Application Security Auditor
This position is closed as on 2019-02-15
Reporting Structure
Reports to Sr. Manager - Systems Audit
This position is closed as on 2019-02-15
Reports to Sr. Manager - Systems Audit
Graduate in Computer Science or B. Tech or BCA
Information technology / Financial services
5 + years of experience in Audits and Risk assessment services of web and client based applications
Must have experience in conducting risk assessment of business and support applications
At least 2 years of experience in mobile applications assessment/audits in a medium to large enterprise
Must have hands-on experience in evaluating OWASP security practices for applications
Must have experience in Coding and application development
Strong knowledge of programming languages for application and mobile
Experience in carrying out code review and black/grey/white box testing is a plus
Excellent written, oral communication and presentation skills
Excellent organizational, communication and interpersonal skills
Ability to work independently or as part of a team
Developing project plans, work programs, evaluating system controls, documenting results, making recommendations, and communicating information to stakeholders
Conduct Audit of the web, mobile and client based applications- internal and those exposed to the Internet
Audit of application design components, User Access Control, Website communication, application layer, interfaces to databases etc
Audit change management, patch management, incident management, backup management
Audit the development practises (S-SDLC) and coding practises
Develop and maintain audit checklist and documents
Review the Vulnerability assessment and penetration test reports for effectiveness
Research public domain to keep up to date knowledge on latest Application Security threats and vulnerabilities
MCSD
Certification in Mobile application Security testing
CISA
Oracle certified, Java certifications