Application Security Engineer

The Company

Egon Zehnder (www.egonzehnder.com) is trusted advisor to many of the world’s most respected organizations and a leading Executive Search firm, with more than 550 consultants and 63 offices in 36 countries spanning Europe, the Americas, Asia Pacific, the Middle East and Africa. Our clients range from the largest corporations to emerging growth companies, government and regulatory bodies, and major educational and cultural institutions. The firm is a private partnership which allows us to operate independent of any outside interests. As a result of this unique culture, Egon Zehnder has the highest professional staff retention rate for a global firm in our profession. We have a blue-chip client base across all industries and operate at the Board and senior management level.

Knowledge Centre India (KCI)

Established in January 2005, KCI in Gurgaon, works in close collaboration with the Global offices of Egon Zehnder. There are 5 teams that make up KCI: Research, Research Operations, Visual Solutions, Projects/CV Capture and Digital IT.

Your Journey at Egon Zehnder Starts Here

At EZ, you have the opportunity to deliver digital transformation initiatives across the globe for the organization. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.”

Who we are!

We are part of Digital-IT team established 14 years ago in Gurgaon, India to provide technology support and rollout digital initiatives to 60 plus global offices. Digital IT has six key pillars – Collaboration Technology; Functional Technology; Digital Technology; Security & Architecture; Infrastructure & Services, Digital Success to support business and to take lead on digital transformation initiatives with the total strength of 150+ team members across the globe.

Requirements

Job Description

Be a part of the Application Security team under the CyberSecurity organization as an Application Security Analyst and work closely with the Application Development, Database Security and CloudDevOps team to ensure that any software developed or acquired meets the stringent standards while enabling rapid innovation to meet our firm and clients’ everchanging needs.

Successful candidates will be security evangelists who can translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors.

Candidates must be able to approach application security from the perspective of risk management and avoid purely academic thinking about software security.

Conduct complex compromise analysis and work with resolver groups to ensure the timely mitigation of security events. Perform forensic investigations. Identify and assess threat intelligence sources recommending relevant requisite actions, gaining agreement, and facilitating implementation. Conduct security assessments and Threat modelling including penetration testing and vulnerability assessments.

Experience: 5+ years of relevant experience

Should be willing to support and be available during non-working hours in case of emergency situations.

Responsibilities

What will you do?

• Improving and maintaining secure development standards
• Integrating security tools, standards, and processes into the product life cycle (PLC)
• Integrating threat modeling practices into the product life cycle.
• Ensuring that developers and QA personnel are updated with the appropriate level of security knowledge to perform their daily activities.
• Improving and supporting application security tool deployments including SAST, DAST, SCA etc.
• Supporting the incident response and architecture review processes
• Managing and collaborating in the annual 3rd party vulnerability & penetration testing services
• Provide manual penetration testing and standards gap analysis of the Digital environment including SaaS applications.
• Manage application framework and security improvement & optimization related projects.
• Supporting Vendor Security activities to ensure 3rd‐party software and development meets EgonZehnder security standards.
• Producing metrics reporting the state of application security programs

What will you need to succeed?

Skills:

• Prior work experience in application security
• Should have exposure on Cloud and DevSecOps
• Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models.
• Familiarity with a variety of development and testing tools like BurpSuite, Invicti (or Netsparker), Postman or similar
• Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience and discuss effective defensive techniques.
• Familiarity with industry standards and regulations including PCI, FFIEC, SOX, and ISO27001 is desired.
• Candidates must have excellent verbal and written communication skills.

Good to have:

• Knowledge of Microsoft Sentinel as SIEM

Certification of Azure (DP-300 / AZ-500 / SC-100)

Benefits

Benefits which make us unique

At EZ, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Egon Zehnder can mean for you!

Benefits Highlights:

• 5 Days working in a Fast-paced work environment.
• Work directly with the senior management team
• Reward and Recognition
• Employee friendly policies
• Personal development and training
• Health Benefits, Accident Insurance

Potential Growth for you!

We will nurture your talent in an inclusive culture that values diversity. You will be doing regular catchups with your manager who will act as your career coach and guide you in your career goals and aspirations.

Location

The position is based at Egon Zehnder’s KCI office in Gurgaon, Plot no. 29, Institutional Area Sector 32

EZ Commitment to Diversity & Inclusion

Egon Zehnder aims for a diverse workplace and strives to continuously lead with our firm values. We respect personal values of every individual irrespective of race, national or social origin, gender, religion, political or other opinion, disability, age and sexual orientation as warranted by basic rights enshrined in the UN Declaration of Human Rights. We believe diversity of our firm is central to the success and enables us to deliver better solutions for our clients. We are committed to creating an inclusive environment and supportive work environment, where everyone feels comfortable to be themselves and treated with dignity and respect and there is no unlawful discrimination related to employment, recruitment, training, promotion, or remuneration.

Egon Zehnder is an Equal Opportunity Employer

Egon Zehnder provides equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, disability, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.