Lead Info Security Engineer
3 days ago
- Experience in conducting manual Vulnerability Assessments & Penetration Testing of the following:
- Web Applications and APIs hosted in on-premises infrastructure.
- Web Applications and APIs hosted in cloud environment and using AWS services such as S3 bucket, EC2 instances, Lambda functions, API Gateway, SNS etc.
- Thick Client/ Desktop Applications using re-engineering techniques via tools like Echo Mirage, IDAPro, CFF Explorer, Dnspy, MS sys-internals, Wireshark, dotpeek, ghidra.
- Think innovatively and out-of-the-box to identify techniques to exploit the vulnerabilities in our apps thereby bypassing the security controls that have been implemented. Should be able to generate impactful POC's of the vulnerabilities identified during the testing.
- Stay up to date with the latest application security vulnerabilities, and attack techniques and leverage those to identify similar vulns in the enterprise applications.
- Install, configure, use, and maintain the security tools that are being used for security testing of the applications.
- Meet with application team to collect information and determine scope of testing. Work closely with the application team to troubleshoot issues that impact testing (as required)
- Assess the risk levels of the identified vulnerabilities appropriately using CVSS scoring mechanism and do detailed documentation of the identified vulnerabilities, in a timely manner.
- Meet with the application teams to discuss the identified security vulnerabilities with them and provide guidance to the application teams to be able to remediate the identified security vulnerabilities.
- Retest application updates or deployed remediation logic to verify resolution of security vulnerabilities.
- Excellent communication and documentation skills to be able to write reports, update existing documentation etc.
- Ability to work independently and as part of a team. Should be able to mentor, guide and help the peers and/ or junior team members to learn and use new attack techniques during the security testing.
- 7-9 Years of experience in conducting security testing of Web Application, Web API, Thick Client apps, mobile apps, AWS services, ideally in Finance Domain.
- Experience in using Web/API testing tools - Burp Suite, Postman, OWASP ZAP etc. Hands-on experience in using toolset on Kali and use it for performing advanced security testing of apps
- Sound knowledge of common web application security vulnerabilities (OWASP Top Ten, SANS Top 25, etc.) and programming patterns that lead to them, as well as remediation techniques.
- Experience in using Cloud posture security management tools such as Prisma, Wiz(preferred) etc
- Sound Knowledge of Network Protocols.
- Basic programming abilities in Python or similar scripting language
- Mobile Applications (both iOS and Android) using tools like GenyMotion, Drozer, MobSF, Android Studio.
- Having an AWS Cloud Practioner Certification or Any other cloud certification shall be helpful. Any other security related certification like C|EH, CPent etc. Is a plus
-
Lead Security Engineer
1 week ago
Hyderabad, Telangana, India JPMorganChase Full time ₹ 20,00,000 - ₹ 25,00,000 per yearJOB DESCRIPTIONTake on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies.As a Lead Security Engineer at JPMorgan Chase within the Cyber Security & Technology Controls, you...
-
Hiring for Lead IT Security Engineer
2 weeks ago
Hyderabad, Telangana, India Vaco Binary Semantics Full time ₹ 20,00,000 - ₹ 25,00,000 per yearPlease find below JD:-Job Title: Lead IT Security Engineer - Zscaler3 days hybrid - HyderabadBoth side cabsJob Type: FTSummary:We are seeking a dedicated and skilled Lead IT Security Engineer to join our team. The ideal candidate will have a strong background in network security, cloud technologies, and hands-on experience with Zscaler products. As a Lead...
-
Application Security Engineer III
4 weeks ago
Hyderabad, Telangana, India Phenom Full timeJob DescriptionJob descriptionJob Requirements- We're looking for a full-time phenomenal Application Security Engineer III to architect and lead the implementation of the security-related aspects of our ITX platform. This will include evaluating and recommending new and emerging cloud security technologies and standards to ensure it is highly secure,...
-
Lead information Security engineer
2 weeks ago
Hyderabad, Telangana, India NTT DATA North America Full time US$ 1,50,000 - US$ 2,00,000 per yearReq ID:327098NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.We are currently seeking a Lead information Security engineer to join our team in Hyderabad, Telangana (IN-TG), India (IN)."NTT DATA Services...
-
Security Engineer
2 weeks ago
Hyderabad, Telangana, India Williams-Sonoma, Inc. Full time ₹ 15,00,000 - ₹ 25,00,000 per yearAbout the RoleAs a Security Engineer, you will design, build, deploy, and support large, best in class enterprise level information security solutions.You're excited about this opportunity because you will...Protect the confidentiality, integrity and availability of all Williams-Sonoma information assetsDesign, deploy, manage and improve critical security...
-
Lead information Security engineer
1 week ago
Hyderabad, Telangana, India NTT DATA, Inc. Full time ₹ 15,00,000 - ₹ 25,00,000 per yearIn this role, you will: Evaluate the cryptographic capabilities of multiple data protection technologies deployed across Wells Fargo networks, applications, public key infrastructure and authentication services.Utilize your strong understanding of encryption, hashing, data protection algorithms, and key management conceptsEvaluate scripts written in various...
-
QMS Support
2 weeks ago
Hyderabad, Telangana, India Rudhra Info Solutions Full time ₹ 12,00,000 - ₹ 36,00,000 per yearCompany DescriptionRudhra Info Solutions is a business consulting firm dedicated to delivering customized strategies and solutions. We specialize in innovative solutions for Salesforce, Mulesoft, Tableau, Veeva Vault, AWS, Data Engineering, Big Data, ServiceNow, and SAP. With a team of over 50 Salesforce Certified professionals, we transform businesses...
-
Security Engineer
2 weeks ago
Hyderabad, Telangana, India Signiminds Technologies Full time ₹ 12,00,000 - ₹ 36,00,000 per yearDescription:Client is looking for a skilled and versatile Security Engineer (NOT Analyst) to drive the advancement and growth of our detection and automation initiatives. Reporting to the Senior Manager of Security Engineering and Operations, this role will collaborate with cross-functional teams and external partners to mitigate risks and implement security...
-
Tele Caller
2 weeks ago
Hyderabad, Telangana, India Variety Info Solutions Pvt Ltd Full time ₹ 1,04,000 - ₹ 1,30,878 per yearCompany DescriptionFounded in 2012 in Hyderabad, India, Variety Info Solutions Pvt Ltd is dedicated to empowering businesses with innovative IT solutions that drive growth, efficiency, and transformation. Specializing in computing infrastructure services, we cater to diverse industries and provide tailor-made solutions. In 2024, we expanded our reach with...
-
Senior DevSecOps Support Engineer
2 weeks ago
Hyderabad, Telangana, India Aqua Security Full time US$ 90,000 - US$ 1,20,000 per yearWe are building a state-of-the-art security platform for large enterprises in the exciting and innovative new field of cloud security. Our open-core SaaS platform is used by thousands of developers, businesses, and enterprises to keep their cloud workloads secure.We are looking for a talented Senior DevSecOps Support Engineer to join our team to support our...
