Module Lead - Iam Job in Yash Technologies

YASH Technologies, a leading enterprise business, and technology solution partner is seeking Application Securityprofessionals, who thrive on challenges and desires to make a real difference in the business world. With an environment of extraordinary innovation and unprecedented growth, this is an exciting opportunity for a self-starter who enjoys working in a fast-paced, quality-oriented, and team environment.

What you should have?

• 8 to 10 years of experience in building solutions in application security and data security for web applications and SaaS (Cloud) platforms.
• Expertise in implementing IAM (Identity and Access Management), authentication & authorization, federation solutions, Active Directory (AD), Role Based Access Control (RBAC), Multi-factor.
• Authentication (MFA), Attribute-Based Access Control (ABAC), SSO (Single Sign-on), SAML, OAuth and OpenID for digital protection on web based and cloud-based applications.
• Hands on in using IAM platforms (On-Prem and Cloud) such as Okta, AWS Cognito, GCP Identity Platform, Auth0, SecureAuth, etc.
• Hands on experience in performing vulnerability assessments and usage of tools OWASP Zed Attack Proxy (ZAP), Veracode, Fortify, SonarQube, Checkmarx, Coverity, Open Policy Agent, AuthZForce, etc.
• Proficiency with at least one programming language (Java, JavaScript) and web application frameworks.
• Experience with web development elements such as XML, JSON, SOAP, REST, HTML.
• Ability to train the team on Identity management/Okta implementation
• Experience in Git, Maven, CI/CD, Docker, Kubernetes is preferred.
• Experience with implementing compliance frameworks: PCI, ISO27001, HIPAA, FedRAMP, SOC2,
• etc. will be a plus.

What you will do?

• Work with important stake-holders on the roadmap of application and data security including recommendation of best tools and practices as per use case.
• Need to perform code reviews to ensure standards are adhered to and vulnerabilities are addressed.
• Work with Infra Security team for joint collaboration on infra setup as per use case.
• Implementation of identification and mitigation of OWASP Top 10.
• Should be able to perform VAPT test and address the risks.
• Responsible for developing security code snippets/model/examples.
• Need to work with Agile methodology.
• Soft skills - good written and verbal communication required in explaining vulnerabilities, writing reports, coordinating with customer and other teams.
• Implementing SSL Handshake, HTTP to HTTPS, Tokenization, Encryption for data in Transit and at rest.