Lead product security engineer

Posted: Nov. 10, 2023, 3:31 p.m. - Full Time - Bangalore

Roles & Responsibilities

  • Assess applications and products for security vulnerabilities, design flaws and interact with project teams to understand the security requirements
  • Performing Web application security testing, Mobile(Android/iOS) application security testing and Secure code review
  • Conduct Product Requirement reviews, Threat modelling, Static Code Reviews and cloud security assessments
  • Evaluate security vulnerabilities, think out of the box in building attack scenarios and prioritise remediation efforts
  • Evaluate and improve application security tools and processes
  • Research latest security best practices, staying current on new vulnerabilities and threats

External Skills And Expertise * Proficient in OWASP Top 10/SANS TOP 25, PRD Review, Threat Modelling, Red Teaming, Source Code review * Inclination towards learning multiple areas of security and building competency to deliver a wide spectrum of security like Cloud security, devSecOps, Data security etc. * Ability to understand tech deeply and work with respective tech teams to define functional security design and best practices framework for security * A sharp focus on automating repeatable tasks and reducing operational overheads * Excellent communication skills to proactively communicate with stakeholders to keep them up to speed on any issues. * Contributions to open source projects, GSoC etc is a plus * Certifications are not mandatory but skills are.