Proposed Job Description
Product Security Engineer
EGNYTE YOUR CAREER. SPARK YOUR PASSION.
Egnyte is a place where we spark opportunities for amazing people. We believe that every role has meaning, and every Egnyter should be respected. With 17,000 customers worldwide and growing, you can make an impact by protecting their valuable data. When joining Egnyte, you’re not just landing a new career, you become part of a team of Egnyters that are doers, thinkers, and collaborators who embrace and live by our values:
Invested Relationships
Fiscal Prudence
Candid Conversations
ABOUT EGNYTE
Egnyte is the secure multi-cloud platform for content security and governance that enables organizations to better protect and collaborate on their most valuable content. Established in 2008, Egnyte has democratized cloud content security for more than 17,000 organizations, helping customers improve data security, maintain compliance, prevent and detect ransomware threats, and boost employee productivity on any app, any cloud, anywhere. For more information, visit www.egnyte.com.
Security engineers at Egnyte are involved in every stage of the SDLC pipeline to highlight security vulnerabilities and provide expert advice on reducing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.
Currently, we’re seeking an engineer who’s well-rounded in terms of application security and has in-depth expertise in one or more particular areas. You’ll be able to apply your skills to interesting challenges—joining Egnyte is an opportunity to work with diverse technologies and large-scale software (1 million users, 20k transactions per second, 28 Petabytes of data). Working closely with more senior security engineers will enable you to develop your expertise in a wide range of areas of your choosing.
To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.
WHAT YOU’LL DO:
- Work with engineering teams providing expertise and advice regarding secure architecture, design, and implementation
- Develop reliable and scalable security-oriented tools
- Develop / Integrate security into the Software Development Life Cycle
- Perform black box and white box applications security assessments
- Reproduce, score, and further analyze issues reported through our bug bounty programs
- Identify opportunities for vulnerability remediation and mitigation
- Develop tools, documentation, processes, and techniques to ensure the security of our software
- Partner with engineering teams in the design phase of new products and features to conduct threat modeling, plus security architecture, design, and code reviews
- Share your experience with junior engineers to foster a culture of excellence
YOUR QUALIFICATIONS:
- 3+ years of application security experience, DevSecOPS/Automation background preferred
- Experience with securing software development lifecycle (SDLC) including manual and automated application security testing
- Hands-on experience performing secure code review and architecture design reviews
- Understanding of OAuth/OIDC implementation
- In-depth knowledge of OWASP guidelines: Application Security Verification Standard (ASVS), Mobile Application Security Verification Standard (MASVS), Web Security Testing Guide (WSTG), Mobile Application Security Testing Guide (MASTG), TOP 10
- Solid knowledge of security testing tools and techniques
- Being able to learn and find bugs in any language, specifically Java, JavaScript, Go, and Python
- Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
- Ability to create and deploy your own tools and automation (preferably in Python)
- Being a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
- English level: C1
BONUS POINTS:
- Experience as a hands-on developer in Java, Python, or JavaScript.
- Experience configuring CI/CD pipelines (e.g., GitLab CI, Jenkins)
- Experience with security assurance for desktop and mobile applications.
- Experience running penetration testing against cloud-native applications
About Egnyte
Egnyte provides secure Enterprise File Sharing and Content Governance built from the Cloud down. Access, Share and Control 100% of your data from anywhere using any smartphone, tablet or computer.
Egnyte store billion of files and petabytes of data and we are looking for help to take the platform used by millions of users to the next level of scale. Autonomy and ownership is integral to our culture and engineers own one or more services end to end.
We’re looking for Engineers and they should be able to take a complex problem and work with product managers, devops and other team members to execute end to end.
Similar jobs
- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
The Technical Project Manager is responsible for managing projects to make sure the proposed plan adheres to the timeline, budget, and scope. Their duties include planning projects in detail, setting schedules for all stakeholders, and executing each step of the project for our proprietary product, with some of the World’s biggest brands across the BFSI domain. The role is cross-functional and requires the individual to own and push through projects that touch upon business, operations, technology, marketing, and client experience.
• 5-7 years of experience in technical project management.
• Professional Project Management Certification from accredited intuition is mandatory.
• Proven experience overseeing all elements of the project/product lifecycle.
• Working knowledge of Agile and Waterfall methodologies.
