Listing Description
We are looking for a bright and exceptional Lead Engineer to join our information security team in Bangalore/Gurugram.
What you'll do:
- Conduct manual penetration testing on web applications and other systems.
- Demonstrate and promote security best practices, including secure development and cloud security
- Assist with the development of remediation recommendations for identified findings
- Identify and articulate (written and verbal) findings to the development teams
- Stay up-to-date with the latest security trends, technologies, and best practices
What you'll need:
- 5 – 8 Years, out of which at least 3+ years in the security engineering field
- B.E/B.Tech or M.Tech/MS: Degree in computer science engineering or related field
- Technical background in Application Security Testing, Security Code Reviews, and security design reviews
- Knowledge of common application security attacks (e.g. Deserialization attacks, Injections attacks, SSRF, XSS, SQL Injection, XSRF, buffer overruns, DoS, etc)
- Prior experience with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools and using them for Application Security reviews.
- Experience in Cloud Security - AWS is an added advantage, and Kubernetes and Docker container security
- Technical familiarity with technologies like Java, Python, React, GraphQL, Javascript, JSON, REST, Docker, Terraform, etc.
- Encryption and Key Management
- Must have Experience with Java programming language.
- Strong understanding of security fundamentals and general security technologies.
- Excellent communicator, comfortable discussing with technical staff and management.
- Strong interpersonal skills as well as excellent written and verbal communication skills
Good to have Skills: - SAST/DAST integration in CI/CD pipeline - design, implementation
- Experience working with Gitlab
- Certifications like OCSP, OSWE or OSWA
Arcesium's Personal Data Privacy Notice for Candidates is linked here.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided