Information security analyst

Posted: Aug. 23, 2022, 11:48 a.m. - Full Time - Remote


We at Astra Security are looking for a security engineer with an experience in Pentest of web applications, mobile apps and network devices etc. Apart from core security skills, the soft skills of interacting with CXO's/developers and preparing executive reports are a must. Having experience with bug bounties will be a great addition.You'll get to work on with Astra's next generation Pentest Platform which is loved by thousands of companies across the globe.

Experience Required:

  • Relevant certifications (Like OSCP,CEH. we're not a fan of these, but often customers request engineers with certifications)
  • 2+ years of experience in VA/PT

Job Responsibilities

  • VA/PT for web apps, SaaS apps, mobile apps, network devices, open-source projects, etc.
  • Developing & testing rule sets for our pentest suite
  • Preparing pentest reports through Astra's pentest suite
  • Interacting with clients over remediation calls
  • Explaining steps to fix to clients
  • Maintaining our vulnerability management system

Key Skills Required

  • Web App Security (ZAP, Burp Suite, Manual & Automated Testing, Comfortable in Black Box/WhiteBox testing with capability of finding business logic vulnerabilities, OWASP testing guide)
  • Knowledge of how to set up & pentest CMSs like WordPress, Magento, OpenCart, Prestashop, Drupal, etc.

We Offer

  • Adrenalin rush of being a part of a growing company
  • Sponsorship for security certifications
  • Holistic understanding of SaaS and enterprise cloud security business
  • Competitive compensation
  • Opportunity to engage and collaborate with developers globally
  • Annual trips to beaches or mountains (the last one was at Jim Corbett & Goa before that)
  • Amazing colleagues from top companies like Amazon, PwC, Bigbasket, Mobikwik, etc. Interactive calls/games :)
  • Remote-first company