25743- Application Security L3 (5.1-7 years)-Information Security-Bangalore

Position Description:

Responsibilities




Direct Responsibilities

Strong expertise in application security concepts and activities like Source Code Review (SAST) & Dynamic application vulnerability scanning (DAST).
Good understanding of Information Security concepts and strategies.
Knowledge of Secure Development methodologies and frameworks.
Hands-on experience in penetration testing and tools like Apisan WebInspect Fortify AppSpider BurpSuite Qualys Checkmarx Coverity
Well-versed in conducting Security Review Assessments and providing recommendations.
Knowledge of OWASP SANS standards.
Executing IT risk assessment reviews identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans.
Engaging with organization wide risk and control groups including internal audit and territory control teams.
Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulate appropriate remediation strategies based on a full understanding of business exposure and compensating controls.
Experience in Process Improvement Controls Enhancement and Reporting.
Identifying key risk trends issues and other insights requiring further investigation and following up with Technology as appropriate.
Providing independent expert advice to the IT areas on application & data risk issues.








Contributing Responsibilities

Monitoring and oversight of existing IT risks working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate.
Managing relationships with Business and IT teams chairing periodic meetings and being a point of contact for escalating to wider team members.
Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders.
SPOC for security architecture meetings.





Technical & Behavioral Competencies



- Excellent Interpersonal and presentation skills
- Strong in verbal and written communication
- Ability to liaise with cross-functional stakeholders globally
- Clear understanding of application and data security
- Must be flexible independent self-motivated
- Good analytical skills



Specific Qualifications (if required)



- CEH SSCP OSCP certified.
- Technical Graduate (Computer Science) Preferable.




Skills Referential



Behavioural Skills: (Please select up to four skills)



Ability to collaborate / Teamwork



Communication skills - oral & written



Critical thinking



Decision Making



Transversal Skills: (Please select up to five skills)





Ability to understand explain and support change



Analytical Ability



Ability to set up relevant performance indicators



Ability to develop and adapt a process



Ability to develop others & improve their skills



Education Level:







Bachelor Degree or equivalent




Experience Level

At least 5 years



Other/Specific Qualifications (if required)

Skills:

• Linux
• Shell Script
• Vulnerability Assessment(IAVA)

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.