Security Analyst

• Participate in security planning and analyst activities.
• Performs security assessments and security attestations.
• Participates in security investigations and compliance reviews as requested.
• Make security analysis reports for security vulnerabilities and recommends feasible and appropriate options.
• Hands-on experience of Mobile Applications and Device security tools.
• Should have sound understanding of secure coding practices which are in conformance with OWASP Top 10, SANS and WASC.
• Understanding of various Application Security Threat Models and their applicability to existing and upcoming applications.
• Perform Vulnerability Analysis of applications based on the industry wide Application Security Threat Models like ASF, STRIDE and Risk Assessment model like DREAD.
• Prepare technical solutions to mitigate the vulnerabilities identified during threat modelling and vulnerability analysis.
• Hands-on experience of various Data Security Tools for Data Discovery, Governance, DLP, etc.
• Evaluate all design documentations and perform design assessments to ensure appropriate security controls are implemented within designs.
• Prepare strategies to mitigate vulnerabilities emanating from Vulnerability Assessments and Penetration Tests of Applications both at production level and source code level, i.e. DAST and SAST.
• Assist audit team in developing audit reports; present audit reports to top management, as needed and execute and properly document the audit process on a variety of cyber security environments.
• Possess strong analytical and problem solving abilities
• Worked on different security tools w.r.t. around VA, PC, DAST, SAST, PT.

Thanks and Regards,

Ankur Bhatia