Application Security Engineer
Application Security Engineer - Milpitas, CA
* Lead security assurance engagements and responsible for application (Web, Mobile) & network security testing
* Analyse application security architecture and understand security threats
* Knowledge in network vulnerability assessment, application penetration testing and security code reviews
* Draw Data Flow Diagrams (DFD), prepare threat models, identify threats and suggest mitigation steps
* Identify scope for security testing
* Perform estimation for identified scope
* Assist in building security testing competency
* Mentor and provide technical guidance to team members in executing test cases.
. Mobile security exp(Both device level and app level)
. Mobile apps development exp/knowing complete sdlc for mobile apps will be an add-on.
. Retail exp.
* Good knowledge of network & application security vulnerabilities
* Must be familiar with OWASP, SANS, CERT, WASC standards/frameworks for security testing and security code reviews. OSSTMM for network penetration testing
* Experience in performing threat modelling and identify attack vectors. Must be familiarity with STRIDE and DREAD concepts.
* Must be able to handle tasks/activities with competing priorities
* Must be able to work independently & guide team
* Excellent analytical ability
* Good communication skills
Customer Job Description: Define, implement application security architecture and analyse technology vulnerability analysis. Collaborate with application development teams, infrastructure security architects, and security policy experts to define an integrated framework.