- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
About Top IT MNC
A BIT ABOUT US
Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS startup headquartered in Singapore & working from Bengaluru.
The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.
Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.
We are a 30+ incredibly passionate team working to make an impact and help some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited, and let’s speak further.
To join the security team engaging with multiple clients, helping them with end-to-end security audits, also researching new topics and vulnerabilities to be added to the scanner, present research at conferences.
What An Ideal Candidate Would Look Like:
- Anyone pursuing their graduation or post-graduation related to IT security
- Skills - Application Penetration Testing,
- Knowledge or experience of IoT testing, and source code audits are plus points
- Responsibilities: Engage with clients for scoping call, perform security audits, and remediation call with clients to patch the issues
- Must be comfortable with tools like burp suite, nmap, sqlmap, r2 etc
- Strong Analytical Skills
- Strong grasp of fundamentals of information security
- Strong Grasp of Web, API and mobile Pen-Testing
- Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
- Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
- Provide appropriate remediation and mitigations of the identified vulnerabilities.
- Security assessment of web and mobile applications.
- Understand and explain the results with impact on business and compliance status
- Continuously learning and training on latest tools and techniques
Personality traits we really admire
- A confident and dynamic working persona, which can bring fun to the team, and a sense of humor, is an added advantage.
- Great attitude to ask questions, learn and suggest process improvements.
- Has attention to details and helps identify edge cases.
- Highly motivated and coming up with fresh ideas and perspectives to help us move towards our goals faster.
- Follow timelines and absolute commitment to deadlines.
- Round 1 CTF Round - Profile and skill Evaluation
- Round 2 - Technical Interview with security team member- Siddharth/
- Round 3 - Technical Interview with the Team Lead
- Round 4 - HR Round
Why Join Us
- Great Stipend& PPO: We keep up with the market standards & provide stipend/pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also PPO for our top interns.
- Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
- Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
- Transparency: Being a part of a start-up is an amazing experience, one of the reasons being open communication & transparency at multiple levels. Working with Appknox will give you the opportunity to experience it all first-hand.
Strategy & Planning
- The NOC Managers/ Product support Engineers' primary responsibility is to plan, organize, and manage staff and overall operations to ensure stability of customer's infrastructure.
- Provides overall expertise with all network operations functions.
- Ability to define, implement and enforce configuration management and change management policies and practices.
Acquisition & Deployment
- Handle escalations and manage support from different levels.
- Ensure adherence of operational metrics.
- Hire, develop, and retain highly responsive and customer focused engineers to ensure the effective operation of the department
- Manage tools, systems and procedures to ensure dynamic management of issues and customer management.
- Ensures all members of assigned technical teams are effective and fully utilized in order to provide high resource utilization.
- Evaluates technical skills of the team and ensures there is an appropriate level of expertise.
- Provide procedural training to staff.
- Perform performance objectives and performance reviews with all team members.
- The NOC Manager will include hands-on technical support work related to the overall health and maintenance of customer environments.
- This position will perform tier-2 and 3 escalation support and act as the point of contact in the NOC for all inquiries from other departments.
- The NOC Manager will manage all related partner operational expectations.
- Ensure continual process improvement within the NOC including but not limited to automation of NOC tasks and reporting, implementation of enterprise-wide monitoring initiatives, and routine administration tasks.
- Identify areas for process and efficiency improvement within the NOC; recommend prioritized enhancements and oversee implementation
- Ensure that reports are accurate and delivered on time.
- More than 3-6 years' experience in Microsoft product build and support experience with a high availability 24x7 including:
- Expert knowledge of (SCCM) System Center configuration Manager 2012.
- MS Server 2003 / 2008 Server Admin / Virtualization - MCSE / MCITP
- VMware 410 VSphere Administrator - VCP410 Certified
- Expert knowledge of Virtualization using VMware,MCITP
- Good knowledge of Active Directory, DHCP, DNS, Clustering, Load Balancing, Anti-virus, backup procedures, Group policy, Disaster recovery
- and High availability using industry standards.
- Ability to work independently as well as in a team environment.
- Network services experience is desired.
- ITIL V3 Foundation Certification preferred
Credit cards haven't changed much for over half a century so our team of seasoned
bankers, technologists, and designers set out to redefine the credit card for you - the
consumer. The result is OneCard - a credit card reimagined for the mobile
generation. OneCard is India's best metal credit card built with full-stack tech. It is
backed by the principles of simplicity, transparency, and giving back control to the
The Engineering Challenge
“Re-imaging credit and payments from First Principles”
Payments is an interesting engineering challenge in itself with requirements of low
latency, transactional guarantees, security, and high scalability. When we add credit
and engagement into the mix, the challenge becomes even more interesting with
underwriting and recommendation algorithms working on large data sets. We have
eliminated the current call center, sales agent, and SMS-based processes with a
mobile app that puts the customers in complete control. To stay agile, the entire
stack is built on the cloud with modern technologies.
Check out our apps here:
OneCard (Best credit card app) : www.getonecard.app
OneScore (5 million downloads): www.onescore.app
Security Compliance Lead
Opportunity to build GRC practice grounds up for new Age Fintech startup, lead and
implement PCI-DSS, ISO-27001, RBI compliances
What you will do:
● Be SME for all applicable regulations, guidelines and industry best practices
to manage risk and ensure compliance.
