[OWASP-Bangalore] OWASP-Bangalore Digest, Vol 33, Issue 3

Don Cochran dcochran at scippinternational.org
Fri Aug 6 08:57:44 EDT 2010


Good day Kishore,

I would recommend starting off by making sure you have a good foundation of
knowledge. Mr. Mark Merkow is one of the leading authorities in this area
and has just released a fantastic book on this very subject.  You can find
out everything about this book by going to
http://www.crcpress.com/ecommerce_product/product_detail.jsf?isbn=9781439826
966

I can attest to Mark's knowledge, skills and abilities from first-hand
knowledge, as I have known and worked with Mark for years.  Mark is also the
Lead Course Architect for SCIPP International's Secure Web-Application
Development Awareness course that covers the principles of secure coding and
the OWASP Top-10.  More information on that course can be found at
http://www.scippinternational.org/secure-web-applications-training.html

We all wish you luck in your endeavors and applaud your desire to understand
the need to incorporate security within the SDLC process.

Best wishes,

don       

-----Original Message-----
From: owasp-bangalore-bounces at lists.owasp.org
[mailto:owasp-bangalore-bounces at lists.owasp.org] On Behalf Of KISHORE
KANKIPATI
Sent: Thursday, August 05, 2010 12:04 PM
To: owasp-bangalore at lists.owasp.org
Cc: owasp-bangalore at lists.owasp.org
Subject: Re: [OWASP-Bangalore] OWASP-Bangalore Digest, Vol 33, Issue 3

Dear Brothers & Sisters

Application security is more concern in the SDLC. As a fresher I want to
start my career as Appsec professional, could any one explain how to start.

Thanks 

Kishore
Sent from my iPad

On 05-Aug-2010, at 21:30, owasp-bangalore-request at lists.owasp.org wrote:

> Send OWASP-Bangalore mailing list submissions to
> 	owasp-bangalore at lists.owasp.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> or, via email, send a message with subject or body 'help' to
> 	owasp-bangalore-request at lists.owasp.org
> 
> You can reach the person managing the list at
> 	owasp-bangalore-owner at lists.owasp.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of OWASP-Bangalore digest..."
> 
> 
> Today's Topics:
> 
>   1. Opening for Appsec professionals (3 - 5 years) (chintan dave)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Wed, 4 Aug 2010 16:49:20 +0530
> From: chintan dave <davechintan at gmail.com>
> Subject: [OWASP-Bangalore] Opening for Appsec professionals (3 - 5
> 	years)
> To: owasp-delhi at lists.owasp.org, owasp-mumbai at lists.owasp.org,
> 	owasp-bangalore at lists.owasp.org
> Message-ID:
> 	<AANLkTi=0yufxsqACNTi0DBquE_9cVtmSXoX8pXB=UW5c at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
> 
> Hi,
> 
> Following the detailed job description. If interested, please send
> across your Resume to me along with your current and expected CTC
> 
> Job Location - Bangalore
> 
> Job Description:
> ================
> 
> Bachelors or Masters Degree in any Engineering discipline 3 to 5 years
> of experience in application security
> 
> Requirements:
> =============
> ? Capable of understanding end user requirements from a security
perspective
> ? Run & Analyze the security assessments (Manual & Automated) and
> pinpoint the security issues and suggest countermeasures for security
> improvements.
> ? Technical expertise in a broad range of application and technical
> architecture components (applications/OS, database, network)
> ? Proven expertise in Web Technologies (.NET and J2EE)
> ? Should have fair amount of knowledge in at least Windows & Unix
> operating systems and Oracle & SQL Server databases.
> ? Servers/Application Servers: Microsoft technologies & IBM Suite of
> Server Technologies
> ? Knowledge in various open source security tools
> ? Ability to do security assessments in line with internal standards.
> ? Good communication & negotiation skills
> ? Should be able to work independently
> ? CEH Certification is desirable.
> ? Ability to conduct design reviews, requirement reviews, evaluates
> technical architecture from security view point.
> ? Work experience with tools like Fortify, Web Inspect, Appscan etc is a
plus
> 
> 
> -- 
> Regards,
> Chintan Dave
> 
> 
> ------------------------------
> 
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 
> 
> End of OWASP-Bangalore Digest, Vol 33, Issue 3
> **********************************************
_______________________________________________
OWASP-Bangalore mailing list
OWASP-Bangalore at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-bangalore



More information about the OWASP-Bangalore mailing list