Toggle navigation

  • Information Security Analyst

Industry Insurance
Location Maharashtra Pune
Experience Range 3 - 8 Years
Qualification (B.Tech)
Expired

Functional IT Software-Other
Job Description
About Us
“Quess IT Staffing is India’s largest IT staffing company with over 20 years of experience in staffing IT professionals in 300+ companies across levels and skillsets. Our 10,000+ associates deployed in 80+ cities and towns are proficient in over 500 technological skills. Our associates help enable cutting edge solutions some of the biggest names across industried. Quess IT Staffing is a division of Quess Corp Limited, India’s leading business services provider and largest domestic private sector employer. Quess Corp Limited is - ‘A Great Place to Work’ certified – a testament to our excellent culture, people, and processes.”
About Company
https://itstaffing.quesscorp.com/
Roles and Responsibility

Job Title: Information Security Analyst

Experience:  3 to 8 years

Notice period: Immediate to 15 days

Location: Pune

JD:

·       As an Information Security Analyst, candidate must focus on identifying and assessing vulnerabilities in software systems, Networks and mobile based application.

·       The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments.

·       Experience to work closely with Application Developers/architects to track the security defects to closure

·       The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks.

·       To actively contribute to the Vulnerability management efforts of the organization via developer query resolution on vulnerabilities and defect tracking to closure.

·       Well versed with OWASP  Top Ten and WASC Threat Classifications

·       Expertise in Vulnerability Assessment and Penetration Testing of Web Applications

·       BusinessLogic based application testing

·       Penetration testing of Mobile applications and websites.

·       Exploitation of the issues found and presenting the impact occurred

·       Source Code Reviews - Well versed in Java Secure Code Review

·       Expertise in Automated Scanning using CheckMarx and Fortify

·       Well versed with OWASP Code Review concepts & identifiers

·       Familiar with popular tools:

·       Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark

·       Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider

·       Exploit Toolkits: Metasploit, Exploit DB etc.

 

Requirements:

·       Understanding of the nature and sources of security vulnerabilities, how to identify and exploit them

·       Strong expertise in security technologies and significant experiences in information technology focusing on security related vulnerabilities

·       Good to have programming experience in Java, shell scripting, Perl, or Python

·       Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks.

·       Application Security Testing/Penetration Testing (Web based, Thick client, web services, Mobile) - Must

·       Network Security Testing/Penetration Testing (Network, OS, Databases etc.)

·       Static Code Analysis/ Secure Code Review - Must

·       Security defect Tracking and working closely with Developers to fix the issue

·       Bachelors or higher degree in Computer Science or equivalent experience

 

A+| A| A-
Job By Location
Job By Function
Jobs By Industry
Jobs By Skills
Jobs by business vertical
Social Network