Loading...
Share this Job
Job Position ID:  2221

Security Consultant

msg global solutions India Pvt Ltd.
Location: 

Bangalore, IN

Employment Type:  Full Time

msg global is a consulting and system integration company focusing on the insurance business. We are looking for a Security Consultant who have knowledge in Advanced security and crypto knowledge

 

What will you do?

  • Perform security testing of applications early in the software development lifecycle, leveraging DAST and SAST, and assess applications against security and compliance best practices, policies.
  • Manage the security components of continuous integration and delivery software pipeline to ensure security testing is performed throughout the CI/CD pipeline.
  • Automate security controls testing within CI/CD pipelines that package, test, and deploy infrastructure and containerized applications.
  • Design and implement threat modeling processes to determine the controls needed for a given application within the software development lifecycle.
  • Provide SME guidance in assessing cloud infrastructure to address findings resulting from design reviews, threat modeling, and SAST and DAST testing.
  • Perform vulnerability assessment, pen testing, and communicate findings and drive forward risk remediation efforts.
  • Contribute to the decisions being made that impact the  cloud implementations, direction, and cloud security posture.
  • Perform technical security configuration assessments of cloud platforms such as Microsoft Azure
  • Design and implement security risk metrics monitoring to report on threats and the security posture;
  • define data reporting metrics to drive forward continuous security improvements, including gate checks and integrated view of projects in the pipeline.
  • implement secure coding practice in Spring boot application.

 

What experiences you should have?

  • B.E., B.Tech. or MCA from a reputable College or University
  • 5-10 years of experience as a Appication Security Expert or similar role
  • Strong knowledge of security frameworks (OWASP, SANS CWE), secure coding practices, information security principles & architecture.
  • Firm understanding of all issues on the OWASP Top 10
  • Must have Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modelling, Security Code Review
  • Must have Knowledge of most common implementations of the Threats in application security(e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS)
  • Familiarity with existing Security Standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria) and what does it mean to implement compliance with them.
  • Experience in PKI/Cryptography
  • Must have knowledge in Certificates and certificates chains.
  • Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols.
  • Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention,
  • Must have knowledge in Development knowledge in Java and Spring boot applications.

 

 Will be considered as an advantage:

  • AZ-500 Microsoft Azure Security Technologies Certification

 

What do we offer? 

  • A challenging and multi-cultural working environment with experienced teams
  • Highly competitive compensation packages including incentive payment and private medical insurance
  • International exposure, internal and external training to help you further develop your talents
  • A team in which the core values are collaboration thought leadership and entrepreneurship

About msg global solutions

msg global solutions is a systems integrator, software development partner and managed services provider focused on SAP solutions for accounting, finance, regulatory reporting, performance management, customer experience and IoT. Operating from offices across the globe and growing, our expert teams help clients achieve operational efficiency and improve decision-making capabilities. While the heart of our expertise is in the financial services sector, our solutions are utilized in a wide range of industries.