#9613
team lead and mentor junior team members
Work with the product engineering teams and providing SME advice to understand and remediate vulnerabilities in code
Support the product engineering teams to identify false positives in code scanning reports and security testing reports
Build, maintain and execute a strategy to secure Finastra's customer facing products.
Conduct and lead threat assessments and propose remedies.
Partner with the business to understand our clients' security needs and the marketplace security standards.
Serve as the security SME for product engineering teams.
Develop security requirements and stories.
Lead conversations about security with prospective and current clients alongside the business and sales team.
Develop security material (brochures, white-papers) for consumption by customers showcasing the security of Finastra products.
KNOWLEDGE AND SKILLS
Knowledge of full stack engineering.
Knowledge of Secure SDLC processes.
Software development and/or QA background (knowledge of programming languages, SDK, API, SPI and application infrastructure/servers).
Code security knowledge (including static and dynamic code scanning).
Working knowledge of networking protocols and cryptography.
Working knowledge of database technologies including directory services, relational databases and no-SQL.
EXPERIENCE REQUIRED :7- 10Yrs
Experience with Web Penetration testing (Api, Mobile and Thick client)
Experience with static code review tools (Veracode, Fortify, CheckMarx, Coverity, etc)
Experience with security testing tools (Burp suite, Appscan, WebInspector, SQLMAP, Kali, etc.)
Experience with Application security threat modelling, abuse case analysis, risk assessments, design and architecture review.
Experience with Software exploitation (penetration testing, reverse engineering).
Experience with enterprise software and architecture.
Team Lead Experience is Mandatory
Good to have certificate :OSCP ,BSCP
EDUCATION / CERTIFICATIONS