IN_Senior Associate_Source Code Review_MS Engineering_Advisory_Gurgaon
IN_Senior Associate_Source Code Review_MS Engineering_Advisory_Gurgaon
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
MicrosoftManagement Level
Senior AssociateJob Description & Summary
At PwC our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities develop secure systems and provide proactive solutions to safeguard sensitive data.As a cybersecurity generalist at PwC you will focus on providing comprehensive security solutions and experience across various domains maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.
*Why PWC
At PwC you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work powered by technology in an environment that drives innovation will enable you to make a tangible impact in the real world. We reward your contributions support your wellbeing and offer inclusive benefits flexibility programmes and mentorship that will help you thrive in work and life. Together we grow learn care collaborate and create a future of infinite experiences foreach other. Learn more about us.
At PwC we believe in providing equal employment opportunities without any discrimination on the grounds of gender ethnic background age disability marital status sexual orientation pregnancy gender identity or expression religion or other beliefs perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this we have zero tolerance for any discrimination and harassment based on the above considerations.
Job Description & Summary: We are looking for experienced members with: *strong analytical and problem-solving abilities *willingness and to learn new technologies and adapt to changing project requirements *ability to prioritize tasks and manage time effectively to meet deadlines *good verbal and written communication skills *ability to work collaboratively in a team setting
Responsibilities:
1. Review application source code based on the industry standard security frameworks and organizations internal security policy. 2. Running the source code scan and analyzing the results derived from the SAST platform. 3. Coordinate with application development teams to ensure identified gaps are fixed in proper time. 4. Work with the application development team to eliminate false positives to clarify compensating security controls. 5. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. 6. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. 7. Work closely with other team members including project leads regional leads and territory security leadership team. 8. Provide regular updates on progress and issues to project managers and stakeholders
Mandatory skill sets:
1. Strong knowledge of secure coding practices and common security vulnerabilities (e.g. OWASP Top 10). 2. Strong knowledge of Industry standard SAST tools (e.g. Veracode Fortify on Demand). 3. Strong knowledge of Industry standard SCA tools (e.g. Blackduck). 4. Strong knowledge in manual and tool-based code review process focusing on OWASP methodology. 5. Strong Knowledge of security vulnerability identification and remediation methodologies. 6. Familiarity with industry standard security frameworks and policies.
7. Strong knowledge of DevSecOps practices and integration of security within CI/CD pipelines.
Preferred skill sets:
Desirable Skills: 1. CEH CISM CCSK
Years of experience required:
5-7 yrs
Education qualification:
BTech/BE/MTech from reputed institution/university as per the hiring norms
Education (if blank degree and/or field of study not specified)
Degrees/Field of Study required: Bachelor of Technology Master of EngineeringDegrees/Field of Study preferred:Certifications (if blank certifications not specified)
Required Skills
Static Application Security Testing (SAST)Optional Skills
Accepting Feedback Accepting Feedback Active Listening Agile Methodology Analytical Thinking Azure Data Factory Communication Creativity Cybersecurity Cybersecurity Framework Cybersecurity Policy Cybersecurity Requirements Cybersecurity Strategy Embracing Change Emotional Regulation Empathy Encryption Technologies Inclusion Intellectual Curiosity Learning Agility Managed Services Optimism Privacy Compliance Regulatory Response Security Architecture 8 moreDesired Languages (If blank desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship
NoGovernment Clearance Required
NoJob Posting End Date
Required Experience:
Senior IC
Employment Type
Full-Time
