7 to 8 years of experience in the field of Information security with expertise in designing, Architecture, Assessment, Implementation to secure Enterprise platforms.
Skills
• 5 to 8 years’ experience with Application Security Architect and/or Engineering.
• 5 to 8 years’ prior experience on Application security assessment or Penetration testing with responsibilities of communicating application weakness and vulnerabilities to Dev ops & application team.
• 5 to 8 years’ experience in securing public SaaS cloud deployments.
• 5 to 8 years’ experience securing IaaS/PaaS public/private cloud such as AWS, AZURE or DevOps environments.
• In depth understanding of Secure Development Lifecycle (SDL)process including performing risk assessments on various stages of SDLC.
• Understanding of communications, interfaces, database technologies, real-time data processing, cybersecurity, visualization, and application frameworks.
• Strong experience with Directories, SSO, Federation, IAM, API gateways, SAML technologies.
• Experience of security hardening techniques and policy development aligned to Cloud Security standards (e.g. CSA Cloud Control Matrix, CSI, OWASP).
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML etc).
• In depth understanding of secure engineering principles of mobile apps as well as web-based applications.
• Experience working with cloud security and governance tools such as cloud access security brokers (CASBs) technologies.
• Prior experience in implementing & managing SIEM & other security operation tools such as Antivirus/EDR, firewalls, VPN tools, Email security, WAF, Access control, IPS, load balancers, scanning tools etc.
• Proven background in Security and/or delivering Security solutions