Job description:

Deep knowledge on Checkmarx Source Code Reviews ( Java, Javascript, Javascript frameworks , go, c++)
Blackduck & OSS Impact Analysis
Container Security- Twistlock (Docker, Kubernetes and GKE) and IaC , Terraform and Cloud Formation
6-8 years experience of application cyber security testing- exposure in application pen test, OWASP, security benchmarks.
Hands-on experience in SAST - Checkmarx, IAST, OSS - Synopsys Blackduck, DAST, RASP, and vulnerability management, Security source code reviews, open source software composition analysis.
Knowledge of microservice architecture for securing APIs testing in multi-cloud environments & pre-commit/pre-receive hooks, dependency scanning,
Good to have experience in integrating AppSec tools in CI-CD - Jenkins, Gitlab, Bamboo to automate the services.

• To clearly understand the client's cybersecurity environment and respective product.
• To monitor, configure, and troubleshoot cybersecurity issues and related monitoring tools
• To analyse and validate cybersecurity incidents in-detail and help the L3 team with RCAordata or logs collection
• To enable knowledge transferortrainings through creationor maintenance of configuration documents, test plans, operational manuals and provide operational training to L1 team.
• To analyse and fine-tune cybersecurity policies, participate in cybersecurity review calls pertaining to change requests and recommendations on cybersecurity policy changes.
• To implement changes, monitor security device performance and implements performance tuning when necessary.
• To prepare analyses and reports to highlight the project progressorchallenges and ensure quality and accuracy to the client