Application Security Testing & Code review

Eviden, part of the Atos Group, with an annual revenue of circa 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

ASSOCIATE MANAGER-Application Security Testing Code Review

Experience - 5 -9 years

Location: Mumbai /Bangalore

Job Responsibilities:

The candidate is expected to execute and manage multiple complex and enterprise application security testing projects.

The candidate is expected to complete projects on time, coordinate with client stakeholders for issues and challenges, track delays, etc.

The candidate is expected to gain in-depth knowledge and has executed complex Application Security Code Review projects for different types of applications including mobile, web services, web apps and thick-client developed in various languages (i.e. Java, ASP.NET, ReactJS, etc.)

The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis.

The candidate is expected to identify and infer the business risk posed by vulnerabilities identified and showcase prioritization of risks including solution recommendations.

The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure and post project support perspectives. The candidate is expected to mentor and train junior resources with focus on enhancing their skill sets

The candidate is expected to monitor their team members adherence to established security testing processes and organization s policies and procedures.

The candidate is expected to conduct project reviews to ensure a thorough testing is conducted by the team.

The candidate is expected to perform technical reviews to identify errors and suggest changes to ensure highest quality of the deliverables.

The candidate is expected to identify new test cases and develop techniques to test and showcase proof of concept.

The candidate is expected to track errors made by the engineers and develop an improvement plan for them.

The candidate should be open for onsite deployments anywhere across the world as business demands.

Required skill set: 6+ years of Application Security Testing Experience

Expertise in application security testing- Secure Code Review, Web, Mobile, web services, thick-client

Experience with J2EE (servlet/JSP) and/or .NET (C#/VB.Net and ASP.NET) with different frameworks (Struts, Spring, MVC, .NET) and understanding of AJAX and web services .

Any CyberSecurity related certification and Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.)

Experience in application architecture review. Ability to handle difficult situations and to provide alternative solutions or workarounds.

Experience in training and mentoring other team members .

. Good verbal and written communication skills with the ability to talk to both business teams and technical teams. Preferred skill set:

Experience with Source Code Review and application security testing.

Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)

Flexible and creative in helping to find acceptable solutions for customers .

Ability to work on multiple complex assignments simultaneously .

Ability to work independently with minimal oversight and in teams.

Experience with leading and guiding a team of security engineers .

Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.

Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.

#Eviden

Let s grow together.