Security Manager
5 months ago
Cashfree is a leading payments and API banking solutions company. We provide full-stack payments solutions enabling businesses in India to collect payments and make payouts via all available methods with a simple integration. Cashfree’s offerings include an advanced and easy way to integrate payment gateway, a split payment solution for marketplaces, bank account verification API and Auto Collect -- a virtual account solution to match inbound payments to customers. Founded by IIIT Hyderabad alumnus Akash Sinha and IIT Kharagpur graduate Reeju Datta, www.cashfree.com is among the leading payment service providers in India processing transactions worth USD 80 Billion annually. We have leveraged technology to lead payment disbursals in India with more than 50% market share among payment processors. Cashfree enables more than 8,00,000 businesses with payment collections, vendor payouts, wage payouts, bulk refunds, expense reimbursements, loyalty and rewards. Apart from India, Cashfree’s products are used in eight other countries including USA, Canada and UAE. Cashfree is backed by Silicon Valley investor Y Combinator, Apis Partners, State Bank of India (SBI) and was incubated by PayPal. Cashfree is currently used by over 800,000 businesses for vendor payouts, wage payouts, build refunds, expense reimbursements, loyalty, and rewards. Some of its notable customers include Dunzo, Xiaomi, Tencent, Delhivery, Zomato, Cred, Club Factory, and ExxonMobil.
Job Description
Function:
- Application Security
- Information Security
- Vulnerability Assessment
- Cloud Security
- Product Security
Responsibilities:
- Work with stakeholders to define and own Security road map for one or more business areas and build the Security processes from scratch.
- Provide technical and scientific leadership to the team
- Roll up your sleeves and do hands-on work.
- Build, coach, mentor, and grow the team
- Be at the forefront of emerging vulnerabilities/threats which could affect Cashfree products through independent research and study.
- Examine the products in detail to discover vulnerabilities and collaborate with the other security engineers to practically demonstrate the exploitability and risk factors.
- Engage with the developers in developing workarounds/mitigation plans and ensure they are implemented per policy.
- Engage with the development teams to conduct secure design reviews/threat modeling exercises to enumerate threats and mitigation strategies.
- Enable the developers with knowledge of threat modeling by conducting focused workshops.
- Secure Coding: Priorities critical defects and ensure these are identified and mitigated during the sprint.
- Integration and automation of SAST in the DevOps pipeline.
- Build secure coding principles and propagate them across the development community.
- Be the to-go person for developers in solving critical issues relating to secure product development.
- Build and enhance secure coding/security assessment training content for developers and the QA team.
- Deliver training programs at various levels in the organizations.
- Conduct workshops/security tech talks to disseminate security knowledge and awareness.
- Conduct white-box and grey-box offensive penetration testing against applications, front-end and back-end micro-services, and web services.
- Conduct network infrastructure, Public Cloud (AWS and GCP), and data-layer offensive pen testing.
- Perform manual source code reviews and audits (manual and SCA/SAST code audits) as needed.
- Perform any other application security or product security-related activities or tasks as needed or directed.
- Validate 3rd party external pen-test and crowd-sourced application security findings and work with our engineering teams.
Qualifications:
- B. S. in Computer Science, Electrical, or Computer Engineering, or equivalent work experience as a software engineering or security practitioner.
- 12+ years of relevant engineering or security assessment experience, experience in application security.
- Possess a broad knowledge of attack vectors, exploits, and mitigations that work at scale or may be linked together for chained attacks.
- Experience with Java, Go, Python, or Node.js (bonus points for more than one).
- Experience with assessing Cloud-native services, service meshes, and K notes-platform-based micro-services.
- Be able to apply unconventional thinking and problem-solve on the boundary of your knowledge base, learning new technologies or languages as needed to complete pen-test tasks.
- Be able to think both offensively (like a hacker) and defensively (evaluating product security and design).
- Familiarity with industry-standard threat modeling, risk modeling, and vulnerability classification.
- Experience with pre-assessment architectural and API analysis to the scope and preparing white-box and grey-box assessments.
- Experience working with in-house engineering organizations, S-SDLC/CICD software lifecycle, and QA processes.
- Good knowledge of multiple classes of vulnerabilities that includes cross-site scripting, SQL Injection, CSRF, cryptographic-related weakness, and code injection.
- Good knowledge of any programming/scripting languages such as Java, Ruby, and Python.
- Good knowledge relating to services/technology relating to the cloud.
- Ability to automate security testing and improve productivity in security assessments.
- Ability to communicate and interpret security vulnerabilities to various audiences such as development and management teams.
-
Digital Security Architect
4 weeks ago
Bengaluru, Karnataka, India RSA Security Full timeJob SummaryWe are seeking a seasoned Digital Security Architect to join our team at RSA Security. As a key member of our security team, you will be responsible for designing and implementing secure software and product lifecycle management solutions.About the RoleThis is an exciting opportunity for a highly skilled professional with experience in penetration...
-
Cyber Security Risk Manager
18 hours ago
Bengaluru, Karnataka, India Elytra Security Private Limited Full timeAbout UsElytra Security Private Limited is a pioneering cybersecurity solutions provider, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust security frameworks and providing cutting-edge solutions to ensure business continuity and resilience.Job OverviewWe are seeking an...
