Job id : 42385
Senior DevSecOps Vulnerability Analyst
Senior DevSecOps Vulnerability Analyst
Pune
2 years ago
15 Applied
JOB ID:42385
Job details
Job Type
Full Time
Functional Area
Software Development
Industry
Banking/Financial Services/Insurance
Education
Not Specified
Experience Required
6 - 9 Yrs
Key Skills Required
java, .net, python, powershell, devsecops, cloud, ci/cd pipeline and ssdlc process automation
Other Skills Required
Job Description
Senior DevSecOps Vulnerability AnalystOverview• MasterCard is seeking a Senior DevSecOps Vulnerability Analyst with strong experience in static application security testing (SAST) and software composition analysis (SCA). Candidate must have experience in performing application security code review and vulnerability management. Experience with black box, grey box, and white box penetration testing is desired.• Whether through traditional retail, mobile, or e-commerce, MasterCard innovation is leading the digital convergence of traditional and emerging payments technologies across a wide variety of new devices and services for billions of users world-wide.• Are you passionate about application security? Do you like to tinker with things in order to figure out how to build them better, stronger, and more resilient? Are you a people person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams? Are you curious? Do you follow trends, resea... See More
Senior DevSecOps Vulnerability AnalystOverview• MasterCard is seeking a Senior DevSecOps Vulnerability Analyst with strong experience in static application security testing (SAST) and software composition analysis (SCA). Candidate must have experience in performing application security code review and vulnerability management. Experience with black box, grey box, and white box penetration testing is desired.• Whether through traditional retail, mobile, or e-commerce, MasterCard innovation is leading the digital convergence of traditional and emerging payments technologies across a wide variety of new devices and services for billions of users world-wide.• Are you passionate about application security? Do you like to tinker with things in order to figure out how to build them better, stronger, and more resilient? Are you a people person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams? Are you curious? Do you follow trends, research, and best practices as part of your insatiable desire to learn and teach others? Do you want to have a true impact on the security of how the world transacts? This may be the role for you.Responsibilities• Conducting application security assessments, secure source code review, secure software composition analysis of applications (web, mobile, web service, etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools.• Assist in the development, evaluation, implementation of application security testing, orchestration, vulnerability management process and tools• Research and keep up to date with application security threats, techniques, tools, trends and threat mitigation strategies• Able to assist in setting the strategic direction for application security and vulnerability management programs across the firm• Responsible for all project documentation, including maintaining technical documents and business requirements• Takes lead on medium size projects• Creates business and technical requirements on projects that defines getting to implementation• Strong communication skills and technical skills with the ability to communicate between business and techncial teams• Responsible for understanding security policies and industry best practices & complianceExperiences• Hands-on experience in secure source code review, software composition analysis and vulnerability management for web, mobile and network systems• Prior experience in Programming & Scripting such as Java, .net, Python, PowerShell is preferred• Knowledge of secure software development life cycle (SSDLC), DevSecOps, Cloud, CI/CD pipeline and SSDLC process Automation is desired• Knowledge of OWASP, SANS, or other security-related frameworks and penetration testing methodologies• Current knowledge of application security best practices, common exploits and threat landscape• Experience with application threat modeling or other risk identification techniques• Strong relationship building skills and collaborative style to enable success across multiple partners desired• The candidate should be familiar with laws, regulations, and industry standards such as PCI DSS GDPR, CCPA, GLBA, NIST SP800-53 and Cybersecurity Framework, and International Organization for Standardization (ISO) series 27001/2, 27005, 31000. See Less
About Company
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Recommended Companies
Recommended Events
