Philips Technical Specialist in Bangalore, India

The Application Security Engineer is a critical member of the secure application development team and responsible for verifying the required security controls are integrated in product/Service. The Application Security Analysts is responsible for ensuring that application developers have closed security vulnerability gaps found in the applications and have built mitigating controls into HealthSuite Digital Platform (HSDP) products, services and operations.

Responsibilities:

As part of the larger HSDP Privacy and Security Team, the Application Security Engineer -

  • Should be able to understand the Application security risks that as a part of security risk assessments and Threat modeling of applications

  • Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.

  • Understand and analyze the application code.

  • Able to perform Static and Dynamic code analysis

  • Able to guide and support development teams to fix the security vulnerabilities in the code.

Preferred Experience:

  • Minimum 5 years of work experience in Application Security

  • Understanding and familiarity with common code review methods and standards

  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)

  • Application development experience

  • Experience in a wide variety of languages, which includes C/C++, Java, .Net, Perl, Python and etc.

  • Research and pilot new services / technologies to support secure software development

  • Knowledge of standard SDLC practices

  • Experience in application security penetration testing

  • Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp,OWASP ZAP, CSRF tester etc

  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies

  • Knowledge in cloud & Big data application security testing

  • Sufficient understanding or exposure to Mobile App and critical associated components including, but not limited to:

  • REST API

  • Cloud Foundry

  • Encryption

  • Data storage for SQL, Oracle etc.

  • Big Data / Analytics / Cloud

Educational Qualifications:

  • Bachelor degree required

  • Degree or concentration in Computer Science, Information Systems, Information Security or similar preferred.

Preferred Security certifications

Security certifications like

  • CEH

  • ECSA LPT

  • OSCP

The Application Security Engineer is a critical member of the secure application development team and responsible for verifying the required security controls are integrated in product/Service. The Application Security Analysts is responsible for ensuring that application developers have closed security vulnerability gaps found in the applications and have built mitigating controls into HealthSuite Digital Platform (HSDP) products, services and operations.

Responsibilities:

As part of the larger HSDP Privacy and Security Team, the Application Security Engineer -

  • Should be able to understand the Application security risks that as a part of security risk assessments and Threat modeling of applications

  • Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.

  • Understand and analyze the application code.

  • Able to perform Static and Dynamic code analysis

  • Able to guide and support development teams to fix the security vulnerabilities in the code.

Preferred Experience:

  • Minimum 5 years of work experience in Application Security

  • Understanding and familiarity with common code review methods and standards

  • Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)

  • Application development experience

  • Experience in a wide variety of languages, which includes C/C++, Java, .Net, Perl, Python and etc.

  • Research and pilot new services / technologies to support secure software development

  • Knowledge of standard SDLC practices

  • Experience in application security penetration testing

  • Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp,OWASP ZAP, CSRF tester etc

  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies

  • Knowledge in cloud & Big data application security testing

  • Sufficient understanding or exposure to Mobile App and critical associated components including, but not limited to:

  • REST API

  • Cloud Foundry

  • Encryption

  • Data storage for SQL, Oracle etc.

  • Big Data / Analytics / Cloud

Educational Qualifications:

  • Bachelor degree required

  • Degree or concentration in Computer Science, Information Systems, Information Security or similar preferred.

Preferred Security certifications

Security certifications like

  • CEH

  • ECSA LPT

  • OSCP