2 months ago
Pune, IndiaStaff+
Responsibilities
- Engineer, implement and monitor security measures for the protection of computer systems, networks, and information.
- Prepare, maintain and document standard operating procedures and protocols.
- Configure and troubleshoot security infrastructure systems.
- Develop and maintain technical solutions and security tools to mitigate vulnerabilities.
- Work closely with technical leads to drive and deliver on a technical strategy and roadmap.
- Assist with security reviews, threat modeling, and code reviews.
- Support vulnerability management efforts across functional teams.
- Advocate for security best practices and serve as a point of contact throughout the company.
- Perform any other tasks assigned to help the company meet its goals.
Requirements
- 8+ years of experience with auditing web applications.
- 3+ years using at least one high-level programming language such as Node.js, Python, Go, Java, or Ruby.
- Experience with web application security scanning software and penetration testing tools.
- Desire to conduct security training for developers and the security team.
- Experience performing threat modeling and secure design reviews.
- Experience with distributed multi-tier web server-client architectures.
- Familiarity with cloud environments like AWS or Azure.
- Strong understanding of network and application fundamentals and best practices.
- Knowledge of OWASP Top 10 vulnerabilities in web applications.
- Working knowledge of security development lifecycle models.
- Experience implementing security practices in automated CI/CD pipelines is a plus.
- Strong sense of ownership, urgency, and drive.
- Ability to lead cross-team initiatives and communicate effectively.