● Be the single point of contact for all external entities related to Security and
● Owner for all security documentation such as policies, standards, and
● Owner for driving security controls across all organisation functions.
● Build continuous assessment practice which is superset of all required
● Manages and supports Information Security Risk Management Life-cycle for
● Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other
● Identifies and formally documents deviations from published standards,
estimates risk level, recommends appropriate mitigation countermeasures in
operational and non-operational situations.
● Identify potential areas of IT compliance vulnerability and risk; guide the
accountable stakeholders to develop/implement corrective action plans for
resolution, and provide general guidance on how to avoid or deal with similar
situations in the future. Risks should be identified, assessed and monitored on
an ongoing firm-wide and individual entity basis
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk &
● Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is nice to have.
● Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
● Experience building Threat Modeling practice
● Strong communication skills
Role & Responsibilities:
- Plan and execute Security Assessment Strategy
- Proactively implement security measures
- Implement tools to Monitor and Report Security violations
- Govern security specification guidelines adherence across product and organization
Skills & Qualification:
- IIT, BE or B Tech
- 4+ years of relevant work experience
- Expert in Application Information Security, VAPT
- Proficient using tools like BURP, NMAP, KALI etc.
- Good understanding of web technologies, APIs and mobile app development practices
- CEH certification preferred
- Document technical and functional specifications
- Perform unit testing of objects/ solutions created
- Perform configuration, integration, and personalizations in Oracle HCM EBS/Cloud
- Work in a functional and technical capacity and analyze business requirements, design, develop and deploy solutions
- Excellent troubleshooting, analytical and problem-solving skills
- Explore & investigate the client's pain areas, extend the scope, and keep the client satisfied
Experience and Skills:
- Minimum a Bachelor’s degree.
- 3 to 10 years of experience as an Oracle HCM Techno-Functional Consultant
- 30% Functional and 70% Technical
- Strong experience in core HR, Payroll, Fast Formula, OTL and SSHR
- Should have expertise in Oracle HCM Cloud advanced tools such as HCM Extracts, HDL, PBL, BI Publisher, OTBI, Application Security, Page Composer, Page Configurator, REST APIs, SOAP, Webservices
- Able to provide strong leadership to develop best practices for effective Techno functional support for the enterprise business process area
- Good communication skills
- In-depth knowledge of the business process and capability to understand business requirements.
- Python with Powershell (who worked in Security related product Development(First Pref)/Networking.
- Collaborate in the design, implementation, and deployment of successful software applications in support of our Threat management platforms.
- Developing backend components to enhance performance and receptiveness, server-side logic, and highly responsive web applications.
- Performance tuning and automation of application.
- Enhancing the functionalities of current software systems.
- Understand system interdependencies and limitations.
- Functionally decompose complex problems into simple, straightforward solutions.
- Rightly estimate the task and take ownership of building production-ready software solutions.
- Collaborate with other teams to implement features based on business rules and visual design.
Minimum qualification & experience
- Engineering graduate.
- 4 years of demonstrated professional experience in delivering and operating large-scale applications.
- Strong software development skills in python including python frameworks like Django, Flask, etc.
- Experience with software development, Web frameworks and database technologies, e.g., REST APIs, and automated scripts.
- Experience with current development technologies, methodologies and workflows including CI/CD, Docker, Git, and Jenkins preferred.
- Experience with microservice development and dockerized application development is a PLUS.
- Strong knowledge of data structures, algorithms, operating systems, and distributed systems fundamentals.
- Working familiarity with networking protocols (TCP/IP, HTTP) and standard network architectures.
- Working familiarity with basic Linux administration.
- Experience in the cybersecurity field especially with threat intelligence or security orchestration is a plus.
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Scan Network for Security Vulnerabilities
- Create detailed security report
- Research on Open source security tools & new security topics- Create Security Knowledge base for the team
The candidate should be we well versed with application security concepts, network scanning tools.
• Location:- C.G Road, Ahmedabad
• Working days:- 5 days, 2 Saturday alternate holidays.
• Experience:- Mini. 8yrs
We are looking for a Software Architect to drive technology strategy, create the
technological vision and to ensure the designing and development of software solutions that fulfils the business requirements. You will be a key contributor to architectural decisions for products, drawing on your excellent technical, analytical and business acumen skills while effectively communicating with all levels in the organization to build high scalable and secure solutions.
Articulate architecture & Non functional requirements for the products and service with high precision. Gathering business requirements to analyse, identify, design and innovate solutions.
• Device strategy to implement NFRs
• Validate the design, development to confirm against the architecture and NFR
• Technical owner of the IT Projects
• Design and develop best practises in software development and architecture together with the team.
• Determining overall architectural principles, frameworks and standards.
• To provide hands-on development wherever appropriate specially on architecture transformation projects.
• Involve in unit testing, code reviews and bug fixing.
• Driving research, case studies on how latest technologies could be leveraged for software architecture and capabilities such as scalability, fault tolerance, extensibility, maintainability, etc.
• Documenting designs, estimates and implementation plans to iAND stakeholders.
• Academics exposureExperience in architecting and designing technical solutions especially in area of mobile and cloud. for SaaS capabilities.
• Ability in scaling products and to tackle large traffic and amounts of data.
• Academics expertise in coding, programming and software design patterns.
• Passionate about technology and constantly growing your technical expertise.
Great to Have:-
• Experience in insurance domain
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.