Lead- Product Security
2 months ago
Infosys Finacle ( EdgeVerve is a product subsidiary of Infosys, a global leader in next-generation digital services and consulting. We're the force behind Finacle, the industry-leading platform for digital banking solutions trusted by financial institutions in over 84 countries. As part of the EdgeVerve brand, we focus on developing and delivering innovative software products that empower businesses to thrive in today's dynamic landscape.
Location Bangalore, India
Job Objective
As a Product Security Engineer specializing in the financial domain, you will play a vital role in ensuring the security of our cloud-native products. You will be responsible for overseeing vulnerability assessments, penetration testing, and contributing to a secure development lifecycle (SDL) to safeguard our financial products from emerging threats.
Key Responsibilities
• Conduct comprehensive vulnerability assessments and penetration testing on critical financial web applications.
• Leverage SAST and DAST tools to identify and analyze security vulnerabilities, recommending effective remediation strategies.
• Perform security assessments of web services and APIs, focusing on identity and token authentication and authorization mechanisms.
• Design and implement secure software systems, ensuring that security is an integral part of the software design process.
• Collaborate with the development team to apply secure design principles and patterns.
• Identify potential security vulnerabilities during the design phase and propose secure solutions.
• Analyze and assess cryptography implementations, key management practices, and rotation procedures.
• Deep dive into existing codebases to thoroughly assess security posture and identify potential vulnerabilities.
• Collaborate with development teams to implement secure architecture and design principles throughout the SDL.
• Maintain up-to-date knowledge of emerging threats like DDoS, ransomware, supply chain attacks, and implement countermeasures to mitigate risks.
• Stay abreast of industry best practices, including OWASP Top 10, SANS Top 25, BDH, and Palo Alto advisories.
• Ensure adherence to proper security postures and standard processes for both public and private cloud deployments.
Qualification
• 10 -15 years of experience in production/cloud security, with a focus on the financial domain and product security.
• Thorough understanding of HTTPS, TLS 1.2, TLS 1.3, and public/symmetric key cryptography.
• Proven experience in software design, with a focus on integrating security into the design process.
• Experience with one or more of the following:
>Front-end technologies such as Angular, React, or JavaScript.
>Back-end technologies such as Java, Node.js, TypeScript, Spring, or C.
• Strong understanding of secure design principles and patterns. • Experience identifying and addressing security vulnerabilities during the design phase.
• Familiarity with security tools and screening/reporting experience is a plus, but the primary focus should be on software design experience.
• Proficiency in security tools like Burp Suite, Nmap, ZAP, Black duck Hub, NVD/CVE/CWEs, and experience managing FOSS CVE tracking.
• Experience in implementing secure coding practices aligned with OWASP Top 10, SANS Top 25, BDH, and Palo Alto advisories (a plus).
• Solid understanding of secure deployments on public and private cloud platforms like AWS, Azure, GCP, OpenShift, and VMWare. Bonus Points
• Experience working within the financial services industry.
• Experience with secure development methodologies (SDLC) and DevSecOps practices.
• Strong communication and collaboration skills
Bonus Points
• Experience working within the financial services industry.
• Experience with secure development methodologies (SDLC) and DevSecOps practices.
• Strong communication and collaboration skills.
Infosys Finacle is an equal opportunity employer, and we are committed to embracing diversity and creating an inclusive environment for all employees. All aspects of employment at Infosys Finacle are based on merit, competence, and performance.
-
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Lead, Product Security
3 weeks ago
bangalore, India Pocket FM Full timeAbout the role: As a lead in product security, you will play a pivotal role in championing security throughout the entire product development lifecycle. You will collaborate with engineering, product management, and other stakeholders to identify and mitigate security risks, ensuring our products are built with security and compliance in mind.What You Will...
-
Lead, Product Security
4 weeks ago
Bangalore, India Pocket FM Full timeAbout the role: As a lead in product security, you will play a pivotal role in championing security throughout the entire product development lifecycle. You will collaborate with engineering, product management, and other stakeholders to identify and mitigate security risks, ensuring our products are built with security and compliance in mind. What You...
-
Lead, Product Security
2 months ago
bangalore, India Pocket FM Full timeAbout the role:As a lead in product security, you will play a pivotal role in championing security throughout the entire product development lifecycle. You will collaborate with engineering, product management, and other stakeholders to identify and mitigate security risks, ensuring our products are built with security and compliance in mind.What You Will Be...
-
Lead, Product Security
2 months ago
bangalore, India Pocket FM Full timeAbout the role: As a lead in product security, you will play a pivotal role in championing security throughout the entire product development lifecycle. You will collaborate with engineering, product management, and other stakeholders to identify and mitigate security risks, ensuring our products are built with security and compliance in mind.What You Will...
-
Product Designer
2 months ago
bangalore, India Andromeda Security Full timeProduct Designer Summary: Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit,...
-
Product Designer
4 weeks ago
Bangalore, India Andromeda Security Full timeProduct Designer Summary: Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit,...
-
Product Designer
4 weeks ago
bangalore, India Andromeda Security Full timeProduct DesignerSummary:Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and...
-
Product Designer
6 months ago
bangalore, India Andromeda Security Full timeProduct DesignerSummary:Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and...
-
Product Designer
1 week ago
bangalore, India Andromeda Security Full timeProduct DesignerSummary:Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and...
-
Lead, product security
2 weeks ago
Bangalore City, India Pocket FM Full timeAbout the role: As a lead in product security, you will play a pivotal role in championing security throughout the entire product development lifecycle. You will collaborate with engineering, product management, and other stakeholders to identify and mitigate security risks, ensuring our products are built with security and compliance in mind. What You Will...
-
Product Designer
2 months ago
bangalore, India Andromeda Security Full timeProduct DesignerSummary:Andromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and...
-
Product Designer
2 days ago
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Product Designer
3 days ago
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Product Designer
21 hours ago
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Lead- Product Security
5 hours ago
bangalore, India Infosys Finacle Full timeAbout the CompanyInfosys Finacle (www.infosys.com/finacle) EdgeVerve is a product subsidiary of Infosys, a global leader in next-generation digital services and consulting. We're the force behind Finacle, the industry-leading platform for digital banking solutions trusted by financial institutions in over 84 countries. As part of the EdgeVerve brand, we...
-
Lead- Product Security
2 months ago
bangalore, India Infosys Finacle Full timeAbout the Company Infosys Finacle (www.infosys.com/finacle) EdgeVerve is a product subsidiary of Infosys, a global leader in next-generation digital services and consulting. We're the force behind Finacle, the industry-leading platform for digital banking solutions trusted by financial institutions in over 84 countries. As part of the EdgeVerve brand, we...
-
Product Designer
3 days ago
Bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Lead- Product Security
17 hours ago
bangalore, India Infosys Finacle Full timeAbout the CompanyInfosys Finacle ( EdgeVerve is a product subsidiary of Infosys, a global leader in next-generation digital services and consulting. We're the force behind Finacle, the industry-leading platform for digital banking solutions trusted by financial institutions in over 84 countries. As part of the EdgeVerve brand, we focus on developing and...
