S&P Global jobs - Application Security Engineer

Application Security Engineer

S&P Global
experience 0 to3 Years
salary Salary not disclosed
qualification
Read More...
Job is expired
Be the first to apply
Posted: 4 Years ago
Views:
Applications:
Openings: 1

Job Description

S&P Global Corporate

The Role: Application Security Engineer

Grade: 10

The Location: Hyderabad-Skyview

The Team

The Application security team is responsible to protect applications & product within the company which are built to empower the markets, the responsibility includes the team to protect from bad actors & making sure security hygiene is encompassed in the software development

The Impact

This role would be responsible for running Static & dynamic scans with in the SDLC, resource would also be responsible for working with developers to remediate the findings, provide fix recommendations, train the developers to implement secure coding practices, Code and Automate deployment of various tools in CI/CD

What’s In It For You

S&P’s environment gives a greater exposure to cutting edge technologies which the applicant could benefit for career progression the work environment is very flexible. The person in this role will also lead in securely building the application, deployment, and operations of all of our systems.

Responsibilities
  • Refine and drive widespread adoption of our secure development lifecycle process
  • Build partnerships with other development teams, be a source of expertise in security best practices
  • Architect tooling solutions evaluate them, deploy and work with developers to integrate them
  • Perform hands on assessments by reviewing code, identifying issues & providing recommendations to fix them
  • Develop and deliver engaging and memorable security trainings
  • lead enterprise wide penetration tests
  • Provide detailed guidance and support to teams in application vulnerability remediation
  • Build out secure API’s by partnering with developers and make sure the utilization is baked into development cadence
  • Provide application security guidance on cloud environments as well as non-cloud environments
  • Communicate relevant metrics and trends to the technology leadership team.
  • Ensure stakeholder satisfaction
  • Code and Automate deployment of various tools in CI/CD using Ansible

Basic Qualifications

What We’re Looking For:

4+ years of Experience in Application security

1+ years of Experience in Development [ Java, .Net, Python, Powershell]

Seeking a motivated and collaborative application security lead to help us implement secure development lifecycle program. This role requires interpersonal skills as well as a deep and broad understanding of S&P’s overall business strategy, overall architecture and products. The individual must be technical and collaborative with an ability to influence Architects & Developers to build security into the Software Development Lifecycle.
  • Generalists who love learning new things and concocting creative security solutions for novel and risky functionality
  • 4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and threat modeling
  • 1+ years experience in conducting mobile pentest’s & assessments
  • Experience with static code analysis tools (Fortify)
  • Experience with Dynamic analysis tools (WebInspect)
  • Experience with Software Composition Analysis (Whitesource)
  • Experience using Xcode, MobSF, Charles, Genymotion , other mobile pentesting tools
  • Deep understanding of common web application attacks

Preferred Qualifications

  • Experience & ability to run
    • Dynamic vulnerability assessments (DVA)
    • Static vulnerability assessments (SVA) – Code reviews
    • Software composition analysis (SCA)
    • Mobile vulnerability Assessments (MVA) – IOS & Android
    • Penetration Tests
    • Training & Empowering Developers on Security principles & coding practices
    • Define security in design requirements in software development & work with developers to bake it in the design
    • Perform hands on Application Security assessments using commercial & open source tools
    • Configure scans & establish baseline scans using Fortify/Webinspect
    • Vulnerability Research & Discovery.
    • Work with the Development team to provide recommendations & build maturity levels to enable self service

    Good To Have Working Knowledge On The Below Tools/Platforms
    • HP Webinspect, HP Fortify, Kali Linux, Burp suite pro, Charles proxy, Dex 2 jar, Azure Devops, Jenkins, Ansible, Genymotion, Whitesource, Twistlock, Threat modeler, wireshark, tcpdump, ZAP. 

    Job Particulars

    Role 
    Education BCA, BE/B.Tech, Other Course
    Who can apply Freshers and Experienced (0 to3 Years )
    Hiring Process Face to Face Interview
    Employment Type Apprenticeship
    Job Id 514195
    State Telangana
    Country India

    About Company

    S&P Global
    Active Jobs By Role
    safety tipsSafety Tips
    Teamlease does not charge any kind of payment for a job.
    get job tipsHow to get a Job early? Follow these tips

    1.The more the Jobs you apply, the higher your chances of getting a job.

    2. Keep your profile updated Update

    Recruiters prefer candidates with complete profile information.

    3. Keep visiting the Teamlease.com daily

    Daily visit will ensure you won’t miss out on any Job opportunity.

    4. Watch videos to improve Watch videos

    Be a better candidate than others by watching these Job-related videos.

    Search Blue Collar Jobs Online India - Best Recruitment Portal | Teamlease