• The Application Security Analyst provides expertise to inform and validate the secure design and development of IT applications including changes to existing applications.

Job Responsibilities:

• Ensure that application security is an embedded and critical part of the software delivery lifecycle (including during the early stages of projects) regardless of delivery methodology and tool sets used (e.g. static code analysis)
• Train and educate developers and teams in secure coding techniques including use of supporting toolsets and enable them to self-service.
• Perform application vulnerability assessments including regular scanning and penetration testing activities in terms of post deployment security testing on Web based, Mobile, Cloud application, Robotics, IOT etc
• Perform secure code review across a variety of programming languages
• Help tune Web Application Firewalls (WAF) and modify WAF policy to virtually patch applications where required.
• Develop functional security testing scripts and procedures and identify opportunities to automate security testing and processes
• Identify inherent vulnerabilities and information security risks within systems and applications

Qualifications

Education:

• A bachelor’s degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or  Electronic) or related field from a recognized university.
• Must possess at least one professional certification such as CEH (Certified Ethical Hacker), LPT (Licensed Penetration Tester Master), OSCP (Offensive Security Certified Professional), CompTIA PenTest+, CMWAPT (Certified Mobile & Web Application Penetration Tester).

Knowledge and Experience

• A minimum of 5 years’ supervisory experience in Information Technology; with at least:
• 3 years’ experience in Information Security.
• Preferably 2 years Banking Experience in Active Application Security Testing
• Good knowledge of Banking/ Financial Services Operations
• Excellent planning and organizing skills
• Excellent problem analysis and attention to detail.

Competency:

• Web Application, Mobile, Cloud Application, Robotic Automation testing, IOT