Security architectPosted: Aug. 24, 2022, 8:46 a.m. - Full Time - Bengaluru
Notice Period - Immediate to 30 Days Relavent experience Range - 5 to 12 years
What You Will Do :
- The Candidate has a critical role to play and will be responsible for all security measures that are built into the product.
- The candidate shall be responsible for defining the security solutions that help fulfill the security requirements of the product.
- The candidate helps developers with resolution of vulnerabilities.
- The candidate shall be responsible for providing Security Requirements and performing Risk Assessment on relevant technical documentation(s) like architecture documents, high level designs, low level designs.
- The candidate shall be responsible to perform Secure Code Review & help developers remediate/trigae the issues.
- The candidate shall be responsible to perform Security assessment & penetration testing on Web, Mobile, API & Docker.
- The candidate will be an individual contributor in the program.
What You Need : * B.Tech/M.Tech in Comp. Sc * Atleast 5 years experience working on security services. * Thorough knowledge of authentication and authorization standards applicable in the Web services and Enterprise application world e.g. OAuth2, SAML, TLS 1.2/1.3 etc. Candidate needs to be aware of enterprise password handling procedures/techniques. * Thorough knowledge on well-known security vulnerablities, security practices and solutions. * Thorough understanding of Hash algorithms, encryption algorithms, ciphers suites and their robustness. Ability to decide on the right encryption based on the use-case. * Candidate needs to be familiar with OWASP, SANS and other security guidelines. * Candidate should have good hands-on experience with popular SAST, Vulnerability Analysis & Penetration Testing tools. * Candidate needs to be familiar with securing CI/CD pipeline and help in implimenting DevSecOps. * Candidate needs to be familiar with hardening & securing 3rd party software and provide compliance to best practices & security benchmarks.
Good To Have: * Security Certification(s) from well-known 3rd party certification agency would be an additional benefit. * Achivements in Bug Bounty or mentions on Hall of Fame Offensive Security Assessments/Engagements