MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
3

Info Security Engineer

Location Hyderabad, India
Posted 04-August-2021
Description
About the Role:

We are looking for an Information Security Engineer to perform web, mobile, thick client application and web Services security testing on Wells Fargo applications for the Dynamic Application Security testing processes. This person will perform application security testing to identify security defects in web, mobile, thick client application and web Services by following DAST policies and processes. This person will be an SME to provide guidance and assistance to team members but not limited to DAST activities. Prefer a candidate that has extensive knowledge in performing dynamic application security assessments and hands on techniques for identifying SQL injections, XSS, Authentication, Authorization CSRF, OWASP top 10 issues by using automated scanners and manual testing tools and generate reports. Should have experience in writing proof-of-concepts exploits and create custom payloads and modules for common ethical hacking framework and tools and should be able to own, drive and contribute to DAST projects and various DAST initiatives.
This position will support the DAST team in security assessments and commitments process within the Information & Cyber Security (ICS) for information needs.

Responsibilities:

Designs, documents, tests, maintains, and provides issue resolution recommendations for moderately complex security.


Provides security consulting on medium projects for internal clients to ensure conformity with corporate information security policy, and standards.


Possesses subject matter expertise in industry leading security solutions and best practices used to implement one or more components of information security such as availability, integrity, confidentiality, risk management, access management, and business continuity. May interface with senior management.


Perform application security testing to identify security defects in web, mobile, thick client application and web Services by following DAST policies and processes.


Works with a variety complex applications, teams and business system consultants for performing application security assessments and performing retest.


Build and maintain strong relationships within a variety of teams throughout the organization.


Assist with building sustainment reports to monitor DAST compliance with policies.


Successful candidate will work closely with the various stakeholders within DAST, SA&C, Information Security Management, Risk, and with business lines and technology leadership across the enterprise in the execution of the WF strategies/objectives. Accordingly, critical success factors will include the ability to effectively engage in a matrixed organization, develop partnerships with many business and functional areas, and have a strong operational and delivery focus. Accordingly, critical success factors will include the ability to effectively engage in a matrixed organization, develop partnerships with many business and functional areas, and have a strong operational and delivery focus


Market Skills and Certifications


Essential Qualifications:

Bachelors or Masters degree in Technology /Engineering


6years of information security applications and systems experience


5years of information technology applications and systems experience


6years of experience working with Manual testing tools including Burp Suite, ZAP, Fiddler, Nmap and developing various payloads for testing.


5years of experience with running scans using automated scanners and troubleshooting scanner issues.


5years of experience with end to end mobile application security testing using automation and manual testing tools.


3years of experience with web services testing and frameworks


Have a solid understanding of cloud application security testing and remediation


3years of experience in thick client application testing


Expert analytical skills with a keen ability to see how to translate needs of the teams into tangible deliverables.


High level understanding of various development data technologies and development environments.


Desired Qualifications:

Excellent communication skills and ability to articulate complex material to a diverse audience.


Strong customer relationship management skills.


Excellent verbal, written, and interpersonal communication skills.


CEH, CCSP


Ability to transform conceptual design to technical implementation


Ability to identify challenges, anticipate obstacles, influence and resolve issues.


Excellent documentation and communication skills (written and spoken) including Senior Management.


We Value Diversity
At Wells Fargo, we believe in diversity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national or ethnic origin, age, disability, religion, sexual orientation, gender identity or any other status protected by applicable law. We comply with all applicable laws in every jurisdiction in which we operate. 65865
Experience
Min 6 to 9 Years.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url