Senior Security Engineer - AppSec (Pentest, Bug Bounty, Threat Model, Risk Assessment) - Workato Bangalore, Karnataka, India Bookmark Share Print 247 0 0

Listing Description

Responsibilities


We are looking for a Sr. Security Engineer. As a Sr. Security Engineer, you will be responsible for:




  • Conduct tests on network and applications





    • Conduct security audits




    • Analyze security policies




    • Write security assessment reports




    • Plan the penetration test





  • Select, design and create appropriate tools for testing




  • Perform the penetration test on computer systems, networks, web-based and mobile applications




  • Document your methodologies




  • Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from earlier stages to identify vulnerabilities that the tools may not see




  • Review your findings and feedback to clients




  • Analyze the outcomes and make recommendations for security improvements




  • Carry out application, network, systems, and infrastructure penetration tests




  • Review physical security and perform social engineering tests where appropriate




  • Evaluate and select from a range of penetration testing tools




  • Keep up to date with the latest testing and ethical hacking methods




  • Deploy the testing methodology and collect data




  • Report on findings to a range of stakeholders




  • Make suggestions for security improvements




  • Enhance existing methodology material




If you’re looking for a real challenge in terms of mission criticality, multi-geographic region deployments, diversity of managed services, and the chance to be a part of an impactful team working with cutting edge cloud technologies and more, then this might be the position for you!


Requirements


Qualifications / Experience / Technical Skills




  • BS or MS from a top-notch CS program (or equivalent experience)




  • At least 5+ years of multifaceted security experience in a technology-centric company, including experience




  • Hands-on experience designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions.




  • An understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats




  • An understanding of Application Security threats and countermeasures




  • Good practical knowledge of security technologies, especially those applying to SaaS Web applications, and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, Data Loss Protection, BCP, and Cloud Security




  • Prior experience with AWS, Linux and/or Kubernetes is desirable.




  • Working knowledge in the areas of Risk, Compliance, and Privacy is desirable




  • Ability to provide strategic product security mentorship based on experience performing threat modeling and design reviews to assess security implications and requirements




  • Experience managing and configuring web applications hosted on AWS & Azure




Soft Skills / Personal Characteristics




  • Outstanding interpersonal and communication skills; ability to communicate information successfully internally and externally and to drive multi-functional alignment and action



Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!