IT-Sicherheitskoordinator/in

• Plan,Execute & Manage Secure Code review.
• Assist programmers in mitigating vulnerabilities.
• Deliver Application Security & Awareness training to management & team members.
• Deploying and Maintaining Secure SDLC process.
• Perform GAP Analysis and recommend improvements in Secure SDLC Process.
• Perform Risk Assessment and recommend secure control to reduce the risk.
• Perform PCI-DSS v3.1 and PA-DSS v3.1 assessment.
• Perform Secure Architecture Review and provide secure solution.
• Plan,Execute & Manage Vulnerability Assessment.
• Assist pre-sales team on technical queries raised by prospective customers.
• Perform Threat Modeling.

• Establish & Maintain Secure Development Lifecycle process Like Microsoft SDL ,Agile Security.
• Perform Web Application Vulnerability Assessment & Penetration Testing using tools like Burp Suite, OWASP ZAP Proxy, Acunetix, IBM AppScan, SQLMap , W3AF.
• Perform both manual & automated (Checkmarx) Secure Code Review against CWE/SANS Top 25 Software Errors.
• Assist programmers in mitigation.
• Provide secure solutions in .NET, JAVA based applications.
• Plan & Execute Post Production Security Reviews.
• Verify application security for adherence with PCI-DSS, PA-DSS & ISO 27000 System Development & Acquisition Standards.
• Analyze & Perform system abuse cases & business logic flaws.

• Verify the web application for OWASP Top 10 Vulnerabilities and reporting the risks.
• Perform Secure Code Review using CheckMarx.
• Maintaining Secure SDLC Process.

• Write & Execute Functional & Security Test Cases.
• Perform Black box testing like System Integration,UAT,Regression Test.
• Verifying application security for adherence with PCI-DSS,PA-DSS.
• Create Defect Report.

–

Teilnahme-Zertifikat auf Niveau A2

–

–

–