Share this Job

Specialist - Information Security

Apply now »

Date: Sep 4, 2022

Location: US

Company: Larsen & Toubro Infotech Ltd

• Provide support to work within the Fortify tool to analyze all identified critical, high, and medium issues. Each issue then needs to be commented on, assigned to a developer, and provided a rating based on the selection criteria in the tool.

• Ensure all Fortify vulnerabilities are tagged and remediated before prod release.

• Eliminate false positives from the scan results to reduce application vulnerability remediation efforts.

• Discuss application technology interfaces with Application Architects to ensure security is integrated in all segments. Recommend secure coding practices and configuration as per industry best practices.

• Assist application remediation teams that are remediating code within their applicable repositories.

• Research vulnerabilities and their mitigating recommendations. Provide alternate control recommendations in case of challenges with existing vulnerability mitigation activities.

• Collaborate across teams to drive improvements in achieving high levels of security within internally developed code.

• Where necessary, perform dynamic security testing to check implemented security control meet expectations.

• Perform database code scans, analyze results, report vulnerabilities and provided recommendation to project team for mitigation.

• Engage with project teams on achieving compliance for in-scope applications.

• Discuss compliance controls with project managers and application owners.

• Through discussions with project stakeholders, understand application business functionality to drive migration & project upgradation securely.

• Assist project teams with VAPT requests and support remediation of reported vulnerabilities.

• Keep detailed log of all interactions in case management tools. Collaborate with cross functional teams to resolve customer issues, advocate product enhancements, bug fixes, provide feedback on important features, product gaps and supportability matters. Develop, document, and publish best practice methods, knowledge base articles and solutions.

• Troubleshoot code scan failures and provide alternate solutions for mitigation.

• Review encryption policy and recommend appropriate actions to development teams to comply with the requirements.

• Engage with product and developers to conduct security reviews and define security requirements.

Job Segment: Information Security, Database, Technology, Research