliance.4. Manage a team that will execute/maintain a master test plan and/or the project plan, create or assist in a comprehensive security test plan, generate test cases and/or scenarios based on the requirements and/or other project documentation.5. Run the server hardening and applications scans to ensure all source code and software and server configurations meet Secure Coding Standards.6. Understand business portfolios and software requirements to effectively determine security testing for various requirements like Web application, Privilege management, Data validation, Access control, Cryptography.7. Create the customized audit files for Nessus security center scanning for specific standards like Docker, PostgreSQL, MSSQL, Oracle DB, MYSQL, DB2 and other OS configurations.8. Maintain a monthly reporting and tracking system of all scanned applications and their CVSS scores.9. Responsible for security vulnerability and remediation reports at an executive and technical level for stakeholders. In some cases, prepare customer-oriented security vulnerability summary reports.10. Be able to execute scans and deliver readout of OWASP vulnerabilities and potential impact to the system.11. Stay current with industry standard development and software technologies and competencies, including in-depth knowledge and understanding of computer applications, knowledge of risk assessment methodologies and frameworks.12. Test the logical access control data analysis for the application and identity the access violations with in the application.13. Test and identify the SOD (Segregation of duties) violations with in the application.14. Stay current with industry security testing and vulnerability identification technologies and competencies.15. Developing and designing security devices and software to ensure the safety of clients' or internal products and information16. Managing security measures for information technology system within a networked system17. Operating regular inspections of systems and network processes for security updates18. Conducting audit process for initiating security and safety measures and strategies19. Customizing access to information per rules and necessity20. Maintaining standard information security policy, procedure, and services21. Should have basic understanding of project life-cycle and should have handled/Implemented at least 4 information security projects in his tenure. Experience in managing data center activities is added advantage22. Knowledge of Operating system (Windows/Linux) working is desirable. Basic understanding of Web servers and DB (Oracle/MS SQL) is a plus.23. Should have experience on client management and have clear communication. He should be having strong understanding on the different ITSM process in an organization (Change Management/Incident Management/Release Management etc.)
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.