This profile will include following responsibilities:
- Perform Web Application Security Testing
- Scan Network for Security Vulnerabilities
- Create detailed security report
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, network scanning tools.
Subodh Popalwar
Software Engineer, Memorres
About SynRadar
SynRadar is a specialized Vulnerability & Threat Management company.
We provide a range of security solutions for many untapped areas in Cyber security. Our services and solutions aim at building mature processes within the organizations to deal with existing and evolving cyber threats.
We are a - CERT-IN Empanelled Security Auditor in India. CERT-IN/ICERT is a Government body that comes under MEITY.
Our solution SynVM is a web-based centralized vulnerability tracking solution that manages asset information, automates risk management process, and performs data analytics. Through our solution we offer clients a centralized view of all the security risks in the environment. We aim at building mature processes within the organizations to deal with existing and evolving cyber threats.
Recognized as “CyberSecurity solution of the Year 2020 by Nullcon”.
- Our Clients: RBL Bank, Kotak Mahindra Bank, Axis Bank, Magma Fincorp, ICICI Lombard, HDFC Life, Credit Vidya, Indecomm Global Services, etc.
- 2 Ongoing Security Engagement Projects for Leading Finance Companies
Visit: http://www.synradar.com">www.synradar.com to know more about our offerings.
Similar jobs
A BIT ABOUT US
Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS startup headquartered in Singapore & working from Bengaluru.
The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.
Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.
We are a 30+ incredibly passionate team working to make an impact and help some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited, and let’s speak further.
The Opportunity
To join the security team engaging with multiple clients, helping them with end-to-end security audits, also researching new topics and vulnerabilities to be added to the scanner, present research at conferences.
What An Ideal Candidate Would Look Like:
- Anyone pursuing their graduation or post-graduation related to IT security
- Skills - Application Penetration Testing,
- Knowledge or experience of IoT testing, and source code audits are plus points
- Responsibilities: Engage with clients for scoping call, perform security audits, and remediation call with clients to patch the issues
Minimum Requirements
- Must be comfortable with tools like burp suite, nmap, sqlmap, r2 etc
- Strong Analytical Skills
- Strong grasp of fundamentals of information security
- Strong Grasp of Web, API and mobile Pen-Testing
- Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
- Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
- Provide appropriate remediation and mitigations of the identified vulnerabilities.
- Basic understanding of cloud platforms like AWS or GCP. Security knowledge in this domain is a plus.
Responsibilities
- Security assessment of web and mobile applications.
- Understand and explain the results with impact on business and compliance status
- Continuously learning and training on latest tools and techniques
Personality traits we really admire
- A confident and dynamic working persona, which can bring fun to the team, and a sense of humor, is an added advantage.
- Great attitude to ask questions, learn and suggest process improvements.
- Has attention to details and helps identify edge cases.
- Highly motivated and coming up with fresh ideas and perspectives to help us move towards our goals faster.
- Follow timelines and absolute commitment to deadlines.
Interview Process
- Round 1 CTF Round - Profile and skill Evaluation
- Round 2 - Technical Interview with security team member
- Round 3 - Technical Interview with the Team Lead
- Round 4 - HR Round
Why Join Us
- Great Stipend& PPO: We keep up with the market standards & provide stipend/pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also PPO for our top interns.
- Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
- Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
- Transparency: Being a part of a start-up is an amazing experience, one of the reasons being open communication & transparency at multiple levels. Working with Appknox will give you the opportunity to experience it all first-hand.
A BIT ABOUT US
Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS startup headquartered in Singapore & working from Bengaluru.
The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.
Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.
We are a 40+ incredibly passionate team working to make an impact and help some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited, and let’s speak further.
The Opportunity
To join the security team engaging with multiple clients, helping them with end-to-end security audits, also researching new topics and vulnerabilities to be added to the scanner, present research at conferences.
What An Ideal Candidate Would Look Like:
- Skills - Application Penetration Testing, experience with IoT testing, source code audits.
- Technology Stack: Python
- Responsibilities: Engage with clients for scoping call, perform security audits, and remediation call with clients to patch the issues, research on new technologies/vulnerabilities
Minimum Requirements
- Should have at least 2 years of experience in security or show something that proves experience doesn’t matter
- Must be comfortable with tools like burp suite,
- Strong Analytical Skills
- Strong grasp of fundamentals of information security
- Strong Grasp of Web and API Pen-Testing
- Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
- Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
- Provide appropriate remediation and mitigations of the identified vulnerabilities.
