Security Engineer, Product Security - Ocrolus Inc. Gurgaon, Haryana, India Bookmark Share Print 170 0 0

Listing Description

 

Summary:


Ocrolus is a fast-growing financial technology organization with many emerging security threats and we are building a world-class security program to keep Ocrolus and our customer’s data secure.  We are looking for a diverse set of security practitioners to help us design, build, and scale security at Ocrolus.  We value critical thinking, creativity, data-driven and intelligence-driven approaches, and offensive experience.  We believe security is a collaborative and open process, where security is a partner to help achieve business goals securely.  We believe in saying “yes, and” instead of “no” when recommending security objectives.  We don’t believe in using fear or penalty for enforcement of security policies and processes, and we will always provide evidence and justification for security controls.


Responsibilities



  • Conduct design, architecture, and code reviews for new and existing applications and infrastructure.

  • Perform manual product security testing and source code auditing.

  • Assist with designing automatic product security testing.

  • Give clear and detailed risk assessment and remediation guidelines for engineers and business owners.

  • Perform penetration testing targeting critical data, services, and environments.

  • Report underlying security issues and propose enhanced security protections.

  • Write and disseminate security guidelines for common security issues, remediation, and security technology baselines.

  • Build relationships with stakeholders throughout the engineering and product organizations.

  • Help build a collaborative and enlightening world-class security team at Ocrolus.

  • Spread security culture throughout the organization.


Requirements



  • Experience using, writing, and building static, dynamic, instrumentation, and program analysis product security vulnerability scanners.

  • Experience performing product-level threat models, design reviews, code reviews, and manual web application security testing.

  • Knowledge of technology and processes used for product security.

  • Experience with modern cloud platforms and modern programming languages and paradigms.

  • Ability to explain basic security, engineering, networking, and cloud concepts.

  • Great communication, prioritization, and project management skills.



Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765