Job Description

Application Security Engineer
Chennai, India or Bangalore, India

The Opportunity:
We’re looking for an IT Security Engineer to help us push the boundaries of what education can offer through the power of technology. Education is our passion, and our team members bring that to work each day as they aim to advance learning in every region of the world. Blackboard is the world's leading education technology company, providing dynamic products and services to the global education community. We’re focused on driving innovation in EdTech and working with our clients to create a smarter learning environment.

Anthology offers the largest EdTech ecosystem on a global scale, supporting over 150 million users in 80 countries. Our mission is to provide dynamic, data-informed experiences to the global education community so that learners and educators can achieve their goals.

We believe in the power of a truly diverse and inclusive workforce. As we expand globally, we are committed to making diversity, inclusion, and belonging a foundational part of not only our hiring practices but who we are as a company.

For more information about Anthology and our career opportunities, please visit www.anthology.com.

Anthology’s Blackboard Data is a revolutionary solution that combines our knowledge of the data structures of our products with a wealth of experience and expertise in education, analytics and data science to provide products and solutions that answer the common questions and shared problems within education. These include student risk and retention, learning tool adoption and management of the student experience. This allows clients to save time by accessing insights across our SaaS EdTech tools in one place.

As a member of our Information (or Application) Security team, you’ll work closely with development teams, product managers (PM), Site Reliability Engineers, and third-party groups (including the paid bug bounty program) to ensure that Blackboard products are secure.

Primary responsibilities will include:

• Performing Web Application, API and Mobile Security Testing using both Manual and Automated Penetration Testing Methodologies
• Proactively identifying potential vulnerabilities through manual testing
• Supporting the bug bounty program by reviewing incoming vulnerability reports and reproduce issues, assessing the severity and impact
• Performing automated scan scenarios to ensure coverage of dynamic functionalities
• Learning and developing secondary expertise in Blue Team activities other than regular Red Team activity.
• Performing automation via code development and scripting
• Identifying remediation strategies and supporting implementation for vulnerabilities in products
• Staying abreast of newer trends in tools and technologies used for web application security
• Working independently as a professional contributor with general supervision

The Candidate:
Required skills/qualifications:

• Experience in Cloud, Application or Mobile Security Domain
• Experience with performing penetration testing as per OWASP Top 10, SANS Top 25, WASC, NIST and SANS Security Guidelines
• Knowledge of current information security threats
• Understanding of coding best practices and standards
• Knowledge of application development processes and at least one programming or scripting language

Preferred skills/qualifications:

• Hands-on experience with testing frameworks in line with Web Applications, Mobile Applications, Web Services/APIs, Thick-client, Network and Cloud (AWS preferred)
• Experience in both commercial and open-source tools like: Burp Professional, Nmap, Kali, Metasploit, Fortify on Demand, etc.
• Experience preparing a security threat model and associated test plans
• Good oral and written communication skills
• Critical thinking and problem-solving abilities
• Organized planning and time management skills
• Bachelor’s degree
• Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)

To ensure the safety and wellbeing of our employees during the COVID-19 pandemic, Blackboard positions are currently remote (where possible).

The Office:
We have an office in one of the biggest cultural, economic, and educational centers in South India: Chennai.

• Located on OMR, the IT corridor of South Chennai
• Easy access to Velachery, Thiruvanmiyur Railway station and bus stop
• Very close to Tidel Park, Ascendas, and SRP Tools – Holiday Inn
• Office provides lunch Tuesday – Thursday and evening snacks Monday – Friday
• Office is situated behind Hotel Turyaa on the 5th floor of Rayala Techno Park
• Fun Committee, Happy Fete Team, Food Committee, and Sports Committee ensures fun at work
• ISR Team actively engages employees in contributing to various local charities

This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.

Blackboard is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.