Product and infrastructure security

Posted: Dec. 10, 2020, 3:34 a.m. - Full Time - Pune

ProdSec Engineer(Infrastructure Security engineer)

About the company

Credit cards haven’t changed much for over half a century so our team of seasoned bankers, technologists and designers set out to redefine the credit card for YOU - the consumer. The result is OneCard - a credit card re-imagined for the mobile generation.

India’s best metal credit card. Built with full-stack tech. Backed by the principles of simplicity, transparency, and giving back control to the user.

The Challenge

“Re-imaging credit and payments from First Principles”

This is an opportunity to build Secure Product and Application infrastructure from First Principles. We are strong believers in automation and baking security in everything we do. We are growing fast and having fun at the same time.

What will you do?

  • Be the Secure SDLC champion in the company.

  • Do security assessment for OneCard products and internal services, identify vulnerability work with engineering to implement remediations.

  • Understand the Attack surface of our product and infrastructure and do threat modeling.

  • Conduct security code reviews for code and infrastructure (Infrastructure as code).

  • Automate security scanning tools in CI/CD infrastructure like SonarCube. Help engineering triage and drive critical fixes.

  • Build automated Security dashboards and alerting systems integrating with different security products like Wazuh, GuardDuty.

  • Security harden the infrastructure, highlight, and eliminate manual steps in workflows.

Who are you?

  • You’ve 3-7 years of proven Application and Network security assessment experience.

  • Experience with Web Application Security.

  • Proven operational experience with AWS.

  • You have strong coding skills in Python, bash, or other scripting languages.

  • You have some community contribution in terms of talks, tools. Open source contribution highly desired.