Consultant-Technology Management-Information Security

4 - 9 Years
Punjab Other

Job Description

Division- State e-Mission Team
Place of Work- Punjab
Designation- Consultant-Technology Management-Information Security

Opportunity for Information Security Consultant who will be working on application / network
security to analyze software designs and implementations from a security perspective, and
identify and resolve security issues. Job will include the appropriate security analysis,
defenses and counter measures at each phase of the software development lifecycle, to result
in robust and reliable software.
-Proficient in Source code Analysis for Security testing. Review Software applications for
potential security vulnerabilities by conducting application security reviews i. e. Requirements
review, Design review, Code Review.
-Good hands on experience in Web penetration testing and in Mobile penetration testing
- Advantages will be working knowledge on tools such HP Fortify/IBM appscan, Burpsuite,
Checkmarx and OWASP Tools and Frameworks. Also good hands manual code review
techniques to identify application security vulnerabilities. Be hands on with technology and
to contribute to the design, development and support of projects with the Security
recommendations.
- CEH Certification and others related to Application Security
-Skills to train Developers on OWASP and SANs Top Vulnerabilities
-Good know how on how to get the documentation right from the technical perspective of
the software
-Skills to know what NFR are tested in applications
-Work with the Vendor and also Document vulnerabilities with Accurate POCs and work on
vulnerability mitigation
-Good experience in developing and/ or maintaining multi tier applications on all the phases
of software development
-Conduct SAST /DAST to ensure proper controls enablement
-Document Security Breaches via a proper proof of concept which can be relied on by the
developers
-Hands-on Vulnerability Assessment techniques, reporting and co-ordination within teams to
mitigate them.
-Hands on development using Java / J2EE or . NET Technologies or any Web.
-Good understanding of Object-Oriented Analysis and Design.
-Good understanding of any application web servers.
-Good understanding of Threat Modeling
-Well versed with OWASP standards.
-Unix/ Linux, GWT, HTML5 knowledge is good to have.
-Good problem-solving skills.
-Good Communications and Documentations skills.

Salary: Not Disclosed by Recruiter

Industry:IT-Software / Software Services

Functional Area:IT Software - Application Programming, Maintenance

Role Category:Programming & Design

Role:Project Lead

Keyskills

Desired Candidate Profile

Please refer to the Job description above

Education-

UG:B.Tech/B.E. - Any Specialization

PG:MCA - Computers

Company Profile

NISG (National Institute for Smart Government)

Created as a Public-Private partnership in 2002, NISG provides consultancy to Central and State governments in the area of e-Governance to help serve the citizens better. NISG has also worked with the Governments of Sri Lanka, South Africa, and Vietnam.
View Contact Details+

Contact Company:NISG (National Institute for Smart Government)