Application Security Architect

About Us:

LTIMindtree is a global technology consulting and digital solutions company that enables enterprises across industries to reimagine business models, accelerate innovation, and maximize growth by harnessing digital technologies. As a digital transformation partner to more than 700+ clients, LTIMindtree brings extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes in a converging world. Powered by nearly 90,000 talented and entrepreneurial professionals across more than 30 countries, LTIMindtree a Larsen & Toubro Group company combines the industry-acclaimed strengths of erstwhile Larsen and Toubro Infotech and Mindtree in solving the most complex business challenges and delivering transformation at scale. For more information, please visit ;/p>

Role: Application Security Architect

Location: Charlotte, NC/Atlanta, GA (Hybrid role 3 days/week)

Job Description:

Expert in Dynamic Application Security Scan/Analysis (DAST)

Expert in Static Application Security Scan/Analysis (source code review) (SAST)

Knowledge of Software Composition Analysis (SCA)

Experience of performing application architecture assessment and / or threat modelling

Good Knowledge of DevSecOps (Secure CI/CD integration)

Vulnerabilities Assessment and Penetration Testing (VAPT) of applications

Good knowledge of OWASP Top 10

Mobile Application Security testing experience (Android & iOS)

Expert in Vulnerability assessment of web applications (internal & external)

Experience and understanding of Application Penetration Testing and API Security Testing

Proficient with manual and automated scanner approaches

Knowledge of software vulnerability remediation techniques and libraries used in applications, Programming knowledge etc.

Knowledge of vulnerability scoring systems (CWE, CVSS/CMSS), CIS, etc.

Management and configuration of SAST, SCA & DAST Testing Tools

Vulnerability Triage Services & Vulnerability Tracking

Preparing security advisories and defining the severity levels for the vulnerabilities

Scanning, validation and reporting of vulnerabilities on daily and monthly basis

Preparing security reports for the management

Remediation Advisory Support

Education:

A bachelor or Masters in degree in Technology is a must. English proficiency both reading & writing is must

Technologies /Tools:

Burp suite, fortify (SCA & Web Inspect), BurpSuite Pro, Accunetix, Veracode, Checkmarx, Qualys WAS, Tenable .io Web Application, Nessus,

Certifications:

Desirable: OSCP, OSWE

Compulsory: Certified Ethical Hacker (CEH), B Tech

Other requirements:

Good Communication skills

Managing projects and schedules.

Assisting in the development of exploits for complex vulnerabilities.

Improving testing techniques and methodology via original research, custom tool development, defining new testing standards, and aligning testing procedures with various industry standards (OWASP Top 10, OWASP ASVS, NIST 800-53, etc.).

LTIMindtree is an equal opportunity employer that is committed to diversity in the workplace. Our employment decisions are made without regard to race, color, creed, religion, sex (including pregnancy, childbirth or related medical conditions), gender identity or expression, national origin, ancestry, age, family-care status, veteran status, marital status, civil union status, domestic partnership status, military service, handicap or disability or history of handicap or disability, genetic information, atypical hereditary cellular or blood trait, union affiliation, affectional or sexual orientation or preference, or any other characteristic protected by applicable federal, state, or local law, except where such considerations are bona fide occupational qualifications permitted by law.