AmbitionBox
Jobs
- Reviews
- Salaries
- Interview Questions
- About Company
- Benefits
- Jobs
- Office Photos
- Community
Add office photos
All Filters
1 Astra security Job
SDE II (Vulnerability Detection)
3-8 years
Kolkata, Mumbai, New Delhi + 4 more
1 vacancy
SDE II (Vulnerability Detection)
Astra security
posted 15d ago
Job Role Insights
Key skills for the job
Job Description
About Us
Astra is a cybersecurity SaaS company that makes otherwise chaotic pentests a breeze with its one-of-a-kind AI-led offensive Pentest Platform
Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 13,000+ security tests
CTOs and CISOs love Astra because it helps them to achieve continuous security at scale, fix vulnerabilities in record time, and seamlessly transition from DevOps to DevSecOps with Astra's powerful CI/CD integrations
Astra is loved by 800+ companies across 70+ countries
In 2024 Astra uncovered 2
5 million+ vulnerabilities for its customers, saving customers $110M+ in potential losses due to security vulnerabilities
We've been awarded by the President of France Mr
Fran?ois Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security
Loom, MamaEarth, Muthoot Finance, Canara Robeco, Dream 11, OLX Autos etc are a few of Astras customers
Job Description:
This is a remote position
Role Overview:
As a SDE II (Vulnerability Detection), you will be at the forefront of vulnerability research and detection engineering for our cloud-based SaaS security platform
Your primary focus will be on identifying new attack techniques, researching emerging threats, and developing high-fidelity detection rules to enhance our offensive security engine
This role requires a deep understanding of web, cloud, and API security, along with hands-on experience in exploiting vulnerabilities, writing detection logic, and optimizing scanning strategies
You will work closely with security researchers, engineers, and product teams to ensure our platform remains ahead of evolving threats
If you're passionate about offensive security, love breaking things to make them more secure, and want to shape the future of automated vulnerability detection, wed love to have you on board
Roles & Responsibilities:
Work in our Attack Engine Team to create vulnerability detection rules that identify exploits in web applications, cloud environments, and APIs
Conduct security research on vulnerabilities, CVEs, and zero-days impacting web technologies, cloud infrastructure, and API ecosystems
Develop and maintain JavaScript/GoLang-based detection logic, leveraging your programming skills to automate security analysis and exploit identification
Collaborate with security researchers and engineering teams to design and implement detection modules, APIs, and automation frameworks
Work in an agile development environment, contributing to the architecture, design, and implementation of Astras web security engine
Research, design, develop, and troubleshoot?what you build, you own
Write secure, modular, testable, and well-documented code to maintain high-quality engineering standards
Adhere to strict code review and security best practices, ensuring high-quality and maintainable code
Ensure timely delivery of features, maintaining transparency with technical managers regarding development progress
What we are looking for:
Strong analytical mindset with a passion for security research and offensive security
3-4 years' experience involving security & development experience in JavaScript (preferred) or any curly-bracket language such as C, C++, PHP
Understanding of security concepts and experience with vulnerability research for Web, API, and Cloud environments
Excellent problem-solving skills and strong attention to detail
Strong communication and collaboration skills, with the ability to work effectively in a remote team environment
Eagerness to learn and adapt to new technologies, methodologies, and evolving security threats
Hands-on experience with Git for version control and collaboration
Good to have:
Experience using security tools such as Burp Suite, OWASP ZAP, or similar vulnerability assessment tools
Understanding of Software Architecture and Design Patterns, with the ability to write scalable and maintainable code
Prior experience working in a remote role, with strong self-management and collaboration skills
What we offer:
Adrenaline rush of being a part of a fast-growing company and working on hard problems that matter
Fully remote, agile working environment
Good engineering culture with full ownership in design, development, and release lifecycle
A wholesome opportunity where you get to build things from scratch, improve, and ship code to production in hours, not weeks
Holistic understanding of the SaaS and security industry
Annual trips to beaches or mountains (last one was to Wayanad!)
