Security Developer

  • Bangalore
  • 10-15 lakh
  • 9-11 years
  • 03 Apr 2015

  • IT/ Information Technology

  • IT/ Technology - Software/ Services
Job Description

The position requires an innovative and motivated developer in software security area (3 Tier Architecture) with a high level of independence, using extensive hands-on knowledge and skills obtained through education and industry experience to perform the necessary analysis, solution architecture and design tasks related to security strategies, security architectures or specific security solutions in Multifonds product development life cycle to meet the business challenges and client's requirement.

As a developer in software security area having in-depth knowledge and hands-on experience with various security standards, technology and tools, secure software development life cycle processes and standards in enterprise software product / solution development environment with a proven ability to plan, execute, monitor and deliver, your responsibilities, including but not limited to, are as following:

* Analyze, develop, maintain, document the product security architecture, design and technological integration involving Oracle Database, Fusion Middleware components, WebLogic Server, ADF, BI Publisher, Webservices and Java Security architecture and implementation

* Ability to enhance architecture, design and propose technology alternatives (if applicable) for Multifonds product solution offerings by providing security solution and technology subject matter expertise in multiple security technologies e.g. Database Security, Application Security, Web Security, encryption, multi-factor authentication, intrusion detection (IDS), intrusion prevention (IPS), network segregation, SIEM, IDM, IAM and vulnerability management toolsets

* To apply information security policies, standards and guidelines to the product development life cycle

* To own and lead technical responses for number of complex RFI/RFP/RFT in competitive situations along with Database, Middleware Architect and other technical managers

* Maintain a roadmap for the development and update of product-oriented security architecture and standards

* Develop and produce comprehensive and accurate deployment plan, environment plan, vulnerability assessment and management plan, security test plan, integration and compliance plan

* Design security, federated security and threat models

* Implement appropriate control gates by collaborating and consulting with business areas and identifying risks and developing standards, policies, procedures, guidelines and best practices for coding, testing and implementation and educating the staff about the same to facilitate the adoption and implementation of a consistent technical security architecture

* Automating security testing as part of continuous improvement in product development and release life cycle

* Research and define the structure of vulnerability management reports for individual technology platforms (e.g. Database, FMW, Web Application, Webservices, Java, IE etc.)

* Working with vulnerability assessment tools to provide continuous monitoring and detection of security vulnerabilities in the product and fixing the same

* Keep abreast of evolving industry practices and regulatory / legal changes to ensure the product technical security architecture enables cost effective security to be delivered as an integral part of overall product offerings

Your profile

* An innovative, passionate, creative with lateral thinking and possessing exceptional ability to work under pressure on multiple current and future product solutions and to demonstrate excellent analytical and problem solving skills with strong leadership abilities to lead on critical issues and achieve the desired results

* 09 - 11 years of extensive hands-on industry experience of architecting, designing, developing security solutions for Oracle Technologies based enterprise software applications in financial domain and equipped with B.E., B. Tech., M.E., M. Tech. in Computer Science / IT stream

* It is particularly important to be able to identify security risks and then describe them in both business and technical terms. Excellent presentation skills with the ability to present complex ideas to technical and non-technical audiences:

* Very Good Knowledge on ISO development standards and practices

* A broad knowledge of networking concepts, including subnets, firewalls, IDS, routing, switching. Should be able to analyze a network topology and draw conclusions around security controls and weaknesses

* Good understanding of Security Architectural and/or Enterprise Architectural Frameworks (e.g. SABSA, TOGAF)

* Familiar with Information Assurance Maturity Model (IAMM)/Information Security and Service Management (ISSM) or similar

* Able to demonstrate the deep understanding of methods and models within information security to include risk analysis and mitigation, policies, regulatory environment, technologies, architecture and best-practices with strong abilities to work in a highly collaborative manner with the network, system, database and application groups to understand broad objectives and propose security solutions that ensures that these objectives align with the company's security policies and standards

* Understanding of SSL / TLS, Digital Signatures, Auditing Application Architectures and Vulnerabilities

* Able to communicate with and present to internal and external senior management confidently and demonstrate the professionalism of the job family

* Be able to demonstrate a broad understanding of market dynamics, an industry area, commercial issues, and technical concerns whilst maintaining depth in core focus area

* Certifications:

* Oracle Database Security Certified Implementation Specialist

* Oracle Database 12c: Managing Multitenant Architecture and Security

* Fusion Middleware security architecture certified

* Fusion Applications Security Fundamentals

* Other Certifications:

* CSSLP (Certified Secure Software Lifecycle Professional)

* CISSP (Certified Information Systems Security Professional - ISSAP, ISSEP, ISSMP)

* SANS, NIST security standards

What do we offer?

* Attractive salary and benefits

* Excellent working environment in a young and dynamic team in an international environment

Job Posted By

About Organisation