Remaining hours can be worked during India daytime, but 40 hours/week had to be put in.

• Prioritized hands-on engineering experience of policy configurations within the respective applications.
• Ability to self-start and lead application security assessments.
• Direct experience with Workday, Salesforce, MuleSoft and/or Peoplesoft is highly preferred.
• Possess at least one Salesforce Associate or Professional certificate.
• Expanded accepted professional security certification minimum requirements to enable a broader talent pool to scout from.

Specialized expert level skillset of scripting languages.

Key Responsibilities:

1. Security Testing: Conducting regular security assessments such as static and dynamic code analysis, penetration testing, and vulnerability scanning to identify security flaws.

2. Vulnerability Management: Finding and prioritizing vulnerabilities in applications, working with development teams to patch and mitigate risks. They may use tools like OWASP ZAP, Burp Suite, or automated vulnerability scanners.

3. Secure Development Practices: Collaborating with development teams to integrate security into the software development lifecycle (SDLC). This might include promoting secure coding practices, code reviews, and threat modeling.

4. Incident Response: Responding to and managing security incidents, including breach detection, investigation, and resolution.

5. Security Architecture: Designing and implementing secure application architectures. This involves using encryption, authentication mechanisms, and secure coding patterns.

6. Security Policy & Compliance: Ensuring applications meet industry security standards and compliance requirements, such as GDPR, PCI-DSS, or HIPAA.

7. Threat Intelligence: Staying updated on the latest security threats and vulnerabilities, such as zero-day exploits or OWASP Top 10 risks, and applying this knowledge to enhance application security.

8. Security Automation: Automating security testing and monitoring to detect and mitigate issues early in the development cycle, integrating security tools into CI/CD pipelines.