Lead Security Engineer - Vulnerability Management (7-15 yrs)

About the team :

The fintech revolution in the industry is driving change at an exciting pace - creating an interconnected world. The resulting pervasiveness of cyber brings both new business opportunities, and new cyber threats. - # Cyber Security team is on its fast paced journey to fortify the cyber security posture and strengthen the security controls by shifting security left. From securing our crown jewels to strict adherence of regulatory and compliance requirements, our commitment is to make - one of the safest business applications with world class security in place.

About the role :

As a Application security professional we expect you to have a solid understanding of multiple cloud platforms and security solutions, industry best practices, business processes or technology designs family. You will own and drive complex cloud security projects and improvements that need independent judgment, in order to improvise the cloud security posture and technological enhancement to meet our security goals.

cThe cloud security engineer will perform cloud/cyber security assessments of our environment to ensure the safety and security of - # infrastructure assets by uncovering potential security vulnerabilities and advising on remediation and automation as part of our cloud security maturity program.

Expectations/ Requirements :

- Education qualification : Any full-time graduate (Bachelor of Science from an accredited institution)

- 4+ years of Information Security / Cybersecurity experience.

- In-depth knowledge of Application security concepts

. Perform Mobile application security assessment (Android & iOS) (Mandatory)

. Familiarity with Secure Design Review, Threat Modeling, and testing methodologies such as OWASP, SANS.

. Proficiency in SAST, DAST, DevSecOps and SCA vulnerability triage and assessment.

- Ability to flow from black box to grey box to white-box tests.

- Ability to perform Secure source code review (Manual/Automated)

- In-depth knowledge of Vulnerability Mitigation strategies.

- Experience with programming languages such as Bash, Python, Go, nodeJS

- At Least one programming language is a Must.

- Good understanding of Application architecture and cloud platforms (AWS)

- Ability to perform vulnerability assessments and penetration testing, utilizing tools- commercial and open source.

- Ability to exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Android, iOS, and Web

- Ability to effectively work with the engineering/Development teams to provide them understanding of the issues and explain about Technical risk/Impact of the issue and guide them with industry best practices for Mitigating it.

- Providing training for development and engineering teams regarding secure coding practices

- Good communication skills.