Staff Information Security Analyst
- Cadence Design Systems
- 7 - 10 Years
- Noida, Gurugram
- 4 years ago
- Email to a friend
- Report this job
Job Description
Job Description :
At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology.
Job Description:
Cadence's Information Security team is seeking an Application Security Analyst. As a member of the Information Security team, this role proactively works with Cadence's Sr. Application Security Architect to review and remediate security vulnerabilities in enterprise applications using techniques such as static/dynamic code analysis and fuzzing. They will also be assisting with other security related tasks such as incident response and vulnerability management and administration, configuration, and deployment of security solutions. The successful candidate for this position is a highly motivated individual with a strong Application Development and Security background who excels in operating & deploying security technology and interacting with clients.
Key Deliverables and Responsibilities (include but are not limited to the following):
- Perform application security vulnerability management and report findings and status to Vulnerability Management team.
- Perform detection, monitoring, analysis, provide containment and resolution recommendations of security incidents.
- Perform network / system / application / log intrusion detection analysis and trending
- Research, evaluate, develop and implement security solutions and standards following industry best practices.
- Ensure that current and planned technical solutions are compatible with the company's business needs and strategic objectives.
- Operate the production environment security toolsets and services.
- Work with other teams to design, develop, and implement Enterprise Security solutions in support of development, test, and production environments
- Provide technical security expertise and assistance to other IT and Business groups
- Performs security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures
- Support the information security operations team
Competency Skills required:
- Planning, organization, and time management skills
- Clear and concise technical and business communication, listening, speaking, and writing skills
- Strong troubleshooting, problem solving, and critical thinking skills
- Customer service skills
Qualifications and Specialty Skills required:
Bachelor's degree in science or engineering field or equivalent combination of education and relevant experience.
7-10 years of experience with secure application development, security processes, and security solutions.
Strong understanding of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current and emerging threats in the information security landscape.
Conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include an understanding of Information Security concepts which apply to them.
Good understanding of security standards, ISO 27001, CIS Benchmarks, NIST, & STIGs.
Should be able to research security vulnerability and threat and write threat advisory and advise IT operation team on remediation recommendations
Ability to work in a group setting and independently
Experience with IT ticketing systems.
Good working knowledge in scripting language, Python, PowerShell, etc.
Experience with a Security Information Event Management
Strong understanding of Linux/UNIX and Windows based operating systems and networks.
Knowledge of system log forensics (Syslog, Event Viewer)
Strong working knowledge of Application security concepts and technologies such as:- Experience in development languages.
- Experience in OWASP Top 10 and usage of common AppSec testing tools.
- Experience in performing security code review
- Experience in using code repository systems
- Experience of Secure by Design concepts and threat modeling
- Knowledge of common security libraries, security controls, and common security flaws.
- Experience in application penetration testing techniques and tools
- Knowledge of application technologies including Web applications, Web services, XML, SOA, AJAX, JSON, and Web scanning tools
- Open Source Security (OSS) - Software Composition Analysis (SCA)
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Runtime Application Self Protection (RASP) - Real Time Monitoring detection and prevention
- Security Architecture Review - Threat Modeling
- AWS and Azure WAF Configuration and whitelisting
- Cloudflare DDOS configuration and operation
- Manual Penetration Testing
- Penetration testing with 3rd party vendors
- Host level vulnerability Scanning
- Web application security training course development and delivery
Preferred Certifications:
- Certified Information Systems Security Professional (CISSP)
- SANS GIAC certifications (GCPN, GWAPT, GPEN)
- Defensive Security OSCP certifications (WEB-300)
Employement Category:
Employement Type: Full timeIndustry: IT
Functional Area: IT
Role Category: Software Engineer
Role/Responsibilies: Staff Information Security Analyst
Contact Details:
Company: Cadence Design SystemsLocation(s): Noida, Gurugram
+ View Contact
Fraud Alert to job seekers!
₹ Not Specified
Cadence Design Systems
Cadence is a leading provider of EDA and semiconductor IP. Our custom/analog tools help engineers design the transistors, standard cells, and IP blocks that make up SoCs. Our digital tools automate the design and verification of giga-scale, giga-hertz SoCs at the latest semico...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in