Security researcher

Posted: Dec. 22, 2020, 11:48 a.m. - Full Time - Bangalore

Job title : Security Researcher
Location : Bangalore
Experience : 3 + years

Role

We are on the lookout for a talented individual who is passionate about Vulnerability Analysis & Signature Development to work on our Web Security products. The individual will be joining a team with a proven track record in Bangalore India and be a part of our IndusGuard Suite of Products Unit. Primary focus of this role is to develop Scanner & WAF signatures delivered to customers regularly.

Job Description

• Create signatures for Indusface WAS & WAF products to detect & protect from Web application vulnerabilities.
• Reproducing vulnerabilities to understand the working of an exploit, etc. on need basis to verify existing WAS/WAF coverage.
• Problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.
• Develop tools for the automation of security processes using Python, PERL, PowerShell, etc.
• Collaborate with engineering teams to support/maintain/design backend applications and other operational platforms

Candidate Profile

2+ years of experience in the area of information security with strong understanding of security basics, network vulnerabilities and analysing/developing IPS/IDS/WAF signatures.
• Good understanding of:
• Firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Windows & Linux operating systems (REDHAT)
• Network security, network layers (OSI Layer-3 and Layer-4)
• Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.
• Network Penetration testing and techniques
• Identify and Analyse network vulnerabilities, Attack reproduction
• Programming languages like C/C++, Java and Scripting language like Python, Perl, etc.
• Hands-on experience in:
• Web-app security (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25
• Network analysis tools like tcpdump, Wireshark, Burpsuite
• Crafting Regular Expressions, Verification & Validation
• Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools: Metasploit, Nessus, etc.
• Analysing existing or writing new POCs
• Effective written and verbal communication skills.

Good to have

• Developing security related tools / programs
• Knowledge on Cloud infrastructure services
• Virtualization software (VMWare , Virtual PC / Virtual Box , XEN , etc), VPNs
• Knowledge on ModSecurity and Rule writing
• Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl
• Experience/Knowledge in Amazon Web Services

What do you gain?

• Challenging, transparent and supportive work environment
• Opportunity to grow rapidly in your career along with the company’s growth
• Competitive compensation structure and benefits

There are over a billion web apps and millions of mobile apps in the world now. Indus face with a mission to secure them and with its own line of cutting edge Armory of application security products, are living the dream of becoming the next Billion dollar “Made in India” security company”.

About Indusface

Indusface is an award-winning application security leader protecting 1100+ customers spread across 30+ countries. Our unique Total Application Security platform that detects, protects, and monitors applications. Our Total Application Security solution is available On-Premise, As A Service and through the AWS Marketplace.
Our suite of products includes:

AppTrana- Continuous Hack Preventions
Indusface Total Application Security- Web Application Security That Detects, Protects, and Monitors
Indusface Web Application Scanning- Managed Scan and Penetration Testing Solution for Web Applications
Indusface Web Application Firewall - Managed Web Application Firewall and DDoS Protection
Indusface Mobile Application Scanning- Dynamic Mobile Application Penetration Testing
SSL Certificates - Digital Certificates for Secure and Confidential Communications

Our security products have not only been mentioned in the Gartner Magic Quadrants for Application Security Testing and Web Application Firewall but we have won all major startup awards.

• #1 Security Product Company by NASSCOM-DSCI
• Top 5 in ET Startup Awards-Bootstrap Champ
• iSpirit’s InTech50 Most Innovative Products from India
• AWS ‘Regional Innovation Partner: Technology Partner
• Top Emerging Information Security Product Company by NASSCOM-DSCI

For more information on Indusface,

• Corporate website : https://www.indusface.com
• Our SaaS solution: https://www.apptrana.com
• LinkedIn : https://www.linkedin.com/company/indusface/
• Facebook : https://www.facebook.com/indusface/