- Expert in Static Application Security Scan/Analysis (source code review) (SAST), Software Composition Analysis (SCA) & Dynamic Application Security Scan/Analysis (DAST)
- Good knowledge of Application Threat Modeling, RASP, IAST
- Vulnerabilities Assessment and Penetration Testing (VAPT), Fuzz Testing at application + Infrastructure level
- Experience of building Security Gates / threshold levels for build pass/fail
- API Security , Container Security implementation /good knowledge
Information Systems/Network Security experience
- Demonstrated experience leading Security Design Reviews and/or Architecture Risk Analysis
- Expertise in OWASP & Good knowledge of NIST, SANS, PCI, ISO 27001
- Mobile Application Security testing
- Proficient with manual and automated scanner approaches
- Sound Knowledge of Devops environment
- Preparing security advisories and defining the severity levels for the vulnerabilities
- Scanning, validation and reporting of vulnerabilities on daily and monthly basis
- Preparing monthly security reports for the management
