Qualcomm Security Lead - App Security/Penetration Testing/IR/Threat Hunting in Hyderabad, India

Job Description:

Job Id

N1963572

Job Title

Security Lead - App Security/Penetration Testing/IR/Threat Hunting

Post Date

05/10/2018

Company


Division

Qualcomm Incorporated


Information Technology

Job Area

Information Technology

Location

India - Hyderabad

Job Overview

JOB SUMMARY:

The Information Security team is looking for strong team players capable of supporting multiple security solutions across the globe and with a deep understanding of the data generated by such technologies.

Opportunities available in these areas:

  • Application Security/Penetration Testing

  • Incident Response and Proactive Hunting

  • Threat Analysis and Threat Intelligence

  • Security Monitoring, Triage, and Escalation

  • Security Architecture

  • Cyber Security Solution Engineering and Delivery

  • Information Risk and Security Data Protection

  • Cyber Security Risk Assessment and Security Reviews

JOB RESPONSIBILITIES

  • Establish security best enterprise processes and practices for our mobile, on-premise and cloud-based platforms.

  • Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls

  • Perform Architectural risk analysis and threat modeling, secure design and source code review

  • Conduct security assessments, security testing and validation of vulnerability scan results

  • Incorporate security tools/tasks to automate product development and deployment

  • Mentor and train development teams on secure coding standards and techniques

  • Work on web and mobile security vulnerabilities, attack vectors and mitigation techniques

  • Work on security related aspects in Cloud (AWS) and Mobile (IOS and Android) platforms

  • Work with multiple programming languages (Java, JavaScript, Go, Python, Ruby, Objective-C, C#, PHP) with hands on expert level coding experience with at least one scripting and one objected oriented programming language

  • Work in security testing with SAST, DAST, Fuzz and penetration testing tools

  • Work in application security standards such as OWASP ASVS/Top 10 and CWE 25

  • Some exposure to DevSecOps to maintain security in CI/CD pipeline

  • Work in security tools like CheckMarx, BurpSuite, Nessus, QualysGuard

  • Work with tools like Git, Splunk

  • Work with micro services, container deployment and service orchestration

Minimum Qualifications

  • Bachelor's degree and 7+ years IT-relevant work experience OR 9+ years IT-relevant work experience without a bachelors degree.

Preferred Qualifications

  • Master's degree in IT-relevant field.

  • Information Security-Relevant Certifications.

Education Requirements

//

EEO employer: including race, gender, gender identity, sexual orientation, disability & veterans status.