Security Manager
1 month ago
Cashfree is a leading payments and API banking solutions company. We provide full-stack payments solutions enabling businesses in India to collect payments and make payouts via all available methods with a simple integration. Cashfree’s offerings include an advanced and easy way to integrate payment gateway, a split payment solution for marketplaces, bank account verification API and Auto Collect -- a virtual account solution to match inbound payments to customers. Founded by IIIT Hyderabad alumnus Akash Sinha and IIT Kharagpur graduate Reeju Datta, www.cashfree.com is among the leading payment service providers in India processing transactions worth USD 80 Billion annually. We have leveraged technology to lead payment disbursals in India with more than 50% market share among payment processors. Cashfree enables more than 8,00,000 businesses with payment collections, vendor payouts, wage payouts, bulk refunds, expense reimbursements, loyalty and rewards. Apart from India, Cashfree’s products are used in eight other countries including USA, Canada and UAE. Cashfree is backed by Silicon Valley investor Y Combinator, Apis Partners, State Bank of India (SBI) and was incubated by PayPal. Cashfree is currently used by over 800,000 businesses for vendor payouts, wage payouts, build refunds, expense reimbursements, loyalty, and rewards. Some of its notable customers include Dunzo, Xiaomi, Tencent, Delhivery, Zomato, Cred, Club Factory, and ExxonMobil.
Job Description
Function:
Application Security
Information Security
Vulnerability Assessment
Cloud Security
Product Security
Responsibilities:
Work with stakeholders to define and own Security road map for one or more business areas and build the Security processes from scratch.
Provide technical and scientific leadership to the team
Roll up your sleeves and do hands-on work.
Build, coach, mentor, and grow the team
Be at the forefront of emerging vulnerabilities/threats which could affect Cashfree products through independent research and study.
Examine the products in detail to discover vulnerabilities and collaborate with the other security engineers to practically demonstrate the exploitability and risk factors.
Engage with the developers in developing workarounds/mitigation plans and ensure they are implemented per policy.
Engage with the development teams to conduct secure design reviews/threat modeling exercises to enumerate threats and mitigation strategies.
Enable the developers with knowledge of threat modeling by conducting focused workshops.
Secure Coding: Priorities critical defects and ensure these are identified and mitigated during the sprint.
Integration and automation of SAST in the DevOps pipeline.
Build secure coding principles and propagate them across the development community.
Be the to-go person for developers in solving critical issues relating to secure product development.
Build and enhance secure coding/security assessment training content for developers and the QA team.
Deliver training programs at various levels in the organizations.
Conduct workshops/security tech talks to disseminate security knowledge and awareness.
Conduct white-box and grey-box offensive penetration testing against applications, front-end and back-end micro-services, and web services.
Conduct network infrastructure, Public Cloud (AWS and GCP), and data-layer offensive pen testing.
Perform manual source code reviews and audits (manual and SCA/SAST code audits) as needed.
Perform any other application security or product security-related activities or tasks as needed or directed.
Validate 3rd party external pen-test and crowd-sourced application security findings and work with our engineering teams.
Qualifications:
B. S. in Computer Science, Electrical, or Computer Engineering, or equivalent work experience as a software engineering or security practitioner.
12+ years of relevant engineering or security assessment experience, experience in application security.
Possess a broad knowledge of attack vectors, exploits, and mitigations that work at scale or may be linked together for chained attacks.
Experience with Java, Go, Python, or Node.js (bonus points for more than one).
Experience with assessing Cloud-native services, service meshes, and K notes-platform-based micro-services.
Be able to apply unconventional thinking and problem-solve on the boundary of your knowledge base, learning new technologies or languages as needed to complete pen-test tasks.
Be able to think both offensively (like a hacker) and defensively (evaluating product security and design).
Familiarity with industry-standard threat modeling, risk modeling, and vulnerability classification.
Experience with pre-assessment architectural and API analysis to the scope and preparing white-box and grey-box assessments.
Experience working with in-house engineering organizations, S-SDLC/CICD software lifecycle, and QA processes.
Good knowledge of multiple classes of vulnerabilities that includes cross-site scripting, SQL Injection, CSRF, cryptographic-related weakness, and code injection.
Good knowledge of any programming/scripting languages such as Java, Ruby, and Python.
Good knowledge relating to services/technology relating to the cloud.
Ability to automate security testing and improve productivity in security assessments.
Ability to communicate and interpret security vulnerabilities to various audiences such as development and management teams.
-
Inside sales manager
1 day ago
Bangalore, India TAC Security Full timeKey Responsibilities : Lead, manage, and mentor a team of inside sales representatives to achieve and exceed sales targets and KPIs. Develop and implement effective sales strategies and processes to optimize lead generation, qualification, and conversion rates. Conduct regular one-on-one meetings with team members to provide coaching, feedback, and...
-
bangalore, India Elytra Security Private Limited Full timeJob Title: Security AnalystLocation: Bangalore, IndiaCompany: Elytra Security Private LimitedAbout Elytra Security Private Limited:Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in implementing robust security...
-
Cyber Security Analyst
1 day ago
Bangalore, India Elytra Security Private Limited Full timeJob Title: Security Analyst Location: Bangalore, India Company: Elytra Security Private Limited About Elytra Security Private Limited: Elytra Security Private Limited is a leading provider of innovative cybersecurity solutions, dedicated to safeguarding organizations against evolving threats in the digital landscape. We specialize in...
