Idexcel Technologies - Secure SDL Specialist (7-8 yrs)

We are seeking an experienced Secure SDL Specialist to ensure adherence to secure software development practices throughout all phases of product and project lifecycles.

Key Responsibilities :

- Ensure compliance with the Secure Software Development Lifecycle (Secure SDL) during design, development, testing, debugging, delivery, and support phases.

- Apply data protection and privacy principles (e.g., GDPR) in product development and delivery.

- Collaborate with product and solution teams to manage software security risks aligned with business goals.

- Support external and internal audits/certifications (e.g., ISO 27001, SOC2 Type 1/2).

- Perform threat modeling and integrate it into the secure SDLC process.

- Conduct penetration testing for web applications, APIs, web services, mobile apps, and thick clients (cloud and on-premises).

- Utilize Static and Dynamic Security Scan tools (e.g., Checkmarx, Fortify, Burp Suite, WebInspect).

- Perform Open Source Security Code scans using tools like WhiteSource and Blackduck.

- Maintain up-to-date knowledge of industry best practices for secure software development and incident response.

Skills & Qualifications :

- Strong understanding of OWASP Top 10 and related security methodologies.

- Hands-on experience with security testing and vulnerability assessment tools.

- Knowledge of secure coding practices and data privacy regulations.

- Experience in threat modeling and risk assessment.

- Proven ability to support audits and maintain certifications in security standards.

This role requires a proactive individual with a strong background in secure software development, testing, and risk management.