Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

For Employers

Add office photos

Engaged Employer

TimesPro

Compare

4.0

based on 264 Reviews

68 TimesPro Jobs

DevSecOps

TimesPro Learning

4.0

based on 264 Reviews

5-6 years

Mumbai

1 vacancy

DevSecOps

TimesPro

posted 6d ago

Job Role Insights

Flexible timing

Key skills for the job

Auditing Identity Access Management Microsoft Power BI Penetration Testing Android Application Security

+ 4 more

Job Description

Compliance and Governance

Compliance Standards:
- Ensure adherence to GDPR, HIPAA, PCI DSS, and other standards.
- Maintain audit trails with AWS CloudTrail and Bitbucket Activity Logs.

Vulnerability Assessment, Penetration Testing (VAPT), and Hardening

Assessments: Perform regular vulnerability assessments on AWS resources using tools like AWS Inspector, Nessus, or Qualys.
Service Hardening: Apply AWS best practices to secure services like EC2, RDS, and S3.
Encryption: Implement encryption in transit and at rest using AWS KMS and SSL/TLS.

Infrastructure Security

Cloud Security:

Use AWS services (Security Hub, GuardDuty, CloudTrail) and GCP tools (Security Command Center, IAM) to harden cloud environments.
Automate infrastructure deployment with Terraform or AWS CloudFormation, ensuring security best practices.
Scan IaC using Checkov, Terrascan, or AWS Config Rules.

Application Security

SAST and DAST:
- Perform SAST during development to identify vulnerabilities early.
- Conduct DAST in staging or production using tools like Burp Suite, OWASP ZAP, or AppScan.
Android Security:
- Test Android apps using tools like MobSF, QARK, or Drozer.
- Ensure compliance with OWASP MSTG standards.

Ethical Hacking and Ransomware Testing

Ransomware Simulation: Simulate ransomware attacks to test recovery capabilities and data resiliency.
Ethical Hacking: Perform ethical hacking exercises to assess system vulnerabilities and identify potential breaches

Threat Analysis Threat Modeling:
- Conduct regular threat analysis to evaluate potential risks to cloud infrastructure and applications.
- Create and maintain threat models for applications, services, and infrastructure to identify attack vectors and mitigation strategies.
- Use tools like Microsoft Threat Modeling Tool, OWASP Threat Dragon, or custom modeling techniques to identify and prioritize risks.
Code Scanning:

Use Bitbucket Code Insights for integrated security scan results in PRs.
Monitor repositories for exposed credentials or sensitive data.
Automate IaC scanning with tools like Checkov.

CI/CD and Code Security

Secure Pipelines:
- Integrate Bitbucket Pipelines with AWS services for secure deployments.
- Automate security checks at each pipeline stage:
  - SAST (Static Application Security Testing): Use tools like SonarQube.
  - DAST (Dynamic Application Security Testing): Use tools like OWASP ZAP or Burp Suite.
  - Dependency scanning using tools like OWASP Dependency-Check.
  - Container security scanning for Docker images.

Code Scanning:

Use Bitbucket Code Insights for integrated security scan results in PRs.
Monitor repositories for exposed credentials or sensitive data.
Automate IaC scanning with tools like Checkov.

WSO2 API Manager Responsibilities

API Security:
- Secure APIs with OAuth2, JWT tokens, and mutual TLS.
- Implement rate-limiting and throttling to prevent abuse.
- Integrate APIs with AWS Cognito or other identity providers for authentica

Monitoring and Incident Response

Monitoring:
- Use AWS CloudWatch, GuardDuty, and Bitbucket monitoring features.
- Configure proactive alerts using PagerDuty or Slack for Bitbucket Pipelines.
Incident Response:
- Automate incident response workflows using AWS Systems Manager or AWS Lambda.
- Conduct regular incident response drills.

AWS IAM (Identity and Access Management)

Policy Design: Create and enforce least privilege access policies.
Audits: Conduct regular audits of IAM roles, groups, and policies to ensure compliance and security.
Federated Identity: Configure and manage federated identity with external IdPs (e.g., Okta, Azure AD).

