1. Security test analyst/architect
a. Must to have:
· Total IT experience ranging from 6 to 9 years.
· At least 4 years of experience in application security testing (Web/ Thick client), Infra Penetration Testing, mobile security testing and secure code review.
· Perform secure code review of software applications, developed in various languages (i.e. Java, ASP, .NET, C++, C#, PHP etc.)
· Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc.
· Co-ordinate with multiple Development Teams to understand application architecture, perform threat profiling, to be able to perform a comprehensive manual code review.
· Should be proficient in Application Security Concepts, familiar with OWASP Top 10, SANS top 25 and other security best practices.
· Basic understanding of the following protocols/technologies HTTP, SOAP/REST, SSL/TLS.
· Experience in work with relational databases like ORACLE, MS-SQL, MySQL etc.
· Analyze vulnerabilities, perform an impact analysis and risk determination.
· Successfully lead and execute projects, mentor and train resources with focus on enhancing their skill sets.
· Should have excellent communication Written, Oral and presentation skills.
· Security certifications CISSP, CEH is desirable
· Experience in secure software development standards, process, techniques and tools.
· Security Consulting
· Tools: Proficiency in most of the tools in each category
Ø Secure code review –Checkmarx, HPFortify, IBMAppScan Source edition.
Ø Web application vulnerability scanning tools - IBM AppScann, HPWebInspect, Burpsuite Pro
Ø High level programming languages :Java, C, C++, .NET
Ø Development Knowledge – ASP.NET, ASP, PHP, J2EE, JSP
Ø Database scanning : NGS & Scuba
Ø Vulnerability scanning tools : Qualys, Nessus,
b. Good to have:
· Application development knowledge.
· Must be fluent in using state-of-art IDEs involving Java/.net/php development. Knowledge of Eclipse is a big plus.
· Conduct Network Penetration Testing and vulnerability assessment as part of Application security engagements.
· Pre Sales / RFPs
· Knowledge on Compliance standards ISO 27001, PCI DSS, HIPPA and SOX
· Additional certifications like CISA, ECSA ,LPT will be an added advantage.
What we offer
- The chance to work with impact. Here, you’re empowered to bring your biggest thinking to help our company and clients improve everyday life.
- Ownership over your career. Stay at the top of your game through our award-winning learning and development ecosystem. And when your ambitions change or we offer new opportunities, we help you pivot by providing reskilling, on-the-job learning and guidance to find new roles that might be a better fit.
- The opportunity to thrive on a high caliber team with heart. We celebrate each other’s experiences and perspectives and promote a sense of belonging through our affinity groups and diversity and inclusion initiatives.
- A comprehensive total rewards package, including a competitive salary and pension plan with matching contributions.
- Flexible health and financial benefits to support you and your eligible dependents—from day one.
- True work-life balance. Be at your best through paid time off, flexible work arrangements, volunteering opportunities, social events, and so much more.
Our commitment to diversity and inclusion
Cognizant is an equal opportunity employer that embraces diversity, champions equity and values inclusion. We are dedicated to nurturing a community where everyone feels heard, accepted and welcome. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
If you have a disability that requires reasonable accommodation to search for a job opening or submit an application, please email CareersNA2@cognizant.com with your request and contact information.
While our system allows application in all languages, job required language(s) and proficiency level(s) vary. However, basic English proficiency is required for Company-wide communications purposes.
About us
Cognizant is one of the world's leading professional services companies, transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ-100 and one of Forbes World’s Best Employers 2024) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com.