Job Description

Company Description
Company Profile: At Altisource (NASDAQ: ASPS) we build world-class technologies and services for the mortgage and real estate industry and are well poised to help revolutionize how homes are bought, sold, and managed. In the US, we partner with 7 out of the top 10 mortgage servicers, operate one of the top three real estate auction websites, and manage a cooperative which represents a 15%+ market share of the $1.8tn US Originations market. Altisource\xe2\x80\x99s Software and Technology segment is responsible for incubating and launching market disruptive solutions that apply our core technologies and intellectual property including business process optimization platforms, advanced decision models, consumer sciences, and business intelligence systems into market-leading software applications and services.

• Conduct Vulnerability Assessment for all assets, including Applications, Networks, cloud components, API, Thick clients.
• Must understand the application priority bases on the business requirement while testing.
• Communicate security vulnerabilities and corrective actions to various internal groups and validate remediation.
• Performing code reviews to find and fix errors overlooked in the development phase.
• Identify security risks in the software development and deployment process.
• Utilize commercial and open-source vulnerability assessment tools.
• Perform manual verification of vulnerabilities \xe2\x80\x93 reduction of false positives.
• Create assessment reports and present them to management and technology professionals.
• Develop metrics for tracking and analyzing vulnerability information.
• Assist in regular penetration testing.
• Develop and maintain internal tools and task automation.
• Stay current on information security threats.
• Train security team members on vulnerability management process and tools.
• Apply Application Risk framework like STRIDE or NIST Application Risk Framework.
• Thorough understanding of latest security principles, techniques and protocols, Patching and Security Updates
• Assist and be an integral part of internal/client facing Information Security assessment
• Work with DEVOPS team to integrate Security in their Lifecycle.
• Work on Code review, SCA and develop plans to proactively reduce vulnerability

• Bachelor\xe2\x80\x99s degree in Engineering, Computer science or equivalent
• 4-6 years of experience Application Security and Code review
• Possess information security related certification/s such as OSCP, LPT , GIAC, CEH would be an advantage or any industry certifications relevant to the profile
• Knowledge of Tools such as checkMarx, fortify, Acunetix, Webinspect, qualys.
• Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB)
• Must possess excellent written and verbal communication skills.
• Hands-on experience with performing vulnerability assessments.
• Competency with network security and information security concepts and technologies.
• Excellent communication skills in the following areas: verbal, grammar, diction, articulation of ideas and general business knowledge.
• Requires high initiative and ability to work independently and according to strict schedules.