-
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
bangalore, India Andromeda Security Full timeAndromeda Security is a leading Silicon Valley VC-funded multinational startup dedicated to tackling complex challenges in cloud security. Our mission is to empower businesses by managing cloud credentials effectively and preventing security breaches. We pride ourselves on fostering a culture of trust, excellence, humility, grit, and fun. We are seeking...
-
Senior Security Data Engineer
3 months ago
bangalore, India System Two Security Full timeSystem Two Security is looking to hire a Senior Security Data Engineer who is highly skilled and experienced. This role is pivotal in ensuring the integrity and usability of our data. The ideal candidate will have a strong background in data engineering and cyber security, with the ability to work autonomously on critical projects.ResponsibilitiesGenerate...
-
bangalore, India System Two Security Full timeDescriptionAs a Principal Software Engineer at System Two Security, you will play a crucial role in developing and maintaining the software stack that powers our innovative AI-driven cybersecurity solutions. This senior position demands a blend of advanced back-end skills, with a focus on creating seamless, efficient, and scalable applications. Additionally,...
-
bangalore, India System Two Security Full timeDescription As a Principal Software Engineer at System Two Security, you will play a crucial role in developing and maintaining the software stack that powers our innovative AI-driven cybersecurity solutions. This senior position demands a blend of advanced back-end skills, with a focus on creating seamless, efficient, and scalable applications....
-
bangalore, India System Two Security Full timeDescription As a Principal Software Engineer at System Two Security, you will play a crucial role in developing and maintaining the software stack that powers our innovative AI-driven cybersecurity solutions. This senior position demands a blend of advanced back-end skills, with a focus on creating seamless, efficient, and scalable applications....
-
Security Manager
1 month ago
bangalore, India Taggd Full timeHi All, Experience-3 to 9 Years Location- Dharwad (Karnataka) Purpose of the Role The Security Manager is responsible for ensuring the safety and security of the manufacturing plant premises, personnel, and assets. This role involves developing, implementing, and managing security policies, procedures, and protocols to mitigate risks and safeguard against...
-
bangalore, India System Two Security Full timeAs a Principal UI Engineer at System Two Security, you will be instrumental in developing and maintaining the software stack for our cutting-edge AI-driven cybersecurity solutions. This senior role requires advanced front-end development skills using modern UI technologies, including React.js, CSS5, and Tailwind. Your focus will be on creating seamless,...
-
bangalore, India Elytra Security Private Limited Full timeJob Description: Cybersecurity Content WriterCompany: Elytra Security Private LimitedLocation: Bangalore, IndiaEmployment Type: Full-TimeAbout Elytra Security Private Limited:Elytra Security Private Limited is a trusted name in information security, specializing in ISO 27001 compliance and the Cyber Security and Cyber Resilience Framework (CSCRF)....
-
bangalore, India System Two Security Full timeAs a Principal UI Engineer at System Two Security, you will be instrumental in developing and maintaining the software stack for our cutting-edge AI-driven cybersecurity solutions. This senior role requires advanced front-end development skills using modern UI technologies, including React.js, CSS5, and Tailwind. Your focus will be on creating seamless,...
-
bangalore, India System Two Security Full timeAs a Principal UI Engineer at System Two Security, you will be instrumental in developing and maintaining the software stack for our cutting-edge AI-driven cybersecurity solutions. This senior role requires advanced front-end development skills using modern UI technologies, including React.js, CSS5, and Tailwind. Your focus will be on creating seamless,...
-
Security Manager
1 month ago
bangalore, India Cashfree Payments Full timeCashfree is a leading payments and API banking solutions company. We provide full-stack payments solutions enabling businesses in India to collect payments and make payouts via all available methods with a simple integration. Cashfree’s offerings include an advanced and easy way to integrate payment gateway, a split payment solution for marketplaces, bank...
-
Security Manager
1 month ago
bangalore, India Cashfree Payments Full timeCashfree is a leading payments and API banking solutions company. We provide full-stack payments solutions enabling businesses in India to collect payments and make payouts via all available methods with a simple integration. Cashfree’s offerings include an advanced and easy way to integrate payment gateway, a split payment solution for marketplaces, bank...
-
Security Manager
4 weeks ago
bangalore, India Cashfree Payments Full timeCashfree is a leading payments and API banking solutions company. We provide full-stack payments solutions enabling businesses in India to collect payments and make payouts via all available methods with a simple integration. Cashfree’s offerings include an advanced and easy way to integrate payment gateway, a split payment solution for marketplaces, bank...
-
Vice President of Sales
2 weeks ago
Bangalore, India TAC Security Full timeKey Responsibilities: Sales Strategy and Leadership: Develop and execute the global sales strategy for cybersecurity products and services. Lead, mentor, and manage a high-performing sales team, fostering a culture of excellence and results-driven performance. Drive sales growth by identifying new business opportunities, expanding existing...
-
Information security manager
4 weeks ago
Bangalore, India Infosys Full timeISG is a large Security group focused on internal Security of Infosys and in turn providing the required assurance to Clients on meeting their Security demands as per contractual agreements. The team is dispersed across locations and is divided into 3 Groups consisting of 10 Functions. The CISO heads ISG and the 3 Group Heads report to him, wherein the...
-
Information Security Manager
1 month ago
bangalore, India Infosys Full timeISG is a large Security group focused on internal Security of Infosys and in turn providing the required assurance to Clients on meeting their Security demands as per contractual agreements. The team is dispersed across locations and is divided into 3 Groups consisting of 10 Functions. The CISO heads ISG and the 3 Group Heads report to him, wherein the...
