Minimum Required Experience : 8 years
Full Time
Skills
Risk Analysis
Pki
Vulnerability Assessments
Penetration Testing
Oauth 2\.0
White\-Box Testing
Software Composition Analysis
Sast
Cyber Security
Security Architecture
Owasp
Cryptography
Risk Mitigation
Threat Modelling
Dast
Cvss
Fips
Description
8\-10\+ YOE, 1 No
Bangalore – Whitefield \[Hybrid – at least 3 days a week]
ASAP
+ Assess the privacy and cybersecurity state of the product and define product roadmap features/enhancements with stakeholder approval.
+ Responsible for security architecture and coordination of product development for cybersecurity features and enhancements.
+ Assess product components and SBoM are integrated into the product.
+ Perform defect management for cybersecurity issues.
+ Identify operational responsibilities and adherence to cloud standards for cloud\-based products.
+ Responsible for Product and Security Manual and MDS2 documentation.
+ Design input activities to identify, evaluate, roadmap, and drive cybersecurity and privacy features and enhancements within product development programs.
+ Create Design Engineering Privacy and Security (DEPS) artefacts for privacy and security risk assessments to engage in domain\-specific product threat modelling, attack surface analysis, risk management and reduction.
+ Coordinates with the PSL to support the product team in scheduling and performing vulnerability scans and cybersecurity assessments.
+ Lead product Security Technical Design Reviews
+ Along with the product Lead System Designer (LSD), responsible for the Product Cybersecurity Standard compliance and other pertinent standards and processes.
+ Participate in post\-market product vulnerability monitoring.
+ Participate as a Subject Matter Expert to determine product vulnerability impact, investigation, and risk assessment.
+ Responsible for product vulnerability mitigation and design change.
+ Responsible for vulnerability tool updates to ensure accurate customer communication.
+ Address customer and Sales RFP privacy and security feedback/questions.
+ Globally recognized Cyber Security Certifications (Advanced/Expert Level).
+ Firm with knowledge of OWASP, CVSS, FIPS 140\-2/140\-3 and DoD RMF
+ **5\+ years of full\-time information security experience** with emphasis on technical assessment (system/web application vulnerability assessment, penetration testing, white\-box secure code analysis, etc.) and security architecture (design of security controls, secure system design, understanding of identity and authentication management, etc.)
+ The Architect shall be capable of not only finding risks/issues but shall also suggest the best route to remediation, knowing the compensatory controls \& guiding the product team for its closure.
+ Sound understanding of security technologies/techniques like
+ Experience with a range of security tools related to
+ Experience in working in a Product sector environment
+ Knowledge of Cloud Infrastructure \[Platform as a Service]
+ MDS2 documentation
+ Experience in the Healthcare domain.
+ Experience in Micro Services using RESTful frameworks
+ Penetration Testing in Web Applications, Thick Clients, Mobile Applications, REST/SOAP
+ Infrastructure Penetration Testing
+ Experience in Red Teaming Activities (add\-on)
+ Recognition for CVE or Wall\-of\-Fame through Bug\-Bounty (add\-on)
Senior Reactive Java & Spring Boot Engineer
BNP Paribas · Chennai, Tamil Nadu, India
MERN Stack Developer Intern | React, Node & MongoDB Internship
ArGo Intern · India
MERN Stack Developer Intern (MongoDB, Express, React, Node.js)
Skillfied Mentor Jobs · India