Synopsys is looking for a full-time Associate Security Consultant in Bangalore, India area to parachute in wherever software insecurity invades and to stomp out bugs and flaws wherever they hide.
Synopsys offers the most comprehensive portfolio of software security solutions in the market. We go beyond traditional testing services to help our clients identify, remediate, and prevent vulnerabilities in the applications that power their business. Our holistic approach to application security offers a balance of managed and professional services and products tailored to fit your specific needs. We don’t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure applications.
•Good written and verbal communication
•Ability to collaborate with project team members, take direction from the project lead and execute tasks consistently
•Conduct Source Code Analysis
•Conduct Software Penetration Testing
•Conduct Architecture Security Analysis
•Conduct Secure Software Design and Architecture analysis
•Network Security Analysis – Good to have knowledge
•Conduct Database Security Analysis
•Exposure to ARA, Threat Modeling, SDR, CI/CD will be added advantage
Education & Experience
•Bachelor’s Degree in Computer Science, Engineering or equivalent. Master’s Degree preferred
•2 to 4 yrs. of work experience in relevant role
•Familiarity with software security weakness, vulnerability and secure code review. Experience conducting secure code review is a plus
•Familiarity with at least Java or .Net (Should be able to read and understand enterprise code and write basic code)
•Familiarity with security vulnerabilities and how those things appear in code
•Ability to look understand vulnerable code and security implications
•Basic knowledge of remediation of security issues
•Software architecture experience (web application, web services, API gateway, cloud native apps).
•Software build process experience (e.g., Jenkins, TeamCity, Bamboo, TFS, maven, msbuild).
•Basic knowledge of Cloud computing in any of the Cloud platforms like AWS, Azure, GCP or Ali Cloud.
•Any professional certifications on these Cloud technologies or hands-on exposure of Cloud config reviews would be given preference.
•Prior exposure of Architecture review/Threat modeling of applications and relevant tools
•Hands-on exposure of Software Composition Analysis or familiarities with SCA tools like Blackduck.