Sr. Security Analyst (AppSec- VAPT }

Position : Security Analyst (AppSec - VAPT )

Experience : 4+ Years

Location : Gurgaon golf course road , India (Hybrid Work Model) @ Client Site

Company : Fencesense Technologies Pvt. ltd. https://fencesense.io

Department : Cybersecurity

Budget : upto 22 lacs

About the Role

We are seeking a skilled Security Analyst with expertise in Application Security, VAPT, Secure SDLC, and Azure DevOps (DevSecOps). The ideal candidate will ensure security is integrated throughout the Software Development Life Cycle (SDLC), provide secure coding recommendations, identify and remediate vulnerabilities early, and collaborate with development and operations teams to deliver secure, high-quality software.

Key Responsibilities

Conduct Vulnerability Assessment & Penetration Testing (VAPT) for web, mobile, APIs, and infrastructure .

Identify and remediate OWASP Top 10 (2021) vulnerabilities.

Integrate security controls, automated testing, and code analysis into Azure DevOps pipelines.

Embed security into the SDLC by performing security reviews, threat modelling, and risk assessments at every stage of development.

Provide actionable SDLC recommendations to improve secure design, coding, and deployment practices.

Advise and guide development teams on secure coding practices, including input validation, output encoding, proper authentication & authorisation, and data protection.

Perform static (SAST) and dynamic (DAST) application security testing within CI/CD workflows.

Maintain and optimize security tools, testing methodologies, and scripts aligned with SDLC processes.

Prepare detailed reports with findings, risk ratings, remediation guidance, and SDLC improvement suggestions.

Stay updated on emerging threats, DevSecOps best practices, and SDLC security innovations.

Required Skills & Qualifications

Bachelor's degree in Computer Science, Information Security, or related field.

3+ years of experience in Application Security, VAPT, and SDLC security integration.

Strong understanding of OWASP Top 10 vulnerabilities and remediation techniques.

Hands-on experience with security tools (Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit).

Proficiency with Azure DevOps and experience embedding security into CI/CD pipelines.

Knowledge of secure coding practices and SDLC recommendations for design, development, and deployment.

Experience with DevSecOps methodologies, threat modeling, and risk assessment.

Scripting knowledge (Python, Bash, PowerShell) is a plus.

Relevant certifications (e.g., OSCP, CEH, GWAPT, AZ-500) preferred.

Soft Skills

Strong analytical and problem-solving abilities.

Excellent communication and collaboration skills for cross-functional teams.

Proactive, detail-oriented, and committed to improving application security.

Share Ur latest C.V. with details like-

1. Ctc

2. Expectation

3. Notice period

Regards,

Rajesh Kumar

AAYAM CONSULTANTS

Cell: - 9311232179/ 7011595674

Email id: - [HIDDEN TEXT]