Sr. Associate

App Security Architect

Qualification:

BE graduate

• MCA graduate.

Responsibility:

Requirements Gathering:

• 'Understand functional and non functional application security requirements.

• Raise queries and seek clarification.

• Use requirement gathering techniques like Interviews Focus groups Facilitated workshops to collect more information security requirements and refine them.

Design & Analysis:

• 'Identify areas that need to be validated using POC and drive it.

• Conduct and facilitate idea generation techniques like brainstroming benchmarking alternatives generation to come up with exhaustive and ideal design.

• Create design documents LLD HLD etc.

Coding:

• 'Monitor and review installation and configuration of application and data security products data repository product(ldap) and configure replication.

• For enabling parallel development of custom component create skeleton/framework using which implementation will be done by Security Engineers.

• Conduct code review ensure code quality and standard continous integration is done.

• Clarify questions / resolve issues / concerns on time.

• seek review from peer / Senior Developer periodically.

• Highlight any potential risks to Leads and seek inputs to resolve issues identified.

• Update traceability matrix for the work package developed.

• provide support on process audit activities.

• Adhere to process and tools.

• follow the SCM policies set for project.

Testing:

• 'Create unit test plan.

• Review unit test cases.

• Review unit test results.

Documentation:

• Develop SDLC lifecycle artifacts based on customer SDLC process.

Change Management:

• 'Review build and deployment instructions.

• Schedule and review change requests.

• Deployment.

• Facilitate automation for build and deployment.

• Facilitate building of tools/process for quick and efficient validation of application pre/post deployment (sanity checks).

Defect Management:

• 'Analyze defects (identify dependencies between application/components alternate fixes etc).

• Review defect fixes.

• Ensure defect density is low defect leakage is null and first time right metric is high.

Coaching & Facilitating:

• 'Build induction training conduct and facilitate.

• Facilitate knowledge sharing within and among team through sessions.

• Encourage team to take up domain/technical certifications.

Project Estimation:

• 'Technical inputs for estimation.

• Do project estimation for project enhancements and mid size new projects.

Resource/ Efforts Estimation and Monitoring:

• Provide bottom up estimation for work packages.

• Provide input to Security architect on dependencies between work packages.

Process Improvements and Adherence:

• 'Identify areas where automation/improvements can be done develop accelerators to improve efficiency and productivity.

• Identify pain points/gaps in process and suggest improvements.

Knowledge Management:

• Contribute towards updating knowledge assets and reviweing user manual online help document installation manual / scripts.

• Contribute / search / reuse all types of assets from repository.

People management:

• 'Resolve conflicts within team.

• Conduct periodic 1 on 1 to provide and receive feedback.

Business Development:

• 'Technical support required for drafting solution response.

Solution Design & Development:

• 'Create Design documents LLD HLD.

• Perform POC for solution realization based on technology skills.