Job Description

The CompanyEgon Zehnder ( ) is the worlds preeminent leadership advisory firm, inspiring leaders to navigate complex questions with human answers. We have more than 560 consultants who bring together vast industry experience and diverse insight, operating globally through 63 offices in 36 countries spanning across Europe, the Americas, Asia Pacific, the Middle East, and Africa. We believe that together we can transform people, organizations, and the world through leadership. Our clients range from the largest corporations to emerging growth companies, government and regulatory bodies, and major educational and cultural institutions. We collaborate as One Firm across industries and geographies, leveraging strengths of every colleague and operate as a private partnership independent of any outside interests.Knowledge Centre India (KCI)Knowledge Center India (KCI) is the central engine that drives the operational value for the firm. Established in 2004, KCI has evolved over the years from purely operational efficiencies into more value-added service offerings, becoming a true business partner. There are various teams based at KCI that work with Global Offices, Practice Groups, and the Management across all aspects of the firm's business life cycle. With a headcount of more than 500, the center has 5 core teams working including Experts, Research Operations, Visual Solutions, Projects/CV Capture and Digital IT, working round the clock on many mission critical elements.Who we are!We are part of Digital-IT team established 14 years ago in Gurgaon, India to provide technology support and rollout digital initiatives to 60 plus global offices. Digital IT has six key pillars - Collaboration Technology; Functional Technology; Digital Technology; Security & Architecture; Infrastructure & Services, Digital Success to support business and to take lead on digital transformation initiatives with the total strength of 150+ team members across the globe.RequirementsBe a part of the Application Security team under the CyberSecurity organization as an Application Security Analyst and work closely with the Application Development, Database Security and CloudDevOps team to ensure that any software developed or acquired meets the stringent standards while enabling rapid innovation to meet our firm and clients everchanging needs. Successful candidates will be security evangelists who can translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors. Candidates must be able to approach application security from the perspective of risk management and avoid purely academic thinking about software security.Conduct complex compromise analysis and work with resolver groups to ensure the timely mitigation of security events. Perform forensic investigations. Identify and assess threat intelligence sources recommending relevant requisite actions, gaining agreement, and facilitating implementation. Conduct security assessments and Threat modelling including penetration testing and vulnerability assessments. Experience: 5+ years of relevant experience Should be willing to support and be available during non-working hours in case of emergencyResponsibilitiesWhat will you do?

• Improving and maintaining secure development standards

• Integrating security tools, standards, and processes into the product life cycle (PLC)

• Integrating threat modeling practices into the product life cycle.

• Ensuring that developers and QA personnel are updated with the appropriate level of security knowledge to perform their daily activities.

• Improving and supporting application security tool deployments including SAST, DAST, SCA etc.

• Supporting the incident response and architecture review processes

• Managing and collaborating in the annual 3rd party vulnerability & penetration testing services

• Provide manual penetration testing and standards gap analysis of the Digital environment including SaaS applications.

• Manage application framework and security improvement & optimization related projects.

• Supporting Vendor Security activities to ensure 3rd0party software and development meets EgonZehnder security standards.

• Producing metrics reporting the state of application security programs

Skills:

• Prior work experience in application security
• Should have exposure on Cloud and DevSecOps
• Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models.
• Familiarity with a variety of development and testing tools like BurpSuite, Invicti (or Netsparker), Postman or similar
• Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience and discuss effective defensive techniques.
• Familiarity with industry standards and regulations including PCI, FFIEC, SOX, and ISO27001 is desired.
• Candidates must have excellent verbal and written communication skills.

Good to have:

• Knowledge of Microsoft Sentinel as SIEM
• Experience: At least 6 years of relevant experience
• Should be willing to support and be available during non-working hours in case of emergency situations.

BenefitsBenefits which make us uniqueAt EZ, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Egon Zehnder can mean for you!Benefits Highlights:

• 5 Days working in a Fast-paced work environment.
• Work directly with the senior management team
• Reward and Recognition
• Employee friendly policies
• Personal development and training
• Health Benefits, Accident Insurance

Potential Growth for you!We will nurture your talent in an inclusive culture that values diversity. You will be doing regular catchups with your manager who will act as your career coach and guide you in your career goals and aspirations.LocationThe position is based at Egon Zehnders KCI office in Gurgaon, Plot no. 29, Institutional Area Sector 32EZ Commitment to Diversity & InclusionEgon Zehnder aims for a diverse workplace and strives to continuously lead with our firm values. We respect personal values of every individual irrespective of race, national or social origin, gender, religion, political or other opinion, disability, age and sexual orientation as warranted by basic rights enshrined in the UN Declaration of Human Rights. We believe diversity of our firm is central to the success and enables us to deliver better solutions for our clients. We are committed to creating an inclusive environment and supportive work environment, where everyone feels comfortable to be themselves and treated with dignity and respect and there is no unlawful discrimination related to employment, recruitment, training, promotion, or remuneration.Egon Zehnder is an Equal Opportunity EmployerEgon Zehnder provides equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, disability, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.

Egon Zehnder