Application Security Architect

Application Security Architect

Prosum Technology Services
Bengaluru / Bangalore
0 - 4 Years
Not Specified

Job Description

Responsibilities range from auditing code, architecture and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening.
Applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis. Candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud and cloud-hybrid architectures.
Responsibilities include:

  • Working with application development and QA teams across multiple products to: Review, evaluate and prioritize vulnerability findings

  • Provide SME support on secure code implementation, design and architecture.

  • Threat-modeling & risk analysis

  • Training

  • Participate in providing annual OWASP & PCI training for developers

  • Helps maintain updated Secure Coding Best Practices

  • Common application level vulnerabilities

  • Risk Management

  • Findings/vulnerability prioritization

  • Mitigation strategy

  • Controls Evaluation – Review, validate, recommend and create standards

  • Review of open-source development libraries for security risks

  • Web application firewall (WAF) rule development and implementation

  • Security technologies review and recommendations

  • Qualifications: Bachelors of Computer Science or similar – 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development.
  • Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews -
  • Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - Solid understanding of Information Security in general and the specific behaviors that would secure TSYS information assets -
  • Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people -
  • Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - Ability to work well inside and outside the team.

Prosum Technology Services

Similar Jobs

People Also Considered

Career Advice to Find Better