Senior Manager

• To Perform Web, Mobile, Thick client, API Penetration Testing and releasing reports to stakeholders.

• To test and research for new vulnerabilities

• Risk analysis and manual assessment of vulnerabilities, Execution of internal and external penetration tests.

• Tracking Closure of Vulnerabilities.

• Performing Code Review Using fortify SCA

• Coordinate with team members to track internal audit and regulatory assessments and address requests related to the Application Pentest, SAST and FOSS.

• Mitigates risk by following established procedures and monitoring controls, spotting key errors and demonstrating strong ethical behavior.

• Manage new projects and initiatives related to application security as needs arise.
• Exposure to the Application Security Vulnerabilities (as listed in OWASP Top 10), Security Testing methodologies.
• Good understanding the Software Development Life Cycle Methodologies such as Waterfall, Agile.
• Enforce standard methodologies, processes and tools and ensure compliance to enterprise architecture, global information security policies and overall firm strategy.
• Passion for Security, Agile, and DevOps.
• Experience in management and definition of security in the software development lifecycle (SDLC).
• Experience in software development and SDLC in Java, Python, C#, etc…
• Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Team City, etc.
• Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis).
• Understanding or virtualization and container technologies (Docker, Kubernetes, OpenShift).

EXL Service