• Prior experience in Fintech, Blockchain, and/or BFSI domain will be an added advantage.
• Demonstrated understanding of Project Management processes, strategies, and methods.
• Strong sense of personal accountability regarding decision-making and supervising department team.
• Collaborate with cross-functional teams and stakeholders to define project requirements and scope.
Project Role : Application SAP Enterprise Portal
Project Role Description :
Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have Skills : SAP Enterprise Portal Architecture, SSI: NON SSI:
Good to Have Skills :SSI: No Function Specialization NON SSI :
Job Requirements :
Key Responsibilities : A Perform Operations support for SAP Desktop B Manage incidents within SLA C Engage in Portal upgrades and Enhancements D SAP UI5 developments with upskilling E Testing/Weekend support for Cutovers /mocks etc
Technical Experience :
Should have 6 yrs relevant exp and 1 E2E implementation exp.
A Resource has worked on End to end Development projects in SAP Portal B Good to have knowledge in Web dynpro Java C Experience in Portal Content Administration iViews, Worksets, Groups, Roles and role-based content SAP Knowledge Management D Experience in all phases of SDLC Requirements, analysis, development, testing E SAP Fiori Good to have skill F Display analytical skills for fit gap analysis for migrations, Upgrade Professional Attributes :
Candidate must be flexible to work from client location- Jabalpur
A Good communication skill in English B Good analytical skill C Experience in managing the team and the delivery Educational Qualification:
A Regular 15-year full time education B Software Engineering degree
ROLE
Associate Product Manager
WHY SHOULD YOU JOIN US?
At Vidyakul, you will have the opportunity to impact 60 million state board students’ lives by growing India’s first truly vernacular e-learning platform for 9-12 class state board students.
WHO ARE WE and WHAT IS OUR MISSION?
● Vidyakul is a pre-Series A funded EdTech startup based out of Gurgaon, that is truly democratizing education for the masses.
● Our Investors:
○ We Founder Circle - Backed marquee brands such as BluSmart & Zypp Electric
○ JITO Angel Network - Backed Finance Peer, largest lender of EdTech
○ Dholakia Ventures - Backed by the Diamond King of Surat
● Our Founders:
○ Tarun Saini - 3X founder, 8 years experience in Sales & Marketing
○ Raman Garg - 3X founder, 7 years experience in Ecommerce and Tech
● We are bridging the gap between the villages and quality education at an affordable cost.
● We are growing fast (3X Q-o-Q) and wish for you to be part of this rocketship!
WHAT IS THE ROLE?
About the Role: This role requires someone who would:
- Be responsible for creating and delivering on the product roadmap - Interface with design, engineering, business and growth teams and drive the desired outcome
- Understand user behaviour and champion consumers needs and strive to deliver the absolute best consumer experience
- Grow product adoption and key app metrics
Expectations/Requirements:
- A passionate APM / Senior Product Associate with 3+ years of experience in Product Management
- Someone with an entrepreneurial mindset who enjoys taking end-to-end ownership of the product and work across stakeholders to achieve the desired objectives for the product
- A keen eye for understanding the end user and creating product-led solutions to bridge user need gaps
- Strong analytical skills, ability to define KPIs, KPI dashboards and success metrics.
- Prioritization: The PM should be able to carry out effective prioritization of user stories balancing between user experiences, business requirements, tech debts and resourcing. Superpowers/ Skills that will help you succeed in this role:
- Love for simplifying - Knowledge of product development processes - Being a leader and an inspiration to your entire team - Ability to take internal and external stakeholders along
What are we looking for?
An enthusiastic individual with the following skills. Please do not hesitate to apply if you do not match all of it. We are open to promising candidates who are passionate about their work and are team players.
Key Responsibilities & expectations from the candidate
- Must have strong experience in Information Security Management system(ISMS), creation of policy, procedures and implementation.
- Operates as a key contributor to the RFP, Third-Party Risk assessment, cloud security assessment etc.
- Lead the strategic and tactical development of information security framework, risk management and new compliance initiatives
- Subject matter expertise in ISO 27001, SOC2, CCPA, CPRA, GDPR, PCI DSS and HIPAA.
- Must have a strong experience in the documentation process and reviewing MSA, SCC, SLA & DPA.
- Good knowledge of BCP/DR, Incident response, VA/PT and Audit methodologies of various compliance frameworks.
- Good knowledge of Access management, Network, Application Security, Encryption, Backup, Physical Security, ISMS Training & Awareness etc..
- Ability to deal with the customers and vendors on Security and privacy matters.
- Knowledge of Core IT processes, SDLC, network infrastructure will be useful.
Personal Attributes
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues
- Ability to present ideas in business-friendly and user-friendly language.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Highly self-motivated and hardworking.
Qualification and certification
- Bachelor’s/master's degree in Security, Computer Science, Management Information Systems, Engineering or related field.
- Should be at least ISO 27001 lead auditor or lead implementer.
- 3+ years of related work experience in information security governance, risk and compliance (GRC) or relevant compliance roles in the SaaS industry.
What can you look for?
A wholesome opportunity in a fast-paced environment that will enable you to juggle between concepts, yet maintain the quality of content, interact, and share your ideas and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the benefits of being at Xoxoday.
We are
Xoxoday is a rapidly growing fintech SaaS firm that propels business growth while focusing on human motivation. Backed by Giift and Apis Partners Growth Fund II, Xoxoday offers a suite of three products - Plum, Empuls, and Compass. Xoxoday works with more than 2000 clients across 10+ countries and over 2.5 million users. Headquartered in Bengaluru, Xoxoday is a 300+ strong team with four global offices in San Francisco, Dublin, Singapore, New Delhi.
Way forward
We look forward to connecting with you. As you may take time to review this opportunity, we will wait for a reasonable time of around 3-5 days before we screen the collected applications and start lining up job discussions with the hiring manager. We however assure you that we will attempt to maintain a reasonable time window for successfully closing this requirement. The candidates will be kept informed and updated on the feedback and application status.
We are looking for a passionate, highly driven, intrinsically motivated Associate Product Manager who wants to join a high-growth startup, learn something new everyday and join of one the most energetic and speedy Product Teams in health-tech!
Responsibilities
- Building and executing new initiatives and roadmaps for retention and increasing customer lifetime value.
- Understand the healthcare market, customers and build business cases for new product opportunities.
- Listen to the users on a regular basis and figure out the opportunities to solve their problems.
- Manage product lifecycle from ideation to launch and beyond which would include liaising with multiple stake-holders.
- Work closely with partners and clients from 4 continents to localize the product builds as per their need and ensure adoption of the new features.
- Use data, creativity, and experimentation to constantly improve the product experience
Requirements
- Have 1-4 years of experience in building and managing large-scale enterprise products.
- Have prior experience in the development team and understand how modern development frameworks function.
- Are passionate about translating customer needs to usable design and process flows for growth levers and optimization.
- Have Good understanding of funnels, agile & sprints, and wireframes.
- Display the attitude to be comfortable with ambiguity and have the skill to transform broad ideas into action plans and display Empathy towards users and also your colleagues.
- Understand how the application functions and the technicalities around it.
- Have familiarity with tools like Google data studio, Firebase, Google Analytics, Product Analytics tools, and Figma.
- Love analytics and very frequent experimentation
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Scan Network for Security Vulnerabilities
- Create detailed security report
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, network scanning tools.
- Defining, communicating, and owning the product plan from conception to launch.
- Need to have a rare combination of a strong business and a technical background.
- Understanding end to end operations and drive efficiencies through product or process to reduce turnaround times.
- Define the product strategy and roadmap by aligning with existing offerings.
- Create MRDs and PRDs with prioritized features and corresponding justification.
- Should have knowledge of the competition's business and processes.
- Work closely with the technical team to build the right product by clarifying their queries.
- Run beta and pilot programs with early-stage Products and Samples.
- Should have product ownership and plan product development cycles.
- Prior experience of SDLC and Release management is a must.
- Ability to provide guidance on Supply Chain Collaboration by integrating ERP and third-party applications.
- Proactively filling communication gaps amongst all team members - Good communication solves half the problem.
Expected Skills & Competencies:
B.E. / B. Tech / Bachelor in Design / MBA from Tier 1 Institute
Minimum of 2 years experience as a Product Manager
Minimum of 2 years of experience in supply chain domain
Demonstrated success defining and launching excellent products
Proven ability to influence cross-functional teams without formal authority
Excellent written and verbal communication skills.
As a prerequisite - Share at least one sample of an effective document (MRD|BRD|PRD) delivered in the past.
Requirements:
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.