Hi, Hope you are doing great today!
This is Ashutosh, Technical Recruiter from IDC Technologies. I have a requirement for one of our clients TCS. please find the job description below. If you are interested please send me your most updated resume. *SECURE SDLC ANALYST* *Location: Foster City, California* *# of Positions: One* *Duration: Six Months with possible extension* *REQUIREMENTS:* *Ideal candidate might have an application security consulting background, as this position amounts to multiple engagements with various teams who work on Visa's most central applications. Not really looking for a Network Security Engineer. Understanding of the Secure Development Lifecycle (SDL) and Software Development Lifecycle (SDLC). Background and experience with mainframe platforms. Understanding of risk analysis. Background and experience with application security.* *JOB DESCRIPTION:* *Applicant to provide the following skills and proficiencies (but are not limited to): • Strong communication skills (developer interviews) • Understanding of the Secure Development Lifecycle (SDL) and Software Development Lifecycle (SDLC) • Understanding of basic computer security concepts Ideal skills: • Background and experience with mainframe platforms • Understanding of data flow and data flow diagramming • Understanding of risk analysis • Understanding of threat modeling and profiling • Understanding of application security • Understanding of managing large review projects • Understanding of interviewing and data collection Applicant will assist and participate in the following types of activities (but are not limited to): • Inventorying of specified applications related to key solutions as defined by Visa • Criteria development to be used in establishing application criticality o Type(s) of data o Exposure to the Internet o Importance to the business o Maturity of SDL and SDLC • Development of in-scope systems, controls, assets and threats • Development of required audit activities for each tier of application • Data gathering and interviewing • Review of current critical system SDLC processes in use • Review of previous security assessment reports for critical systems and applications • Validation of assessment findings and remediation through interviews and application review • Create relevant documentation pertaining to the various tasks performed, such as: o Status reports o Application security profiles that include information such as: § Application purpose and functionality § What data it stores and the value of that data § Where data is stored and rules for access § Data entry and exit points throughout the application § Data flow for transaction or processing systems § Data access and interaction by different types of users (untrusted, authenticated, partners,etc) § Intermodule relationships § Security expectations by application users § Major trust boundaries § Mitigating controls enforcing trust boundaries § Applications context within Visa network zones § Applications technology stack § Applications team structure o Questionnaires o Diagrams o Findings and recommendation reports o Scorecards for audited applications o Execution plans * *Qualification* *Rating* *Must Have* *Software Development* *Big Data* 3 Yrs. *Standard Qualifications* *SDLC* 3 Yrs. *Thanks and Regards* *Ashutosh Kumar Singh* *Technical Recruiter* *IDC Technologies Inc. (**ISO 9001-2008 Certified**)* *Address:* * 1851 McCarthy Boulevard, Suite 116, Milpitas, CA, USA, 95035Mail: **ashutosh.si...@idctechnologies.com <ashutosh.si...@idctechnologies.com>** | Web: **www.idctechnologies.com* <http://www.idctechnologies.com/> * Tel: **408-457-9381 Ext. 4012 **| IM: **ashutosh24101988 (Gtalk)** |** YIM: sashutosh00* *"Under Bill s. 1618 Title III passed by the 105th U.S. Congress this mail cannot be considered spam as long as we include a way to be removed from our mailing list. Simply send us an e-mail with “REMOVE” in the subject and we will gladly REMOVE you from our mailing list."* -- You received this message because you are subscribed to the Google Groups "as400placements1" group. To unsubscribe from this group and stop receiving emails from it, send an email to hrccpl+unsubscr...@googlegroups.com. To post to this group, send an email to hrccpl@googlegroups.com. Visit this group at http://groups.google.com/group/hrccpl. For more options, visit https://groups.google.com/d/optout.