Responsibilities
- Security assessment of web applications.
- Develop and interpret security standards and guides
- Automation of security test cases
- Understand and explain the results with impact on business and compliance status
- Continuously learning and training on the latest tools and techniques
Work Expectations
Within 1 month
Training on processes, security workflow
Within 3 months
Pentesting Web, Mobile and API endpoints
Within 6 months
Research and publish whitepapers, contribute to the Appknox Web Scanner
Personality traits we admire:-
- A confident and dynamic working persona, which can bring fun to the team, and a sense of humor, is an added advantage.
- Great attitude to ask questions, learn and suggest process improvements.
- Has attention to detail and helps identify edge cases.
- Highly motivated and coming up with fresh ideas and perspectives to help us move towards our goals faster.
- Follow timelines and have an absolute commitment to deadlines.
Interview Process - would be team specific
- Round 1 - Profile Evaluation
- Round 2 - Appknox CTF Challenge
- Round 3 -Technical Interview with security team members
- Round 4 - Technical Interview with the CTO and Team Lead
- Round 5 - HR Round
Compensation
- As per Industry Standards
Why Join Us:-
- Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
- Great Salary & Equity: We keep up with the market standards & provide pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also provide equity options for our top performers.
- Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
- Transparency: Being a part of a start-up is an amazing experience, one of the reasons being open communication & transparency at multiple levels. Working with Appknox will allow you to experience it all first-hand.
Proposed Job Description
Product Security Engineer
EGNYTE YOUR CAREER. SPARK YOUR PASSION.
Egnyte is a place where we spark opportunities for amazing people. We believe that every role has meaning, and every Egnyter should be respected. With 17,000 customers worldwide and growing, you can make an impact by protecting their valuable data. When joining Egnyte, you’re not just landing a new career, you become part of a team of Egnyters that are doers, thinkers, and collaborators who embrace and live by our values:
Invested Relationships
Fiscal Prudence
Candid Conversations
ABOUT EGNYTE
Egnyte is the secure multi-cloud platform for content security and governance that enables organizations to better protect and collaborate on their most valuable content. Established in 2008, Egnyte has democratized cloud content security for more than 17,000 organizations, helping customers improve data security, maintain compliance, prevent and detect ransomware threats, and boost employee productivity on any app, any cloud, anywhere. For more information, visit www.egnyte.com.
Security engineers at Egnyte are involved in every stage of the SDLC pipeline to highlight security vulnerabilities and provide expert advice on reducing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.
Currently, we’re seeking an engineer who’s well-rounded in terms of application security and has in-depth expertise in one or more particular areas. You’ll be able to apply your skills to interesting challenges—joining Egnyte is an opportunity to work with diverse technologies and large-scale software (1 million users, 20k transactions per second, 28 Petabytes of data). Working closely with more senior security engineers will enable you to develop your expertise in a wide range of areas of your choosing.
To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.
WHAT YOU’LL DO:
- Work with engineering teams providing expertise and advice regarding secure architecture, design, and implementation
- Develop reliable and scalable security-oriented tools
- Develop / Integrate security into the Software Development Life Cycle
- Perform black box and white box applications security assessments
- Reproduce, score, and further analyze issues reported through our bug bounty programs
- Identify opportunities for vulnerability remediation and mitigation
- Develop tools, documentation, processes, and techniques to ensure the security of our software
- Partner with engineering teams in the design phase of new products and features to conduct threat modeling, plus security architecture, design, and code reviews
- Share your experience with junior engineers to foster a culture of excellence
YOUR QUALIFICATIONS:
- 3+ years of application security experience, DevSecOPS/Automation background preferred
- Experience with securing software development lifecycle (SDLC) including manual and automated application security testing
- Hands-on experience performing secure code review and architecture design reviews
- Understanding of OAuth/OIDC implementation
- In-depth knowledge of OWASP guidelines: Application Security Verification Standard (ASVS), Mobile Application Security Verification Standard (MASVS), Web Security Testing Guide (WSTG), Mobile Application Security Testing Guide (MASTG), TOP 10
- Solid knowledge of security testing tools and techniques
- Being able to learn and find bugs in any language, specifically Java, JavaScript, Go, and Python
- Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
- Ability to create and deploy your own tools and automation (preferably in Python)
- Being a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
- English level: C1
BONUS POINTS:
- Experience as a hands-on developer in Java, Python, or JavaScript.
- Experience configuring CI/CD pipelines (e.g., GitLab CI, Jenkins)
- Experience with security assurance for desktop and mobile applications.
