Posted on:15-Jun-2014

Technical Architect- Application Security- Java, J2ee, Struts, Hibernate

Location: Gurgaon
Experience: 10 - 13 Yrs
Go Back

Job Description

Technical Consultant / Architect role is for an experienced technical manager looking to deliver high quality, practical solutions within a dynamic and growing environment.

This position is for an experienced developer to focus on security of new services to support business functionality. The role will involve working closely with development groups to securely design, develop and implement services and components.

The role will focus on reviewing application security mechanisms inbuilt into the applications, by carrying out Security reviews i.e. Secure Requirement Review, Secure Design Review, Secure Code Review, and Penetration Testing. This role would also demand interaction with vendors to conduct risk assessment. The job involves working closely with development groups, EA (Enterprise Architecture), ISO (information Security Officer) so that the applications are compliant with our Information Security Standards.

The successful candidate will be able to demonstrate an innovative and enthusiastic approach to technology and problem solving, will display good interpersonal skills and show confidence and ability to interact professionally with people at all levels. Our Systems are implemented in a wide range of technologies based on architectural standards.

Required Skills and Experience

We are willing to consider Java/J2EE Designer / Architects with Design, Architecture exp in Java/J2EE, Struts, Hibernate, OOAD, Design Patterns with an interest to work in Application Security area or those already in Java environment working in the Application Security side - both options are open.

10 - 13 years of application security experience with exposure to application lifecycle security
Candidates should be into Development as well as security till date .
Experience in Security ( appscan and CEH ( Certified Ethical hacker)) Inclusive of Java , J2EE, Struts Design and development. .
B.E./M.E./MCA or equivalent IT Experience
Proven expertise in web technologies (Java/J2EE).
Capable of understanding end user requirements from security perspective.
Ability to set/identify security testing objectives and develop security test strategy to execute security test cases.
Run and analyze security Penetration testing (manual and Automated) and pinpoint the security issues and suggest countermeasures for security improvements
Knowledge of attack vectors from OWASP Top 10 list including injection, Cross Site scripting etc.
Knowledge in various open source security tools such as proxies, fuzzers etc
Working knowledge of executing source code analyzers to unearth security vulnerabilities in the source code
Strong understanding of HTTP Protocol
Professional Qualification : CISSP/ISO 27001/CEH will be an added advantage
Appreciation and knowledge of technologies used within the project.
Can work as part of the larger team to ensure satisfactory deliveries.
Proven ability to work well under pressure and in a team environment
Self motivated, flexible, responsible, and a penchant for quality
Excellent interpersonal skills.
Creative with an analytical bent of mind and problem solving skills.
Highly motivated with willingness to take ownership/responsibility for their work and ability to work both independently and in a team oriented environment.
Highly customer focused.
Adept at selecting and utilizing appropriate technologies to solve complex problems effectively.
Ability to work within an International team.




Technical Archietct - Application Security

key Skills :

Secure Requirement Review, Secure Design Review, Secure Code Review, Penetration Testing, HTTP Protocol, CISSP, ISO 27001, CEH, OWASP, injection, Cross Site scripting, fuzzers, appscan, Application Security, Java, J2EE, Hibernate, Struts, OOAD

Education :


Email ID: