Security Jobs in Chennai

GAIN Credit

Essential Duties:

Integrating security tools, standards, and processes into the product life cycle.
Ensuring that developers and QA personnel are trained with the appropriate level of security knowledge to perform their daily activities.
Improving and supporting application security tool deployments, including static analysis and runtime testing tools.
Create and manage the process to guide development and testing teams on proactively finding risks
Implement DevSecOps CI/CD pipeline and work with agile development projects to ensure secure SDLC activities are completed with accuracy and effectiveness.
Improving and maintaining secure development standards.
Supporting the application architecture/design review processes whenever application security expertise is needed.
Conduct periodic penetration testing services of applications and related infrastructure. Closure of open risks by actively following up with stakeholders.
Assess application, design threat models, risk, document potential risk vectors, recommend relative controls and ensure risk is addressed
Maintain the risk register to track the identified risks and produce metrics to report the state of the application security program and risk status.
Perform security incident monitoring and correlation using SIEM tools.
Detecting potential data breaches /data ex-filtration transmissions and prevent them by monitoring.
Work closely with business units to ensure that they know how to feed data into SIEM tools to create network hierarchy and classify Log Sources within SIEM.
Creation /Review of Security Policies, Standards, and Procedures.
Familiar with Threat Hunting both inside & outside, which is evolving day to day.
Assist in security awareness and phishing simulation efforts of the team.
Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies.
Provide threat and vulnerability analysis as well as security advisory services.
Escalate incident remediation changes with other business units, vendors, and customers, adhering to a predefined ITIL change management framework.
Having Basic certifications like CEH, COMPTIA, and OSCP are most preferable.
Additional responsibilities to this role include:
o Recommend cybersecurity assessment methodology and support the blue team wherever required

o Assessing cloud security risks (AWS and Azure) and recommending appropriate security controls


What you bring to the table (experience and qualifications):

Should have 4-5 years of experience in the information security domain, and minimum should have 2-3 years in application security.
Must have sound knowledge of application security weaknesses and vulnerabilities, remediation and mitigation techniques, and secure coding practices.
Ability to document and explain technical details in a concise & understandable manner
Sound knowledge on Security Frameworks like ISO27001, PCI DSS, and GDPR.
Ability to lead complex, cross-functional projects and problem-solving initiatives.
Passionate about information security and update knowledge on a daily basis to support the organization
Candidates must have excellent verbal and written communication skills
Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, to concerned stakeholders and discuss effective defensive techniques.

To apply for this job please visit