Vacancy expired!
End to End Systems Security analysis, Design and Implementation
Analyze, documentation and provide solution for any security breach / suspicious activity
Work with Incident response / threat management team to understand the impacted application and the issue
Use Splunk and Kibana ELK to analyze the logs for security threats or malicious behaviour
Analyze applications, identify threats, recommend new security remediation, and implement security policy, standards and procedures. Software/Application Development and Architecture - Secure App Development
Help App developers for secure coding practices using Fortify, Checkmarx (Static Assessment Security Testing), help them in mitigating vulnerabilities to produce secure code
Help developers in mitigating open source library vulnerabilities identified by Black Duck (SAST) by using latest versions of libraries in the source code. Use OWASP ZAP (Dynamic Assessment Security Testing), Client Web Inspect (DAST) and Burp Suite for Pen testing web application identifying vulnerabilities, exploiting them
Perform vulnerability assessment on the organization's network, servers using Tenable Nessus to identify and mitigate IP issues by applying patches
Integration of security engineering automation tools into CI/CD pipeline using Jenkins.Security Assessment: Conduct security reviews/assessments for all new and existing apps
Analyze apps on the basis of Security Best Practices and work with the testing team to create security testing test cases. Assess security requirements for new applications
Identify OWASP TOP 10 vulnerabilities and mitigate those issues. Implement Prevoty (RASP) for all applications. Implementation includes non-prod, prod deployment
Onboard Prevoty and Application Logs to Splunk for logging and monitoring purposes
Provide security testing signoff before deploying into Production, and create dashboards, alert setup for suspicious activity.Patching and Security Testing:
Secure source code testing using tools like Black Duck, Fortify, OWASP-ZAP, Client Web Inspect.Application Compliance and Reporting
Help application teams in managing compliance profile and adhere to company's security policies like PCI-DSS, CPI-81 etc
Work with the app and compliance team and making sure the SOX compliance requirements are met and applications are made SOX compliant
Use NIST Framework to make sure the organization is compliant following all the security guidelines protecting the confidential information
Use UML, Use Cases, Sequence Diagrams for Object Oriented Design and Graphic UI Design of Business Modules.Education Requirement: Bachelor's degree in Computer Science, Cybersecurity or a similar field.Kind regards,
Shradha Nimje
Sr IT Recruiter
Concept Software & Services Inc.
Alpharetta, GA 30022
Contact: +1
Email: