Listing Description
Position Overview:
We are seeking a talented and experienced Security Engineer to conduct comprehensive security assessments, including pen-testing, infrastructure vulnerability testing, and static source code reviews. The ideal candidate will have a strong development background, be familiar with Secure Software Development Life Cycle (SSDLC) practices, and hold relevant certifications such as OSCP. This role requires a proactive approach to security, with the ability to identify and mitigate risks before they can impact our product and customers.
ShyftLabs is a growing data product company that was founded in early 2020 and works primarily with Fortune 500 companies. We deliver digital solutions built to help accelerate the growth of businesses in various industries, by focusing on creating value through innovation.
Job Description:
Conduct pen-tests and infrastructure vulnerability assessments to identify security weaknesses and vulnerabilities within our products and network.
Perform static source code analysis to ensure compliance with security best practices and identify potential security issues.
Collaborate with the development team to implement Secure Software Development Life Cycle (SSDLC) practices across all phases of product development.
Develop and maintain documentation related to security assessments, findings, and remediation strategies.
Stay updated on the latest security threats, trends, and technologies to continuously enhance our security posture.
Provide security training and guidance to the development team to foster a security-conscious culture within the organization.
Basic Qualifications:
3+ years of proven experience as a Security Engineer or similar role with a focus on product security.
Bachelor's degree in Computer Science, Engineering, Information Technology or a related field.
Strong background in software development, with proficiency in at least one programming language.
Hands-on experience with pen-testing, infrastructure vulnerability testing, and static source code analysis.
Familiarity with Secure Software Development Life Cycle (SSDLC) practices and methodologies.
Familiarity with implementing and maintaining security measures in a large-scale cloud environment.
Relevant certifications such as OSCP, CISSP, CEH or equivalent, are highly preferred.
Excellent problem-solving and analytical skills.
Strong communication and collaboration abilities.
Advocate security and data integrity compliance through partnering with and training engineers, PMs, and others.
We are proud to offer a competitive salary alongside a strong insurance package. We pride ourselves on the growth of our employees, offering extensive learning and development resources. This role is preferably hybrid, with 2 days per week spent in our Hyderabad office.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided