3+ Qualys Jobs in Mumbai | Qualys Job openings in Mumbai

Experience: 6-8 years & 10+ years

• OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
• OWASP TOP 10 vulnerabilities and their mitigations
• Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
• Understand/modify exploit code and find logical security flaws in applications
• Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
• To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.

Role & Responsibilities:

• Plan and execute Security Assessment Strategy
• Proactively implement security measures
• Implement tools to Monitor and Report Security violations
• Govern security specification guidelines adherence across product and organization

 

Skills & Qualification:

• IIT, BE or B Tech
• 4+ years of relevant work experience
• Expert in Application Information Security, VAPT
• Proficient using tools like BURP, NMAP, KALI etc.
• Good understanding of web technologies, APIs and mobile app development practices
• CEH certification preferred

Overall purpose of the job - This role would be responsible for identifying and implementing mitigations, practices and controls ensuring adequate application and infrastructure security posture is maintained all at times Key Performance Areas - • Good at application threat modeling and applications risk identification & remediation • Strong web application security experience with thorough understanding of web application vulnerabilities • Knowledge of database, application, and web server design and implementation • Familiarity with Security standards \ frameworks and groups (OWASP, OSSTM, WASC, FISMA) • Experience in dynamic and static application vulnerability scanners like HP WebIspenct, IBM AppScan, HP Fortify, etc • Create, implement & review data protection strategy across the organization. • Experience in client handling including interaction with developers for understanding the mitigations • Experience on Mobility Platform like Phone-Gap \ native Android \ Worklite and MDM /MAM • Knowledge of DevOps and other upcoming technologies used in SDLC • Experience in manual verification of false positives reported by automated tool • Devise and enforce standards and best practices for data protection in line with international standards and industry best practices. • Evaluate the adequacy of security measures including network security to protect organizational data and information assets • Define and implement project as per approved Plan of action. • Identify security solutions as per business needs • Manage POC for agreed and approved solutions as per defined process • Conduct partner reviews • Coordinate with vendors / partners on closure of projects / activities • Manage intra and inter department conflict amicably • Benchmark and compare security practices with the industry • Implementation, operation and maintenance of the Information Security Management System based on standards like ISO/IEC 27001, Cobit, ITIL etc as applicable. • Information security risk assessments and controls selection activities • Track all audit schedules and ensure closure of all security gaps. • Reporting of all critical security issues • Co-ordinate for Risk Assessment of IT systems and Third Party workloads • Facilitate Internal process and IT audits • Software license compliance at all times • Implement tools and processes related to compliance monitoring as per internal security policies and applicable laws and regulations • Facilitate and drive initiatives of Internal Audits for Information Technology and update on Closure and Identified Risk to the Management • Review of Third Party applications / systems and network security on monthly basis • Adherence To Change Management Processes