A minimum 5 years of experience in a computing environment, experience with application security and information protection
Experience in application security for all types of applications, extranet, Intranet, mobile, etc
Thorough understanding of various application architectures and attack vectors on application tier and database tier components
Experience in conducting application vulnerability assessments, penetration testing and usage of applications security tools (IBM AppScan Enterprise) and source code analyzers.
Capability of using IBM Appscan Enterprise and Qualys Dell SecureWorks is a must
Expertise in application security for the following application languages/platforms: Microsoft .NET, J2EE, SAP ABAP and Oracle DB/MS SQL Server
Software development experience on .NET or J2EE is a plus
Proficient with technologies used to build and review Web-based solutions such as: HTML5, DHTML, CSS, JavaScript and a working knowledge of other popular Web technologies
Familiarity with OWASP, CVSS, CWE, OSSTMM and/or SANS-25 methodologies and should be certified in at least one methodology
Has an understanding of the Secure Software Development Life Cycle (SSDLC) and IT Processes. And Excellent English language communication skills (verbal, presentation and written), including the ability to collaborate and influence effectively across all levels of a matrix organization
