Experience: 5 + Years
Education: Masters Degree
Location: Navi Mumbai, Maharashtra, India
The Application Security Engineer will be in charge of assessing the security of different types of applications developed by Schlumberger teams or acquired from 3rd party vendors. Work with company development teams or vendors to detect, prioritize and remediate security flaws within the applications. Collaborate with IT and the business to identify and implement appropriate software development related security controls. Strives to develop a security-oriented mindset throughout the application development cycle from concept phase through testing and implementation. The engineer will be required to analyse various data security, authentication/authorization, encryption, application level security and auditing requirements and recommend security mitigations and solutions that integrate with the business.
- Perform application security assessment for web, mobile, cloud, thick client and IoT applications
- Perform different types of application security assessments as needed; this involves application penetration testing, network penetration testing, attack surface evaluation, threat modelling and security design reviews
- Perform web services (APIs) penetration testing and analyse communications between client and servers
- Check separation of duties and access controls, review accounts management and check SSL certificates
- Perform risk analysis and define prevention and mitigation controls for application vulnerabilities
- Explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to application development teams or application vendor, and discuss effective defensive techniques
- Provide mitigation strategies for applications from infrastructure, architecture and secure coding perspectives.
- Utilize application security scanning tools, interpret reports and validate identified vulnerabilities and associated risks
- Manage application security assessment requests from multiple locations, plan and prioritize testing activities
- Collaborate with development teams across multiple locations to prioritize and remediate vulnerabilities throughout the application lifecycle
- Work with development teams and IT staff to review application code and configuration for possible security risks
- Bachelor's or Master's Degree (IT, Computer Science, Cybersecurity, Telecommunications, Engineering, etc.) or equivalent experience
- 5-7 years' experience in application security assessment
- Applicants must be fluent in English and Hindi.
- Experience with open-source technologies and cloud services
- Strong experience with Linux-based infrastructures and cloud infrastructures: Linux/Unix administration, and AWS/GCP/Azure.
- Work with CI and CD tools, and source control such as GIT and Azure DevOps
- Offer technical support where needed such as developing software for our back-end systems, building infrastructure for QA Automation
- Experience in using Docker containers or deploying apps using Kubernetes
- Some experience with Application Security/DevSecOps/Secure code practices
- Adaptable and willing to learn new technologies, keeps abreast of key developments in relevant technologies
Schlumberger is the world's leading provider of technology for reservoir characterization, drilling, production, and processing to the oil and gas industry. We have more than 20 years of experience in delivering world-class service to our customers through integrated projects. These projects range from basic service coordination through to complete development and abandonment of fields. To meet the growing needs of our business we are encouraging applications from experienced professionals who share our passion for delivering excellence in all aspects of project delivery.
Schlumberger is an equal employment opportunity employer. Qualified applicants are considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or other characteristics protected by law.
A tradition of excellence and innovation
We’re the world’s leading provider of integrated pore-to-pipeline technology solutions to the oil and gas industry. We’re also a leading employer in our sector—with a reputation for hiring the best and the brightest people and keeping them at the top of their game through rewarding career-long development opportunities.
Each day, in 85 countries, we help our customers find and produce oil and gas in ways that demonstrate respect for both people and the environment. Today’s industry challenges call for new ideas, techniques, and solutions. If you want to drive your career and want to grow with a company that’s embraced new ways of thinking since 1927, we may have the career for you.
Schlumberger is ranked in the Global Top 10 in Rigzone's 2019 Ideal Employer Rankings.