Lead - CSRA

Mumbai, Maharashtra, India

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Senior-level / Expert USD 28K - 67K * ^est.

Weekday

At Weekday, we help companies hire engineers who are vouched by other software engineers. We are enabling engineers to earn passive income by leveraging & monetizing the unused information in their head about the best people they have worked...

View all jobs at Weekday

Apply now Apply later

Posted 11 hours ago

This role is for one of Weekday’s clients
Salary range: Rs 2000000 - Rs 2800000 (ie INR 20-28 LPA)
Min Experience: 6 years
Location: Mumbai
JobType: full-time

Requirements

About the role

A minimum experienceof 6-8 years in IT Services and Security Management with relevant 5 years in information / cyber security risk assessment or management or security risk advisory consulting experience
Minimum 4 years of experience in web application/API/ mobile application development
In depth understanding of OWASP & CWE application / API. Mobile security vulnerabilities
Hands-on experience in implementingapplication security controlsas per NIST, OWASP.
Perform Threat Modelling of application considering internal and external risk factors.
Good hold in API and microservices security
Ability to identify risk and threats based on overall environment and platform of application.
Detail understanding of web, app, middleware,and database security.
Excellentoral and writtencommunication skills preferred having customer or stakeholder interaction exposure.
Must be able to articulate risk observation in detail and simple understandable language
Perform application & mobile security risk assessment as per best industry standards (NIST, ISO)
Develop threat model as per the application applicability and business environment.
Share knowledge with other team members, provide inputs to provide quality risk reports.
Ensure risk tracker is kept updated for assessment performed.
Should be able to analyze risk for changes performed in application and recommend best practices.
Communicate effectively withproject managers, app owner and stakeholders.
Advises management of critical issues that may affect the risk posture in application.
Generate innovative ideas for achieving the objectives.
Demonstrate skills with upgrading knowledge quickly for latest platform level security such as for Kubernetes, OpenShift, microservices architecture security best practices.
Preferred Certifications CRISC/ CISSP/ OSCP/ CSSLP