Web Application Security

1 week ago


Chennai, Tamil Nadu, India NETSACH GLOBAL Full time ₹ 15,00,000 - ₹ 25,00,000 per year

Greetings from Netsach - A Cyber Security Company.

We are looking for Web Application Security consultant with minimum of 3+ years of relevant experience in an information security function with good background in information technology, stakeholder management and people management. Their primary purpose is to Design, Engineer & eventually Embed practical & balanced cyber / information security principles/patterns/controls into all products and platforms. Conduct security assessments, gap analysis, provide remediation to the relevant squads.

Job Title: Web Application Security

Exp: 3+yrs

Location: Chennai, Onsite

Job Type: Full-Time

Interested candidates please share your updated resume at

Key Skills Web Application Security, Security Code review, API security, Underlying infrastructure security, Integration Security, Database Security, Secure Configuration Review.  

Tools and Technologies Burp Suite, Postman, Tenable Nessus, Checkmarx SAST, GitHub and good knowledge about monolithic and microservice architecture and pipeline driven security.

Technical Requirement

  1. Web Application Security Owasp top 10 , CVSS etc
  2. Security Code Review manual code review in Git etc 
  3. API Security Review Open shift, container review etc. 
  4. Database Security Requirements to enhance security on Database 
  5. Web Server Security Requirements to enhance security on the web server 
  6. Configuration Review has performed different configuration reviews and should have found good misconfigurations in the system.
  7. Integration review How the application connects with different systems, performed security review on those integrations. 
  8. Transport Layer Security How communication channels are secured and understanding of the Transport layer security mechanisms and controls.

Knowledge & Skill Set:

  • Expert at the Web application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc. 
  • Good understanding of Microservice based architecture (Technical) 
  • Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection/detection & API /Micro services Security
  • Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical).
  • The Analyst / Engineer should be able to understand how different systems work and what security controls are implemented in such integrations. 
  • The Analyst / Engineer should be capable in understanding the hardening standards, creating one if not available, and perform the testing against the hardening standards. 
  • The Analyst / Engineer should be capable of assessing security flaws in underlying infrastructure and the connected components. 
  • The Analyst / Engineer should be capable of assessing the security flaws in the Transport Layer. 
  • The Analyst / Engineer has the skill to follow design principles and applies design patterns to enforce maintainable and reusable patterns, in the form of code or otherwise.
  • The Analyst / Engineer can understand and interpret potential issues found in source or compiled code.
  • The Analyst / Engineer has automation skills/capability in the form of scripting or similar. 
  • The Analyst / Engineer can attack application and infrastructure assets, interpret threats, and suggest mitigating measures.
  • Desirable Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and/or during agile ceremonies, via Evil Stories.
  • The Analyst / Engineer can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance.
  • The Analyst / Engineer has the skill to discuss and present solutions to other architecture, security, development, and leadership teams. 
  • The Analyst / Engineer can interpret and understand vulnerability assessment reports and calculate inherent and/or residual risks based on the assessment of such reports.
  • Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team. 
  • Good negotiation skills will be desirable Must have good judgment skills to decide on an exception approval.
  • Ability to enforce improvements when necessary, using Influence rather than Policing measures Superior written and verbal communication skills to effectively communicate security threats and recommendations to technical or non-technical stakeholders.
  • Knowledge of application of Agile methodologies/principles such as Scrum or Kanban

Soft Skills:

  • Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective 
  • Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement good architecture principles to lower technical debt 
  • Assertive personality; should be able to hold her/his own in a project board or work group setting
  • Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.
  • Ability to work under pressure and meet tough/challenging deadlines 
  • Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not 
  • Strong understanding of Risk Management Framework and security controls implementation from an implementer standpoint 
  • Has strong decision making, planning and time management skills. 
  • Can work independently. 
  • Has a positive and constructive attitude

Education

Bachelors degree in a computer-related field such as computer science, cyber/information security discipline, physics, mathematics or similar 

Certifications

  • General Information Security:OSCP, CEH, CISM/CISA or similar 
  • General Cloud Security: CCSK /CCSP or similar 
  • Specific Cloud Security: Azure Security or similar 
  • Network Security: CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist

Thank You

Emily Jha

Netsach - A Cyber Security Company



  • Chennai, Tamil Nadu, India TVS Credit Services Ltd Full time ₹ 5,00,000 - ₹ 15,00,000 per year

    Application SecurityRole Summary:We are looking for a someone specializing in VA/PT to support our Information security operations. The role will focus on performing vulnerability assessments, attack surface monitoring, penetration testing (manual & automated), and providing remediation guidance to application owners. The ideal candidate will have hands-on...


