Security Analyst Job in Luxoft Pune

onsibilities SAST and DAST scans Fortify for vulnerabilities Follow up with Developer on open vulnerabilities Share reports of open, closed vulnerabilities Safeguards information system assets by identifying and solving potential and actual security problems Protects system by defining access privileges, control structures, and resources Recognizes problems by identifying abnormalities; reporting violations Determines security violations and inefficiencies by conducting periodic audits Upgrades system by implementing and maintaining security controls Maintains quality service by following organization standards Contributes to team effort by accomplishing related results as needed Skills Must have 2+ years of experience 1. Software Composition Analysis (SCA): X-Ray scans hands-on experience 2. Thorough knowledge of WebInspect and DAST scans hands-on experience 3. Thorough knowledge of Fortify and SAST scans hands-on experience 4. Internal documentation creation experience 5. On-call security incidence troubleshooting 6. Process improvement 7. Problem solving 8. Excellent communication skills Nice to have 1. Application development skills (programming languages: Python, Java, C#, Angular) 2. Solid application risks assessment practical experience 3. Application risk management experience (Understanding of the Risk Acknowledgement Form (RAF) approach) 4. AWS cloud services administration 5. AWS cloud services practical experience and certification 6. Fortify SCA certification (Cybersecurity Maturity Model Certification (CMMC)) 7. CISSP, CISM, OSCP, CEH certifications 8. Kubernetes deployment and maintenance hands-on experience 9. Automation: Terraform 10. Good knowledge of Microsoft Active Directory services 11. Firewall and security group administration practical experience 12. Good understanding of AICPA SOC2 controls and processes 13. Thorough knowledge of network security and protocols 14. Knowledge of cryptography protocols and hands-on experience in SSL certificates generation 15. Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters. 16. Web and desktop applications penetration testing hands-on experience.