- Experience running penetration testing against cloud-native applications
- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
Role & Responsibilities:
- Plan and execute Security Assessment Strategy
- Proactively implement security measures
- Implement tools to Monitor and Report Security violations
- Govern security specification guidelines adherence across product and organization
Skills & Qualification:
- IIT, BE or B Tech
- 4+ years of relevant work experience
- Expert in Application Information Security, VAPT
- Proficient using tools like BURP, NMAP, KALI etc.
- Good understanding of web technologies, APIs and mobile app development practices
- CEH certification preferred
- Document technical and functional specifications
- Perform unit testing of objects/ solutions created
- Perform configuration, integration, and personalizations in Oracle HCM EBS/Cloud
- Work in a functional and technical capacity and analyze business requirements, design, develop and deploy solutions
- Excellent troubleshooting, analytical and problem-solving skills
- Explore & investigate the client's pain areas, extend the scope, and keep the client satisfied
Experience and Skills:
- Minimum a Bachelor’s degree.
- 3 to 10 years of experience as an Oracle HCM Techno-Functional Consultant
- 30% Functional and 70% Technical
- Strong experience in core HR, Payroll, Fast Formula, OTL and SSHR
- Should have expertise in Oracle HCM Cloud advanced tools such as HCM Extracts, HDL, PBL, BI Publisher, OTBI, Application Security, Page Composer, Page Configurator, REST APIs, SOAP, Webservices
- Able to provide strong leadership to develop best practices for effective Techno functional support for the enterprise business process area
- Good communication skills
- In-depth knowledge of the business process and capability to understand business requirements.
Java
Python
Javascript
Amazon Web Services (AWS)
Go Programming (Golang)• Location:- C.G Road, Ahmedabad
• Working days:- 5 days, 2 Saturday alternate holidays.
• Experience:- Mini. 8yrs
Job Description:-
We are looking for a Software Architect to drive technology strategy, create the
technological vision and to ensure the designing and development of software solutions that fulfils the business requirements. You will be a key contributor to architectural decisions for products, drawing on your excellent technical, analytical and business acumen skills while effectively communicating with all levels in the organization to build high scalable and secure solutions.
KRA:-
Articulate architecture & Non functional requirements for the products and service with high precision. Gathering business requirements to analyse, identify, design and innovate solutions.
• Device strategy to implement NFRs
• Validate the design, development to confirm against the architecture and NFR
• Technical owner of the IT Projects
• Design and develop best practises in software development and architecture together with the team.
• Determining overall architectural principles, frameworks and standards.
• To provide hands-on development wherever appropriate specially on architecture transformation projects.
• Involve in unit testing, code reviews and bug fixing.
• Driving research, case studies on how latest technologies could be leveraged for software architecture and capabilities such as scalability, fault tolerance, extensibility, maintainability, etc.
• Documenting designs, estimates and implementation plans to iAND stakeholders.
Requirement:-
• Academics exposureExperience in architecting and designing technical solutions especially in area of mobile and cloud. for SaaS capabilities.
• Ability in scaling products and to tackle large traffic and amounts of data.
• Academics expertise in coding, programming and software design patterns.
• Passionate about technology and constantly growing your technical expertise.
Great to Have:-
• Professional Coding proficiency in Python and JavaScript. certifications like AWS, MS Azure
• Experience in insurance domain
1. Monitor the quality of results of the automated system in the detection of attacks,
intrusions, and unusual, unauthorized or illegal activities.
2. Build and maintain scripts that collect cyber threats data from external sources as well as
from the in-house analytics engine, data quality inspection, and dataset creation for ML
with manual annotation.
3. Assist Data Scientists & Machine Learning Engineers in developing systems that
automate risk assessment/mitigation workflows.
4. Keep up to date with the latest security and technology developments.
5. Research and evaluate emerging cybersecurity threats and ways to manage them.
Required skills
1. Attention to details and a quality first mindset.
2. Knowledge of current hacking techniques, vulnerabilities, and security analysis
techniques.
3. Basic programming experience, and the ability to automate tasks.
4. Manual code review or source code analysis experience.
Note: We are a startup, you will have much more responsibilities.
Benefits
1. A competitive salary.
2. Health Insurance.
3. An awesome team that will challenge and respect you.
4. Lunch, Unlimited snacks and drinks.
5. Top notch office in the heart of Bangalore City.
Requirements:
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.
Follow CutshortSubodh Popalwar
Software Engineer, Memorres