Job Description

Essential Job Duties

• Perform manual and automated scanning and security analysis of the company's platform including identifying threats, vulnerabilities, and risks to the business
• Work with development teams throughout the entire SDLC to ensure code is secure by design, secure by default, and secure in deployment.
• Create and maintain a vulnerability management program that will ensure the timely identification, reporting and remediation of application vulnerabilities
• Proactively identify, triage and address security flaws, threats, and vulnerabilities

Other Job Duties

• Other duties as assigned by supervisor or company leader.
• Travel up to 10%, including overnight travel

Required Education, Experience, Certifications and Skills

• 8+ years of application security experience
• Bachelor's degree in Computer Science or a related technical field, or equivalent practical experience
• Experience with attack and mitigation methods, Web application and browser security, security assessments and penetration testing
• Solid understanding of common web application technologies, languages, and frameworks
• Thorough knowledge of common software vulnerabilities and a strong understanding of methods to identify and remediate vulnerabilities
• Experience with at least one high-level language (i.e. Python, Ruby, etc.)
• Knowledge of secure coding principles and best practices for web applications
• Experience with commercial and open-source web application testing tools for SAST, DAST, IAST, and RASP, and analysis tools
• Experience with multiple programming languages (such as .NET, Python, etc.)
• Experience performing automated and manual vulnerabilities assessments of web applications based on methodologies such as OWASP and WASC
• Knowledge of authentication and access control, security monitoring and intrusion detection, data encryption, and cryptography techniques
• Experience securing public cloud environments such as Amazon AWS, GCP or Microsoft Azure
• Ability to scale security within the SDLC through automation
• Relevant security certifications (i.e., GWEB, GCWN, CSSLP, OSWE, CASE)
• Experience with software development lifecycle (SDLC) methodologies such as Agile, DevSecOps

Job Type: Full-timeSalary: ?3,500,000.00 - ?5,000,000.00 per yearSchedule:

• Day shift
• Morning shift

Ability to commute/relocate:

• Pune, Maharashtra: Reliably commute or planning to relocate before starting work (Required)

Experience:

• Application Security: 8 years (Preferred)