12 eClinicalWorks Jobs
Application Security Analyst || Mumbai - Andheri
eClinicalWorks
posted 17d ago
Fixed timing
Key skills for the job
Position Overview
The Security Analyst is expected to perform vulnerability assessment, security analysis, penetrationtesting, code review of the product/modules and report the findings in defect tracking tool. It also includes but not limited to re analyze the findings and work with developers for the fixes.
Job Functions/Responsibilities
1) Manual Testing:
• Perform threat modelling
• Perform architectural analysis
• Perform logical security assessment
• Monitor third party and internal APIs, SDK and libraries are up to date.
• Generate assessment report
• Report your findings as per severity
• Participate in secure SDLC by reviewing functional and design documents.
• Perform manual and automated code reviews by using IAST, SAST and DAST tools.
2) Automation testing:
• To use automated scanning tools
• Review false positives and true positives
• Generate assessment report
• Report your findings as per severity
• Analyze reports from interactive source code review tool for false positives and include it in the report.
3) Analysis and reporting:
• Create detailed assessment report as per eClinicalWorks standard.
• Report issues as per severity
• Review, analyze external pen test report.
• Follow up and review the fixes
4) Ad hoc request :
• Work on Ad hoc request related to application security. • Conduct pen. Test, Design reviews as
per the request
• Participate in release management by periodically assessing builds and patches as required by
QA and RM teams.
• Work with Cross functional teams like Architect, Engineering, QA, DevOps, support,
implementation and customers to meet security requirements as required by business need
based on various assessment, events and incidents.
• Work with 3rd party vendors to provide them support required for penetration testing.
5) Trainings and knowledge transfer :
• Conduct periodic security awareness training as per the requirement bases on global standards
Education Requirements :
• Bachelors Degree required; Masters Degree, BSCIT, MSCIT, any IT or Computer Graduate
• Preferred CEH, OSCP or any other security related certification.
Experience Requirements:
• 3 years of relevant experience in Web Application Security
Other Skills/Abilities
• Strong team player
• Interpersonal Skills
• Good communication
• Active listening
• Believes in team work over individual contributions
• Articulation of thoughts
• Able to express view assertively
• Ownership and accountability
• Passion
• Integrity
• Team work
Competencies:
• Understanding of OWASP Top 10, SANS Top 25 and WASC, NIST.
• Black Box, Grey Box security assessment of web application, Mobile application.
• Experience of identification and mitigation of vulnerabilities
• Good knowledge of TCP/IP and other application and network level protocols.
• Security in SDLC (Application Security)
Employment Type: Full Time, Permanent
Read full job descriptionPrepare for Application Security Analyst roles with real interview advice
3-8 Yrs
₹ 8 - 9.5L/yr
Mumbai, Mumbai Suburban, Mumbai