Lead IT Security Specialist
Website HCN Connect
We have an excellent opening with our client (US based), a leader in Diagnostics Testing, fortune 300 company headquartered in USA, looking to expand operations in INDIA.
Designation – Lead IT Security Specialist
CTC- 6.50 LPA- 11.0 LPA
Experience – 8-12 Yrs
Lead IT Security Specialist – Job Function and Responsibilities:
- Perform penetration testing against products and systems, including mobile devices, servers, web services, and web applications.
- Report vulnerabilities to stakeholders and track remediation progress.
- Produce well-written, detailed reports that describe vulnerabilities/risks and that provide specific remediation guidance.
- Identify, research and evaluate current vulnerabilities, provide remediation and configuration guidance. Collaborate with stakeholders to develop remediation strategies.
- Work with developers to carry out Application Security Verification Standard (ASVS) reviews and document findings.
- Serve as an infrastructure and application security subject matter expert for projects.
- Conduct Threat Modeling exercises to identify objectives and vulnerabilities, and define countermeasures to prevent, or mitigate the effects of, threats to the system.
- Effectively communicate vulnerability details, risks and potential impacts to, application/infrastructure owners, stakeholders, and both onshore and offshore partners.
- Design, implement and support security-focused tools and services.
- May be required to assist periodically with internal investigations, incident response, and other special requests or events.
- Competent to work independently at a high technical level.
- In-depth knowledge and understanding of information risk concepts and principles to ensure relevant business needs have appropriate corresponding security controls.
- Inherent passion for information security and service excellence.
- Ability to demonstrate a clear understanding, at an enterprise level, of application, network, infrastructure, and data security architecture.
- Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment, and meet overall objectives.
- Ability to work under pressure, and manage competing priorities.
- Define and document internal, technical, and service processes and procedures
- BS in Computer Science or equivalent required, MS preferred.
- Experience working with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role).
Experience specific to web application penetration testing, including mobile and web service testing.
- In addition, experience is required in the following areas: threat modeling, application security, penetration testing, vulnerability management, and security consulting for application and/or infrastructure type projects. Experience with industry standard infrastructure and application assessment tools such as, for example, Qualys, Nessus, Burp, Metasploit, Core Impact, and Aspect Contrast. Familiarity with regulatory and industry security frameworks and best practices such as NIST, OWASP, SANS. Additionally, experience in planning, implementing and/or supporting the processes associated with the use of these technologies.
- Strong analytical skills to identify and analyze security requirements and relate them to appropriate security policies, standards and/or controls. Ability to ensure that applications and infrastructure are designed built and maintained in accordance with corporate, IT and Security policies and standards.
- Ensure that technical solutions effectively meet and support business needs. Proven ability to handle and prioritize multiple assignments, often within limited time constraints.
- Ability to interact with company personnel at all levels and across all business units to comprehend business imperatives.A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
- Demonstrated effectiveness with oral and written communications at various levels, both within the organization and with external partners and vendors.
If you find above job opening suitable, kindly apply on email@example.com or can call @7290076457.
Thanks & Regards
To apply for this job email your details to firstname.lastname@example.org