Orange Business Services Hiring for System Software Engineer at India, India Full Time

Job Description

Responsibilities Secures enterprise information by determining security requirements; planning, implementing and testing security systems; preparing security standards, policies, and procedures, Provide support for security incidents, Plan and execute security updates.
Skill Profile Strong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc.

about you

• Experience in manual application penetration testing of thick client applications, mobile applications, web services, APIs etc.
• Thorough understanding of common web technologies like .NET, PHP, Java, XML, SAML, SOA, SOAP, web services etc. and protocols including HTTP(S), DNS, FTP, SSH etc.
• Had performed web/mobile application penetration testing on platforms.
• Should have knowledge on Risk Rating Standards like DREAD, CVSS with good understanding of web application architecture and Secure development life cycle(SDLC).
• Experience in threat modeling, risk analysis and automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burpsuite Pro, etc) is desirable.
• Preparing audit reports and findings tracker sheets for each application in the provided template.
• Communicate with customer teams to explain and demonstrate vulnerabilities to application/system owners, and assist with the mitigation of the identified vulnerabilities.
• Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as the organization.
• Working experience on Cloud Security is mandatory.
• Develop, maintain and support Security tools for the product

additional information

same as above

department

Hosted Staff-WIN & INNOV

contract

Regular