• Defining the test plan, strategy and deriving the road map for Application Security of the organisation.
• Conducting Application Security Testing like DAST, SAST, IAST and Static source code review of web and mobile applications using automated and manual approach.
• Evaluate cloud security risks across IaaS/PaaS/SaaS solutions and mapped control, dependencies and security solutions such as CASB (McAfee) and encryption.
• The key areas of expertise are Data security including Data classification, Data encryption which includes tokenization, static and dynamic data masking, DLP and data governance.
• McAfee CASB- Design and develop authentication, authorization, auditing, data at rest encryption and other security features.
• McAfee CASB - Design and develop infrastructure security components like DLP policies, security monitoring and etc.
• Designing the architecture of the solution, and assisting the technical team for POCs, compiling the proposal from different business unit.
• Mapping client’s security requirements. And advising clients on senior level.
SKILLS:
• Strong knowledge of security vulnerabilities and remediation as listed in sites like OWASP, SANS, etc
• Strong knowledge of web application security issues.
• Experience with Cloud security tool orchestration system such Prisma Cloud and AWS
• Strong knowledge of OWASP Top 10.
• Extensive experience in CASB solution for McAfee.
• Extensive experience in integration of O365, AWS, Azure with CASB Solution: McAfee
• Profound knowledge of TCP/IP and networking concepts.
• Strong knowledge of AWS core services: - EC2, S3, RDS, VPC, ELB, Lambda, etc.
• Familiar with CI tool like Jenkins.
• Experienced in report writing/presentation & client debriefing.
• Experienced in Risk analysis and proposing recommendations/countermeasures.
• Knowledge of Ethical Hacking and their Countermeasures.