Application Security Lead ( GM IT Application Security ) Experience: 7- 10 years Role An Application Security Lead is required to work with the GM IT Application Security team. The role will focus on shaping and implementing best- practice guidelines for securing applications against the following security standards: • Authentication: SAML, Kerberos, Windows, SSO, PKI, other token based etc. • Authorisation : SAML Assertions, LDAP repositories, ad- hoc usage of ADAM , others • Code security : Protecting against OWASP recognised security risks, static source code analysis • Networking/ Messaging Protocols : Web Services (both WS.* and RESTful) , SSL/ TLS handshake, MQ, CFT (file transfer) , others Objectives • Should contribute to the definition of best- practice guidelines prescribing how to secure services and applications (developed predominantly in JAVA & .NET) driven through various security policies defined for this area. • Should be familiar with application development so that he/ she can use prior development knowledge in integrating strong authentication libraries with different applications and troubleshooting. • Should be able to play the security consultant role for application development teams. • Should have good Knowledge of Secure Coding Best Practices .Good exposure of Web based applications and vulnerabilities associated e.g. OWASP top 10. • Should be flexible to work on other security areas like risk assessment, publishing different KRI dashboards, participate in different security committees etc. • The candidate will be a flexible, forward thinking individual with the ability to look beyond immediate problems and issues, but with a solid practical delivery focus. • Highly skilled and able to demonstrate value to the application development and architecture community at a practical level. • Approachable and willing to share their expertise and experience in order to assist the development of teams and individuals Salary: Not Disclosed by Recruiter Industry: Banking / Financial Services / Broking Functional Area: IT Software - Network Administration , Security Role Category:Admin/Maintenance/Security/Datawarehousing Role:System Security Desired Candidate Profile Application Security Lead ( GM IT Application Security ) Experience: 7- 10 years Role An Application Security Lead is required to work with the GM IT Application Security team. The role will focus on shaping and implementing best- practice guidelines for securing applications against the following security standards: • Authentication: SAML, Kerberos, Windows, SSO, PKI, other token based etc. • Authorisation : SAML Assertions, LDAP repositories, ad- hoc usage of ADAM , others • Code security : Protecting against OWASP recognised security risks, static source code analysis • Networking/ Messaging Protocols : Web Services (both WS.* and RESTful) , SSL/ TLS handshake, MQ, CFT (file transfer) , others Objectives • Should contribute to the definition of best- practice guidelines prescribing how to secure services and applications (developed predominantly in JAVA & .NET) driven through various security policies defined for this area. • Should be familiar with application development so that he/ she can use prior development knowledge in integrating strong authentication libraries with different applications and troubleshooting. • Should be able to play the security consultant role for application development teams. • Should have good Knowledge of Secure Coding Best Practices .Good exposure of Web based applications and vulnerabilities associated e.g. OWASP top 10. • Should be flexible to work on other security areas like risk assessment, publishing different KRI dashboards, participate in different security committees etc. • The candidate will be a flexible, forward thinking individual with the ability to look beyond immediate problems and issues, but with a solid practical delivery focus. • Highly skilled and able to demonstrate value to the application development and architecture community at a practical level. • Approachable and willing to share their expertise and experience in order to assist the development of teams and individuals Education- UG: B.Tech/B.E. PG:Post Graduation Not Required