Open and supportive culture
Health insurance & other benefits for you and your spouse (maternity benefits included)
Astra is a cybersecurity SaaS company that makes otherwise chaotic pentests a breeze with its one-of-a-kind AI-led offensive Pentest Platform
Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 13,000+ security tests
CTOs and CISOs love Astra because it helps them to achieve continuous security at scale, fix vulnerabilities in record time, and seamlessly transition from DevOps to DevSecOps with Astra's powerful CI/CD integrations
Astra is loved by 800+ companies across 70+ countries
In 2024 Astra uncovered 2
5 million+ vulnerabilities for its customers, saving customers $110M+ in potential losses due to security vulnerabilities
We've been awarded by the President of France Mr
Fran?ois Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security
Loom, MamaEarth, Muthoot Finance, Canara Robeco, Dream 11, OLX Autos etc are a few of Astras customers
Job Description:
This is a remote position
Role Overview:
As a SDE II (Vulnerability Detection), you will be at the forefront of vulnerability research and detection engineering for our cloud-based SaaS security platform
Your primary focus will be on identifying new attack techniques, researching emerging threats, and developing high-fidelity detection rules to enhance our offensive security engine
This role requires a deep understanding of web, cloud, and API security, along with hands-on experience in exploiting vulnerabilities, writing detection logic, and optimizing scanning strategies
You will work closely with security researchers, engineers, and product teams to ensure our platform remains ahead of evolving threats
If you're passionate about offensive security, love breaking things to make them more secure, and want to shape the future of automated vulnerability detection, wed love to have you on board
Roles & Responsibilities:
Work in our Attack Engine Team to create vulnerability detection rules that identify exploits in web applications, cloud environments, and APIs
Conduct security research on vulnerabilities, CVEs, and zero-days impacting web technologies, cloud infrastructure, and API ecosystems
Develop and maintain JavaScript/GoLang-based detection logic, leveraging your programming skills to automate security analysis and exploit identification
Collaborate with security researchers and engineering teams to design and implement detection modules, APIs, and automation frameworks
Work in an agile development environment, contributing to the architecture, design, and implementation of Astras web security engine
Research, design, develop, and troubleshoot?what you build, you own
Write secure, modular, testable, and well-documented code to maintain high-quality engineering standards
Adhere to strict code review and security best practices, ensuring high-quality and maintainable code
Ensure timely delivery of features, maintaining transparency with technical managers regarding development progress
What we are looking for:
Strong analytical mindset with a passion for security research and offensive security
3-4 years' experience involving security & development experience in JavaScript (preferred) or any curly-bracket language such as C, C++, PHP
Understanding of security concepts and experience with vulnerability research for Web, API, and Cloud environments
Excellent problem-solving skills and strong attention to detail
Strong communication and collaboration skills, with the ability to work effectively in a remote team environment
Eagerness to learn and adapt to new technologies, methodologies, and evolving security threats
Hands-on experience with Git for version control and collaboration
Good to have:
Experience using security tools such as Burp Suite, OWASP ZAP, or similar vulnerability assessment tools
Understanding of Software Architecture and Design Patterns, with the ability to write scalable and maintainable code
Prior experience working in a remote role, with strong self-management and collaboration skills
What we offer:
Adrenaline rush of being a part of a fast-growing company and working on hard problems that matter
Fully remote, agile working environment
Good engineering culture with full ownership in design, development, and release lifecycle
A wholesome opportunity where you get to build things from scratch, improve, and ship code to production in hours, not weeks
Holistic understanding of the SaaS and security industry
Annual trips to beaches or mountains (last one was to Wayanad!)
Open and supportive culture
Health insurance & other benefits for you and your spouse (maternity benefits included)
Employment Type: Full Time, Permanent
Read full job descriptionSimilar Jobs for you
Recently Viewed
Share an Interview