Information Security Engineer

Job Description

Experience - 5 to 8 years

Role - Senior consultant

Work mode - Hybrid (3 days WFO)

Location - Bangalore / Pune

JOB DESCRIPTION :

Application Security Specialists are instrumental in fortifying the security framework that

underpins the software delivery processes of our clients. These experts thrive in collaborative

settings, engaging with diverse teams across various disciplines to pinpoint and mitigate

vulnerabilities in code, systems architecture, and infrastructure. With a profound technical

acumen rooted in security practices and a keen understanding of agile methodologies, they

advocate for security integration as a fundamental aspect of software development. Their work

transcends mere compliance; it is about embedding a culture of security that aligns with agile

and DevOps philosophies, ensuring that security measures enhance, rather than hinder,

organizational objectives. By guiding teams and clients through the nuances of security

Automation and best practices, Application Security Specialists not only safeguard digital assets

but also champion a mindset where security and development go hand in hand towards

achieving superior outcomes.

Job Responsibilities:

As an Application Security Specialist , you will play a crucial role in enhancing our

software delivery process's security posture.

Embed security throughout the software delivery lifecycle, ensuring secure application

development from start to finish.

Build and define comprehensive security practices tailored to our delivery

methodologies.

Automate and optimize security measures in line with the application lifecycle, ensuring

efficient and effective security protocols.

Serve as a consultant and advisor to both the delivery team and clients, providing expert

guidance on security best practices and risk mitigation strategies.

Work closely with delivery, DevOps and Cloud teams to identify and reduce risks

associated with code development, system architecture, and infrastructure.

Job Qualifications:

Preferred to have BFSI experience

Experience as a security engineer with direct involvement in working with

delivery teams to identify vulnerabilities in code and systems architecture.

Demonstrated experience with implementing security automation and familiarity with

agile development methodologies.

Ability to collaborate effectively with software product delivery teams, speaking their

language and working towards common goals.

Technical Skills:

In-depth knowledge and experience with OWASP and SANS standards.

Proficiency in manual and automated penetration testing tools and techniques.

Experience with SAST, DAST, Dependency checking, and container vulnerability

assessment tools such as Checkmarx, Burp, ZAP, Fortify, Trivy, etc.

Knowledge and experience in password/secret management tools and techniques.

Understanding of DevSecOps and experience in security automation.

Comprehensive understanding of web technologies, common web frameworks, their

vulnerabilities, and mitigations.

Basic understanding of firewall, virtualization, container, networking, and OS security.

Knowledge of cloud security best practices and basic knowledge of cloud providers like

AWS, Azure and GCP.

Professional Skills:

Excellent communication and interpersonal skills, with the ability to manage relationships

at senior levels of leadership.

Strong consulting skills, including the ability to promote security awareness and influence

decision-making.

Ability to anticipate problems and understand the long-term implications of decisions and

actions.

Experience in developing security testing plans and integrating them into the software

development lifecycle.

Preferred Skills:

Experience with manual and automated security code review.

Basic knowledge of security policies and standards such as PCI-DSS, ISO 27001

(ISMS), and GDPR.

Job Type: Contractual / Temporary

Contract length: 12 months

Pay: Up to ₹2,200,000.00 per year

Application Question(s):

• Last Working Date?

Experience:

• Total Work: 5 years (Preferred)

Work Location: In person