-
RSA - Application Security Engineer
3 months ago
Bengaluru, India RSA Security Full timeRSA - Application Security Engineer (Location: Hybrid/ Remote India) RSA offers mission-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced...
-
Security Guard
6 months ago
Bengaluru, India Griffin security services Full timeWe are looking for a fit and attentive security guard to ensure that our Dhaba is secured. The security guard is responsible for recording the names of visitors & employees and apprehending any trespassers. To be successful as a security guard you must be alert and professional and ensures that no inappropriate actions take place. Responsibilities and...
-
Security Guard
7 months ago
Bengaluru, India Griffin security services Full timeWe are looking for a fit and attentive security guard to ensure that our Dhaba is secured. The security guard is responsible for recording the names of visitors & employees and apprehending any trespassers. To be successful as a security guard you must be alert and professional and ensures that no inappropriate actions take place. Responsibilities and...
-
Staff Security Researcher
6 months ago
Bengaluru, Karnataka, India Menlo Security Full timeMenlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. Menlo is well-funded for growth and our investors...
-
Cloud Security UX Specialist
3 weeks ago
Bengaluru, Karnataka, India Andromeda Security Full timeAndromeda Security is a pioneering cloud security firm, backed by leading Silicon Valley venture capitalists. Our mission is to empower businesses by effectively managing cloud credentials and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking dedicated professionals who will...
-
Cloud Security Architect Lead
4 weeks ago
Bengaluru, Karnataka, India Oleria Security Full timeAbout Oleria SecurityOleria Security is a leading cybersecurity startup revolutionizing access control solutions for enterprise cloud applications. With over $43M in funding, we're on a mission to reduce the opportunity and scope of data breaches.Our VisionWe envision a world where identity-based attacks are a thing of the past. Our cutting-edge technology...
-
Cyber Security Analyst
4 days ago
Bengaluru, India Elytra Security Private Limited Full timeJob Title: Security AnalystLocation: Bangalore, IndiaCompany: Elytra Security Private LimitedAbout Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust...
-
Cyber Security Analyst
2 days ago
Bengaluru, India Elytra Security Private Limited Full timeJob Title:Security AnalystLocation:Bangalore, IndiaCompany:Elytra Security Private LimitedAbout Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust security...
-
Security Framework Specialist
3 days ago
Bengaluru, Karnataka, India Elytra Security Private Limited Full timeJob OverviewElytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape.We are seeking a skilled and motivated Security Analyst to join our team. The ideal candidate will have hands-on experience in implementing ISO 27001 standards and...
-
Cyber Security Analyst
4 days ago
Bengaluru, India Elytra Security Private Limited Full timeJob Title: Security AnalystLocation: Bangalore, IndiaCompany: Elytra Security Private LimitedAbout Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust security...
-
Cyber Security Analyst
4 days ago
Bengaluru, India Elytra Security Private Limited Full timeJob Title: Security AnalystLocation: Bangalore, IndiaCompany: Elytra Security Private LimitedAbout Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust security...
-
Cyber Security Analyst
3 days ago
Bengaluru, India Elytra Security Private Limited Full timeJob Title: Security Analyst Location: Bangalore, India Company: Elytra Security Private Limited About Elytra Security Private Limited: Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust...
-
Cloud Security Architect
3 weeks ago
Bengaluru, Karnataka, India Andromeda Security Full timeAndromeda Security, a cutting-edge Silicon Valley-backed multinational startup in Bengaluru, India, is seeking a seasoned professional to spearhead its cloud security initiatives. With a strong focus on innovation and growth, this role offers the ideal opportunity to make a lasting impact.The ideal candidate will have extensive experience in operationalizing...
-
Security Officer
2 months ago
Kalyan Nagar, Bengaluru, Karnataka, India Black Belt Security Group Full time**Job Title**: Security Training Officer **Department**: Security **Reports To**: Head of Security / Security Manager **Job Summary**: The Security Training Officer is responsible for developing, implementing, and overseeing comprehensive training programs for the security team. This position ensures that all security personnel are thoroughly trained and...
-
Cyber Security Threat Mitigator
3 days ago
Bengaluru, Karnataka, India Elytra Security Private Limited Full timeWe are seeking a skilled Cyber Security Threat Mitigator to enhance our organization's security posture and ensure compliance with regulatory and industry standards.About Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats...
-
Bengaluru, India System Two Security Full timeDescriptionAs a Principal Software Engineer at System Two Security, you will play a crucial role in developing and maintaining the software stack that powers our innovative AI-driven cybersecurity solutions. This senior position demands a blend of advanced back-end skills, with a focus on creating seamless, efficient, and scalable applications. Additionally,...
-
Bengaluru, Karnataka, India Elytra Security Private Limited Full timeWe are seeking a highly skilled Cybersecurity Analyst to join our team at Elytra Security Private Limited. Our ideal candidate will have hands-on experience in implementing ISO 27001 standards and the Cyber Security and Cyber Resilience Framework (CSCRF).About the RoleThis role involves assessing, designing, and deploying cybersecurity controls to enhance...
-
Principal software engineer
2 weeks ago
Bengaluru, India System Two Security Full timeDescriptionAs a Principal Software Engineer at System Two Security, you will play a crucial role in developing and maintaining the software stack that powers our innovative AI-driven cybersecurity solutions. This senior position demands a blend of advanced back-end skills, with a focus on creating seamless, efficient, and scalable applications. Additionally,...