Job Description

Eviden, part of the Atos Group, with an annual revenue of circa \xe2\x82\xac 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.ASSOCIATE MANAGER-Application Security Testing & Code ReviewExperience - 5 -9 yearsLocation: Mumbai /BangaloreJob Responsibilities:\xef\x83\xbc The candidate is expected to execute and manage multiple complex and enterprise application security testing projects.\xef\x83\xbc The candidate is expected to complete projects on time, coordinate with client stakeholders for issues and challenges, track delays, etc.\xef\x83\xbc The candidate is expected to gain in-depth knowledge and has executed complex Application Security Code Review projects for different types of applications including mobile, web services, web apps and thick-client developed in various languages (i.e. Java, ASP.NET, ReactJS, etc.)\xef\x83\xbc The candidate will be involved in application architecture understanding, threat identification, vulnerability identification and control analysis.\xef\x83\xbc The candidate is expected to identify and infer the business risk posed by vulnerabilities identified and showcase prioritization of risks including solution recommendations.\xef\x83\xbc The candidate is expected to engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure and post project support perspectives. \xef\x83\xbc The candidate is expected to mentor and train junior resources with focus on enhancing their skill sets\xef\x83\xbc The candidate is expected to monitor their team members\' adherence to established security testing processes and organization's policies and procedures.\xef\x83\xbc The candidate is expected to conduct project reviews to ensure a thorough testing is conducted by the team.\xef\x83\xbc The candidate is expected to perform technical reviews to identify errors and suggest changes to ensure highest quality of the deliverables.\xef\x83\xbc The candidate is expected to identify new test cases and develop techniques to test and showcase proof of concept.\xef\x83\xbc The candidate is expected to track errors made by the engineers and develop an improvement plan for them.\xef\x83\xbc The candidate should be open for onsite deployments anywhere across the world as business demands.Required skill set: 6+ years of Application Security Testing Experience\xef\x83\xbc Expertise in application security testing- Secure Code Review, Web, Mobile, web services, thick-client\xef\x83\xbc Experience with J2EE (servlet/JSP) and/or .NET (C#/VB.Net and ASP.NET) with different frameworks (Struts, Spring, MVC, .NET) and understanding of AJAX and web services .\xef\x83\xbc Any CyberSecurity related certification and Developer Certifications (examples include SCWCD, SCJP, SCJD, SCJA, MCSD, etc.)\xef\x83\xbc Experience in application architecture review. \xef\x83\xbc Ability to handle difficult situations and to provide alternative solutions or workarounds.\xef\x83\xbc Experience in training and mentoring other team members .. \xef\x83\xbc Good verbal and written communication skills with the ability to talk to both business teams and technical teams. Preferred skill set:\xef\x83\xbc Experience with Source Code Review and application security testing.\xef\x83\xbc Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.)\xef\x83\xbc Flexible and creative in helping to find acceptable solutions for customers .\xef\x83\xbc Ability to work on multiple complex assignments simultaneously .\xef\x83\xbc Ability to work independently with minimal oversight and in teams.\xef\x83\xbc Experience with leading and guiding a team of security engineers .\xef\x83\xbc Additional knowledge of risk assessment methodologies and frameworks and how to apply them to diverse applications.\xef\x83\xbc Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc.#EvidenLet's grow together.

Atos