Product Security Engineer
3 weeks ago
Job DescriptionProduct Security Engineer at Traveloka will be required to ensure that our products and services are shipped with high security standards through application security testing, hardening, and secure framework. A Product Security Engineer will be smart and self starter. The person needs to find unique ways to understand complex software architecture and should be able to perform manual security code review. They need to be able to integrate security in the software development process with defense-in-depth strategies such as automated testing in CI/CD pipeline. A Product Security Engineer preferably needs to have a software development background and should have practical programming knowledge.They will work very closely with our Software Engineering Team to implement Secure SDLC in Traveloka. They will also need to have proficiency in handling multiple projects based on different frameworks and groups.Responsibilities- Carry out manual and automated review of source code to identify security vulnerabilities and risks - Implement automated security testing tools (SAST, DAST, IAST) and their deployment within continuous integration systems - Implement hardening and secure framework such as RASP, WAF, safe library, and security decorator functions - Perform vulnerability assessment & penetration testing on web API, front-end service, internal RPC, and mobile application - Attend design reviews and actively lead the discussions from a security standpoint - Analyze possible security incident related to application security such as payment abuse or sensitive data exposure via web API - Ensure that product security requirements are identified early on and are being baked into all projects - Provide effective recommendations or patches to mitigate security vulnerabilities - Develop in-house tools to integrate with SDLC and to track and derive security metricsSkills & Experience- Academic background in Computer Science or equivalent - Relevant professional experience or extensive experience in security activities (e.g. CTF, bug bounty, security research, publications, blog) - Practical knowledge of modern software development such as microservices, application containerization, REST architecture, object oriented programming, stateless/stateful authentication, and cloud platform - Working knowledge of one or more of these programming languages: Java, JavaScript, Kotlin, C#, Objective-C, Swift - Experience in security code review, vulnerability assessment, and penetration testing. - Knowledge of common vulnerabilities such as OWASP Top 10 and CWE including business logic issue (e.g. IDOR) - Core skill set in two or more of the following areas: - JavaScript framework (e.g. React) - Java framework (e.g. Spring) - Android / iOS platform - DevOps - AWS - Automation tool development - Dynamic debugging - Unit testing - Algorithm & data structureIf you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us
-
Senior Security Engineer
4 weeks ago
New Delhi, India TAC Security Full timeJob description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and...
-
Senior Security Engineer – AI, Cloud
16 hours ago
Delhi, India Symosis Security Full timeLocation: Remote (India)Type: Full-TimeCompany: Symosis SecurityAbout Symosis SecuritySymosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP...
-
Intern- Security Engineer
2 weeks ago
New Delhi, India TAC Security Full timeJob Summary: TAC Security is looking for a passionate and motivatedCyber Security Internto join our team in Mohali. The intern will assist in identifying security vulnerabilities, conducting research on emerging threats, and supporting ongoing cybersecurity projects. This internship offers hands-on experience in a global cybersecurity environment.Key...
-
Staff Engineer – Product Security
3 weeks ago
New Delhi, India Aviatrix Full timeJob Title: Staff Engineer – Product Security Location: Bangalore, India Who We Are: For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...
-
Staff Engineer – Product Security
3 weeks ago
New Delhi, India Aviatrix Full timeJob Title: Staff Engineer – Product SecurityLocation: Bangalore, IndiaWho We Are:For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...
-
Endpoint Security Engineer
3 weeks ago
New Delhi, India Sattrix Information Security Full timeDevice Management (Endpoint) Support Engineers – L1 & L2Location: Chennai, Hyderabad and MumbaiMode: work from office (5 days)Shifts: Rotational Shifts (24x7)Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security):- Sentinal One - Carbon Black - Aruba - NAC - DAM - Imperva - DSF - ImpervaJob Overview:We are looking for Device Management L1...
-
Endpoint Security Engineer
3 weeks ago
New Delhi, India Sattrix Information Security Full timeDevice Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security): Sentinal One Carbon Black Aruba - NAC DAM - Imperva DSF - ImpervaJob Overview: We are looking forDevice Management L1 and...
-
Senior Security Engineer – AI, Cloud
10 hours ago
Delhi, India Symosis Security Full timeLocation : Remote (India)Type : Full-TimeCompany : Symosis SecurityAbout Symosis SecuritySymosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP...
-
Senior Security Engineer
4 days ago
Delhi, Delhi, India TAC Security Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob descriptionAs a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and...
-
Intern- Security Engineer
2 weeks ago
Delhi, Delhi, India TAC Security Full time ₹ 60,000 - ₹ 1,80,000 per yearKey ResponsibilitiesAssist in monitoring, analysing, and responding to security alerts and incidents.Conduct vulnerability assessments and penetration testing on networks, applications, and systems.Research the latest cyber security threats, attack vectors, and trends.Support in managing and updating security tools such as SIEM, firewalls, and endpoint...
