Company Overview
Hiring for an American technology company
We are sorry!
This job has been closed. You will find bellow the job description as a reminder. It is not possible to apply anymore.
Job Description
Product security engineer
Ethically hack applications to find security vulnerabilities. Create security solutions in support of product line development. Supply expert knowledge in the fields of security, privacy, and identity and the related issues, systems, processes, products, and services and provide security advisory to product development teams. Implement proof of concepts of new security technologies that will be incorporated into products. Execute the design and implementation of products to ensure appropriate and effective security and data protection controls are included. Drive secure software development techniques for applications. Execute static and dynamic analysis of software and work with teams on remediation of findings.
B.Tech/B.E. OR PG – M.S. / M.Tech 2-4 years of Security Experience Required.
CISSP, CSSLP certifications required, (or is currently using related knowledge in existing projects, ability and existing personal goal to complete certification within six months of hire – this is a must)
Offensive security experience is MUST; Bug Bounty Hunting experience is preferred.
Ethical Hacker- should be able to use Automated DAST tools against Web Application, Web Services and Mobile Applications (Android (MUST), iOS) Work in SAST tools such as Checkmarx CxSAST, CxOSA, and HP Fortify etc. a big plus
Demonstrated ability to work in a fast-paced multi-tasking Agile environment
Demonstrated technical leadership and teamwork skills encompassing internal and external resources Demonstrated excellence in English communication skills with multiple stakeholders: clients, management, employees, and vendors. Experience with AWS security features is added advantage
Experience with Docker security reviews is added advantage
Experience with Automation using Jenkins/ TeamCity for integration of security tests in CI/ CD
Network security experience with proxy services and SSL/TLS is preferred.
Experience with Cloud based WAF & DDOS Solutions.