Vacancy expired!
#INDISTNTT DATA's Client is seeking a Application Security Analyst with Code Scanning and 5+ years Application security experience, to be responsible for building solution offerings of Application Security as a service comprising of IAM, Vulnerability Assessment, Monitoring and Secure Code Review for client. Candidate will be responsible for application security solution roadmap, implementation as a consulting stream. Build a relationship with NTT client and act as a COE for application security area. Understand existing and forthcoming security technology consulting services from both a business and technical perspectiveRole Responsibilities Assist development teams to scan/test using CheckMarx and AppScan Standard
Triage the scanned tool report results
Conduct application vulnerability testing using CheckMarx and AppScan Standard and triage the scanned tool report results
Review findings with appropriate stakeholders followed by categorize the findings (True findings, False positive, etc.)
Review findings with appropriate stakeholders followed by categorize the findings (True findings, False positive, etc.)
Provide remediation guidance for each release after FP analysis
Evaluate the risk and communicate with Application Security team, Stakeholders
Generate report which includes risk description, impact, risk rating, affected areas and recommendation on how to remediate vulnerabilities
Assist stakeholders in remediation of findings
Re-test to confirm remediation of findings and closeout with stakeholders
Generate status reports periodically
Document critical issues in internal assessment tools
Able to review code manually to find security vulnerabilitiesTechnical experience and skills 5+ years Application security experience
Development background
CheckMarx (SAST) and DAST (AppScan) tool implementation experience
Remediation experience on Java, Jscript, JavaScript, Scala etc.
Experience on other tools such as Postman, Soap UI, Burp suite preferable
Qualifications and other skills/ competencies: Degree in Computer Science / Engineering
Excellent communication and presentation skills
Self-initiator, interact, coordinate and collaborate with teams
Certifications like CISSP, CISM, CISA is an added advantage
