Conduct periodic application security vulnerability scan on Internet facing websites of CNX to identify critical vulnerabilities, outdated software and vulnerable open-source components.
Conduct manual security assessments and deep-dive analysis to identify vulnerabilities and their public exploitability, clients and corporate critical/sensitive risk exposure.
Collaborate with respective application team / business team and corporate stakeholders.
Guide and support remediation consultation with the respective stakeholders.
Develop compensating/mitigation controls to reduce the risk of exposure by assessing open vulnerabilities that have challenges in remediation due to business and technical dependency.
Prepare detailed reports, metrics, artifacts, and executive summary.
Ensure adherence to client and third-party audit requirements.
Conduct periodic application security vulnerability scan on Internet facing websites of CNX to identify critical vulnerabilities, outdated software and vulnerable open-source components.
Conduct manual security assessments and deep-dive analysis to identify vulnerabilities and their public exploitability, clients and corporate critical/sensitive risk exposure.
Collaborate with respective application team / business team and corporate stakeholders.
Guide and support remediation consultation with the respective stakeholders.
Develop compensating/mitigation controls to reduce the risk of exposure by assessing open vulnerabilities that have challenges in remediation due to business and technical dependency.
Prepare detailed reports, metrics, artifacts, and executive summary.
Ensure adherence to client and third-party audit requirements.
Required Skills/Qualifications
Bachelor’s degree in a relevant field, or an equivalent combination of education and work experience.
Knowledge in understanding various domains such as security architecture, system and network security, authentication and authorization protocols, cryptography, and application security.
Experience with various application security tools including SAST,DAST & Software composition analysis.
Knowledge in current and emerging security technologies, threats and techniques for exploiting security vulnerabilities in the code or application.
Experience in analyzing threats of cloud and application components.
Experience in data security and governance.
Experience in development and scripting languages (Java, Javascript/Typescript, Python, PHP, AI-ML, MERN).
Experience with securing API’s to external entities.
Preferred Qualifications:
5+ years of experience working in IT and/or IT Security in multiple capacities
Experience in OWASP Top 10, CVE/CVSS research and/or bug bounty recognition.
Security certifications such as CSSLP, CISSP, GPEN, ECSA, CEH, CISM, CISA, or equivalent.
Ability to clearly communicate gaps and risks to leadership through verbal dialogue or written communication.
Demonstrable teamwork skills and ability to partner in difficult situations.
Ability to be proactive in a rapidly changing environment.
Sharp analytical abilities and proven design skills.
Competencies:
The ability to multitask, work under pressure and quickly identify and deal with priority matters under tight deadlines. Attention to detail is essential.
The ability to handle multiple inquiries at any one time, often under considerable deadline pressure.
The ability to work both independently and as part of a team.
Location: IND Chennai - Fortune Towers Language Requirements: Time Type: Full time
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.