Bitbucket Roles and Responsibilities

Version Control Security:
- Manage repository access using roles (Admin, Developer, Read-Only).
- Enforce branch protection rules for PR reviews.
- Secure sensitive data using Bitbucket Pipelines environment variables.
CI/CD Pipeline Integration:
- Integrate Bitbucket Pipelines with security tools like SonarQube or Checkmarx.
- Automate dependency vulnerability checks.
- Use pre-commit hooks for code quality and security validation.

Job Requirement

Key Tools and Technologies

Category

Tools

Compliance and Governance

GDPR, HIPAA, PCI DSS / AWS CloudTrail and Bitbucket Activity Logs

Vulnerability Assessment, Penetration Testing (VAPT), and Hardening

VAPT

Infrastructure Security

AWS services

Application Security

SAST / DAST

Ethical Hacking and Ransomware Testing

ransomware attacks / system vulnerabilities

Threat Analysis Threat Modeling

applications, services, and infrastructure

Code Scanning

SonarQube, Checkmarx, OWASP ZAP

Source Control

Bitbucket, Git

CI/CD

Bitbucket Pipelines, Jenkins, GitLab CI/CD

Cloud Security

AWS Security Hub, GuardDuty, GCP Security

API Management

WSO2 API Manager, AWS API Gateway

Employment Type: Full Time, Permanent

Read full job description

TimesPro Interview Questions & Tips

Prepare for TimesPro roles with real interview advice

What people at TimesPro are saying

What TimesPro employees are saying about work life

based on 264 employees

55%

58%

72%

98%

Flexible timing

Monday to Friday

No travel

Day Shift

View more insights

Compare TimesPro with

Manipal ProLearn

5.0

Compare

NIIT

3.6

Compare

upGrad

3.7

Compare

Simplilearn

3.2

Compare

Hughes Net Global Education

3.9

Compare

EduPristine

4.4

Compare

Imarticus Learning

4.2

Compare

Edukart

5.0

Compare

Educomp Solutions

3.5

Compare

Genpact

3.8

Compare

Taurus BPO Services

4.5

Compare

Brane Enterprises

2.1

Compare

QX Global Group

3.4

Compare

CSM Technologies

4.3

Compare

Luxoft

3.7

Compare

BDO India LLP

3.5

Compare

Thryve Digital

3.9

Compare

Magic Edtech

3.1

Compare

Bada Business

3.6

Compare

GUS Education India

3.2

Compare

Similar Jobs for you

Security at 3i Infotech Limited

Mumbai

5-10 Yrs

₹ 6-9 LPA

Cyber Security Manager at Bajaj Finserv Ltd.

Pune

3-5 Yrs

₹ 5-7 LPA

Security at eSec Forte Technologies Private Limited

Noida

2-7 Yrs

₹ 4-7 LPA

Security Analyst at Network Intelligence India

Pune, Mumbai

1-6 Yrs

₹ 5-10 LPA

Associate Lead Consultant at Yash Technologies Pvt ltd

Bangalore / Bengaluru

3-5 Yrs

₹ 5-9 LPA

Product Security Analyst at Novo Nordisk Centre (India) Pvt Ltd

Bangalore / Bengaluru

2-5 Yrs

₹ 5-9 LPA

Security Architect at Accenture Solutions Pvt Ltd

Chennai

5-10 Yrs

₹ 7-12 LPA

Security at Zone IT Solutions

Gurgaon / Gurugram

5-10 Yrs

₹ 7-11 LPA

Penetration Tester at TOAE Security

Noida, Kanpur + 1

3-5 Yrs

₹ 6-8 LPA

Associate Consultant at Yash Technologies Pvt ltd

Bangalore / Bengaluru

3-5 Yrs

₹ 4-7 LPA

TimesPro Mumbai Office Location

View all

Mumbai (1)

Mumbai Office

Headquarter

G 02 1802, Lotus corporate park, Off, Western Express Hwy, Geetanjali Railway Colony, Laxmi Nagar, Jogeshwari Mumbai, Maharashtra 400063 Mumbai
400063