Must Have Experience:

 Good at application threat modeling and Applications risk exposure.

 Familiarity with Security Standards and groups (OWASP, OSSTM,

WASC, FISMA).

 Must have in-depth knowledge of modern Web applications and

Mobile app (Android and iOS) security practices to detect and discover

security vulnerabilities.

 Should have experience in planning and implementing automated

security mechanisms, such as VA/PT, IDS/HIDS and auditing.

 Should have good programming and scripting skills, with focus on

automation.

 Good understanding of cloud technologies and how to keep them

secure, Knowledge on AWS or Azure a must.

 Must have in-depth understanding of web technologies, web

applications and Unix-like operating systems like Ubuntu.

 Should have holistic view of all Security domains across IT, Mobile,

Cloud platform.

 Evangelize and implement best security practices and processes across

the organization.

 Identify, analyse, respond and proactively discover security

vulnerabilities.

 Design and implement an architecture for regular automated security

audits.

 Review security aspects for existing and new service architectures, and

define best practices to be followed across TechM ESRM.

 Own security operations responsibilities and be the go to person for

anything in security.

Nice to Have

 CEH / OSCP / ECSA / CISM / CISSP (At least CEH/OSCP).

 Cyber security skills are essential.

Education &

Certification :

 Bachelor Degree in an Engineering Stream / B.Sc / B.Com / M.Sc

(Computer Science) / BCA / MCA.

 Application Security course certified.

 Software testing course certified.