Senior Security Analyst
A day in the life of our Senior Security Analyst:
● Identify organizational and process challenges and work with stakeholders to achieve results that drive continuous improvement in application, network, and DevOps security.
● Scope and perform security code reviews and penetration tests of web applications, private and public cloud environments, and corporate networks.
● Think like an attacker to expose vulnerabilities and solve complex problems.
● Provide our Engineering team with well-researched security advice to demonstrate vulnerabilities, collaborate with all teams to provide secure development guidance.
● Leverage a combination of tools such as Static Analysis (SAST), Dynamic Analysis (DAST), Software Composition Analysis (SCA), container registry scanners, and cloud infrastructure scanners.
● Lead a team in application security architecture, design, and control implementation.
● Develop security test plans based on application architecture and dataflow.
● Write recommendations for preventing or fixing the discovery of application security weaknesses.
● Assist in the development, evaluation, and implementation of application penetration testing processes and tools.
● Research and keep up-to-date on application security emerging threats, techniques, tools, and trends.
● Educate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters across the organization.
We want you to have:
● 4+ years of experience in Applications assessments using tools e.g., Chechmarx, BurpSuite, MetaSploit, SQLMap, NMAP, Nessus, Qualys, Nexpose, SoapUI, etc.
● Knowledge of web servers (e.g.: IIS, Apache, WebSphere), application servers (e.g.: WebLogic, Tomcat), and general networking (TCP/IP, NFS, DNS, Routers, firewalls, load balancers)
● Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX)
● Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals; experience working in Agile Frameworks a definite asset
● Hands-on experience with operating platforms (i.e., Microsoft, OSX, and Linux)
● Strong understanding of security, cryptographic, and authentication protocols (TLS, SSL, Kerberos, AD, LDAP)
● Knowledge of ticketing and documentation systems (JIRA, Confluence, SharePoint)
Standouts have these qualifications:
● Desired certifications: CEH, GIAC Pen Tester, OSCP, OSCE, etc.; or equivalents and combined experience
● Knowledge of Cloud and Virtualized platforms such as AWS/Azure/GCP/VMware vSphere/Hyper-V
Ducen is a trusted technology solutions provider that aims to empower Fortune 1000 companies through quality solutions and services. Headquartered in Boca Raton, Florida, we help organizations simplify data management, secure business processes, and deliver insights – all in an effort to drive business outcomes and enhance the customer experience. Through our enterprise analytics platform, we build and manage data-driven digital platforms including business intelligence and advanced analytics solutions. We also offer a comprehensive services portfolio covering data management, cybersecurity, and application development to help clients stay ahead of the technology curve.
Life at Ducen
At Ducen, you’ll work with business stakeholders, collaborative and diverse global team of enterprise and solution architects, talented engineers, designers, business analyst, data scientists, marketers, and thought leaders all committed to deliver exceptional business value. We are here to fuel your passion and empower you to step up and pave your path to success.
Why you’ll love working at Ducen
1. Our ROWE (Results-Oriented Work Environment) approach lets you work during your most productive hours so you can have a better work-life balance.
2. Work in a collaborative workspace that helps to bring out the best in you.
3. We promote a culture where you get recognized and rewarded for all amazing work you do.
4. We empower you to think creatively and celebrate innovative ideas.
5. We encourage continuous learning to ensure you stay ahead in your sphere of work.
6. We offer competitive pay and a comprehensive benefits package.
7. As a permanent employee, you’ll also have:
• 24 days paid holiday – this excludes our national holidays
• Private medical coverage for self, spouse, children, and parents/in-laws
• Life insurance and enhanced maternity/paternity benefit
8. We have an impressive employee referral scheme.
9. We recognize the benefit of having a diverse workforce. We value applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender identity, religion or belief, marital status, or pregnancy and maternity conditions.
10. And yes, we have free lunch and snacks you can enjoy but here are 31 more reasons why you’ll love working at Ducen.
Think you’d be perfect for this role? Send your application to firstname.lastname@example.org. Please include your resume, current and expected CTC, notice period, portfolio (if applicable), and cover letter.
|Job Category||IT / Software|
|Job Title||Senior Security Analyst|
|Location||Kandanchavadi, OMR, Chennai|
|Job Type||Full Time|