  • Chennai, Tamil Nadu, India CyberFort DigiSec Solution Private Ltd Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    Company DescriptionCyberfort Digisec Solution Private Ltd. is lead by a team of seasoned Information Security Management professionals with over three decades of industry experience. They possess technical and managerial expertise, having held strategic roles in multinational corporations, government entities, Big4 firms, and the banking sector. The company...


  • Chennai, Tamil Nadu, India Cyanous Software Private Limited Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    Role SummaryThe application security program is designed to ensure that any software developed or acquired meets stringent standards while enabling rapid innovation to meet customers ever? changing needs. The Application Security Engineer is responsible for providing application security services including secure coding techniques, security testing support...


  • Chennai, Tamil Nadu, India Sattrix Information Security Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    Network Security Engineer L2Location: Chennai and HyderabadEmployment Type: Full-timeShifts: Rotational ShiftsWork Mode: Work from OfficeExperience:At least 4 to 6 Years of experience out of which, minimum 5 years' experience in Security device management and operation.Technical Skills & ToolsMandatory: WAF: F5Preferred (any 2–3):Proxy: SkyHigh, Zscaler...


  • Chennai, Tamil Nadu, India finpe Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Location:Chennai (Preferred – Local candidates only)Company:FinPeAbout FinPe:FinPe is a fast-growing fintech startup redefining digital finance journeys. We're building innovative solutions to simplify financial services and enhance customer experiences.Role Overview:We are looking for a highly experiencedWeb Application Developerto join us in a part-time...


  • Chennai, Tamil Nadu, India Dr. Aravind's IVF Fertility & Pregnancy Centre Full time ₹ 12,00,000 - ₹ 24,00,000 per year

    Experience: 1 YearsJob Title:Mobile & Web Application DeveloperLocation:Dr. Aravind's IVF Centre – GuindyJob Summary:We are looking for a skilled Mobile and Web Application Developer to design, develop, and maintain our hospital's digital platforms. The candidate will be responsible for building user-friendly applications that support patient management,...


  • Chennai, Tamil Nadu, India Aliqan Technologies Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Greetings from ALIQAN TechnologiesJob Title: Application Security EngineerExperience: 5+ YearsDepartment:Technology – Information SecurityLocation: Chennai (Hybrid – 3 days from office)Reporting To: Application Security ArchitectWorking Hours: Full Time (9 hours/day)About LebaraLebara is a global telecommunications company, operating across Europe and...

  • Senior Web Designer

    7 days ago


    Chennai, Tamil Nadu, India Clemence Web Solutions Full time ₹ 2,30,400 - ₹ 3,84,387 per year

    Work experience as a Senior Web Developer Expertise in at least one programming language, preferably Javascript, Ruby or PHP Solid knowledge of HTML/CSS Experience with mockup and UI prototyping tools Understanding of security practices Familiarity with network diagnostics tools Team management skills BSc/MSc in Computer Science or relevant fieldJob Types:...


  • Chennai, Tamil Nadu, India B2N Management Consulting Kerala Full time ₹ 4,00,000 - ₹ 12,00,000 per year

    Conduct vulnerability assessments, application security assessments, and manage remediation workflows for production and non-production environments.Conduct Third Party Risk Management (TPRM) and vendor assessments, ensuring compliance of vendors. Required Candidate profileDevelop, execute, and monitor information security programs and awareness initiatives...


  • Chennai, Tamil Nadu, India Twilio Inc. Full time ₹ 12,00,000 - ₹ 24,00,000 per year

    Job Description Who we are At Twilio, were shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences. Our dedication to remote-first work, and strong culture of connection and...