Application Security Analyst

Over the past 15 years, Medanta has created an unrivalled impact in delivering world class multi-specialty care for patients in India. We have hospitals in Gurgaon, Lucknow, Patna, Indore and Ranchi. In addition, we have clinics in Defence Colony (South Delhi), Cybercity & Subhash Chowk (Gurgaon), and at the Delhi Airport. Medanta is constantly growing and has also ventured in Retail vertical through Diagnostics (Laboratory Services) and Pharmacies. We also have also launched homecare services. We further plan to scale up existing facilities and expand into a few more geographical areas and also identify new avenues (Academics - Medical College) within the Healthcare eco-system. As we continue to scale and grow into new geographies, explore innovative methods of healthcare delivery, we are looking to hire exceptional talent to help us achieve our vision and grow in the process to achieve their professional aspiration. Roles & Responsibilities

• Perform regular VAPT for various applications (thick client, browser based, android apps and IoS Apps) and report the security risks to all stakeholders
• Manage vulnerability management tool to track all vulnerabilities from reporting to closure.
• Coordinate with all stakeholders and application managers to ensure adoption of application development best practices.
• Configuration and management of Web Application Firewall (preferably Imperva) to block attacks on internet facing applications

• Strong and thorough understanding of application security with passion to innovate.
• Strong knowledge and experience on vulnerability management and penetration testing.
• Proven hands-on experience on security tools such as Burp Suite, OWASP ZAP and Kali Linux.
• Hands-on experience on Web Application Firewall.
• Familiarity with dynamic application security testing (DAST) methodologies and tools.
• Strong Knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams.
• Understanding of security best-practices and how to implement them at enterprise level.
• Good understanding of SSDLC and secure software delivery frameworks.
• Provide guidance to development teams for remediating application security vulnerabilities.
• Basic understanding of networking concepts and protocols.
• Good communication skills.
• Certified Ethical Hacker (CEH)
• Offensive Security Certified Professional (OSCP).
• 4-5 years’ of relevant experience