Security testing

Posted: Aug. 1, 2022, 10:59 a.m. - Full Time - Bengaluru

What You Will Do : The Candidate has a critical role to play and will be responsible for all security measures that are built into the product. The candidate shall be responsible for defining the security solutions that help fulfill the security requirements of the product. The candidate helps developers with resolution of vulnerabilities. The candidate shall be responsible for providing Security Requirements and performing Risk Assessment on relevant technical documentation(s) like architecture documents, high level designs, low level designs. The candidate shall be responsible to perform Secure Code Review & help developers remediate/trigae the issues. The candidate shall be responsible to perform Security assessment & penetration testing on Web, Mobile, API & Docker. The candidate will be an individual contributor in the program.

What You Need : B.Tech/M.Tech in Comp. Sc Atleast 5 years experience working on security services. Thorough knowledge of authentication and authorization standards applicable in the Web services and Enterprise application world e.g. OAuth2, SAML, TLS 1.2/1.3 etc. Candidate needs to be aware of enterprise password handling procedures/techniques. Thorough knowledge on well-known security vulnerablities, security practices and solutions. Thorough understanding of Hash algorithms, encryption algorithms, ciphers suites and their robustness. Ability to decide on the right encryption based on the use-case. Candidate needs to be familiar with OWASP, SANS and other security guidelines. Candidate should have good hands-on experience with popular SAST, Vulnerability Analysis & Penetration Testing tools. Candidate needs to be familiar with securing CI/CD pipeline and help in implimenting DevSecOps. Candidate needs to be familiar with hardening & securing 3rd party software and provide compliance to best practices & security benchmarks.

Good To Have: Security Certification(s) from well-known 3rd party certification agency would be an additional benefit. Achivements in Bug Bounty or mentions on Hall of Fame Offensive Security Assessments/Engagements