8+ Software security Jobs in Bangalore (Bengaluru) | Software security Job openings in Bangalore (Bengaluru)

A BIT ABOUT US

Appknox is one of the top Mobile Application security companies recognized by Gartner and G2. A profitable B2B SaaS startup headquartered in Singapore & working from Bengaluru.

The primary goal of Appknox is to help businesses and mobile developers secure their mobile applications with a focus on delivery speed and high-quality security audits.

Appknox has helped secure mobile apps at Fortune 500 companies with Major brands spread across regions like India, South-East Asia, Middle-East, US, and expanding rapidly. We have secured 300+ Enterprises globally.

We are a 40+ incredibly passionate team working to make an impact and help some of the biggest companies globally. We work in a highly collaborative, very fast-paced work environment. If you have what it takes to be part of the team, we are excited, and let’s speak further.

The Opportunity

To join the security team engaging with multiple clients, helping them with end-to-end security audits, also researching new topics and vulnerabilities to be added to the scanner, present research at conferences.

What An Ideal Candidate Would Look Like: 

• Skills - Application Penetration Testing, experience with IoT testing, source code audits.
• Technology Stack: Python
• Responsibilities: Engage with clients for scoping call, perform security audits, and remediation call with clients to patch the issues, research on new technologies/vulnerabilities

Minimum Requirements

• Should have at least 2 years of experience in security or show something that proves experience doesn’t matter
• Must be comfortable with tools like burp suite, 
• Strong Analytical Skills
• Strong grasp of fundamentals of information security
• Strong Grasp of Web and API Pen-Testing
• Self-taught learner willing to read and keep up-to-date on technological changes and how they could be used
• Can accurately define an issue and create detailed Proof-of-concept and write-up of the findings.
• Provide appropriate remediation and mitigations of the identified vulnerabilities.

Responsibilities

• Security assessment of web applications.
• Develop and interpret security standards and guides
• Automation of security test cases
• Understand and explain the results with impact on business and compliance status
• Continuously learning and training on the latest tools and techniques

 Work Expectations

Within 1 month

Training on processes, security workflow

Within 3 months

Pentesting Web, Mobile and API endpoints

Within 6 months

Research and publish whitepapers, contribute to the Appknox Web Scanner

Personality traits we admire:-

• A confident and dynamic working persona, which can bring fun to the team, and a sense of humor, is an added advantage.
• Great attitude to ask questions, learn and suggest process improvements.
• Has attention to detail and helps identify edge cases.
• Highly motivated and coming up with fresh ideas and perspectives to help us move towards our goals faster.
• Follow timelines and have an absolute commitment to deadlines.
•  

Interview Process - would be team specific

• Round 1 - Profile Evaluation
• Round 2 - Appknox CTF Challenge
• Round 3 -Technical Interview with security team members
• Round 4 - Technical Interview with the CTO and Team Lead
• Round 5 - HR Round

Compensation

•  As per Industry Standards

Why Join Us:-

• Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours.
• Great Salary & Equity: We keep up with the market standards & provide pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also provide equity options for our top performers.
• Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours.
• Transparency: Being a part of a start-up is an amazing experience, one of the reasons being open communication & transparency at multiple levels. Working with Appknox will allow you to experience it all first-hand.

Job Description: React Native Developer

Experience: Over 4 years

Responsibilities:

-       Architect, design, develop, and maintain complex, scalable React Native applications using clean code principles.

-       Collaborate with designers to translate UI/UX mock-ups into pixel-perfect, native-feeling mobile interfaces.

-       Leverage React Native's capabilities to build reusable UI components and implement performant animations.

-       Effectively utilize native modules and APIs to achieve platform-specific functionalities when necessary.

-       Write unit and integration tests to ensure code quality and maintainability.

-       Identify and troubleshoot bugs, diagnose performance bottlenecks, and implement optimizations.

-       Stay up to date with the latest trends and advancements in the React Native ecosystem.

-       Participate in code reviews, provide mentorship to junior developers, and foster a collaborative development environment.

Qualifications:

-       Experience in professional software development with a strong focus on mobile development.

-       Proven experience building production ready React Native applications.

-       In-depth knowledge of React, JavaScript (ES6+), and related web technologies (HTML, CSS).

-       Strong understanding of mobile development concepts and best practices.

-       Experience with Redux or similar state management libraries for complex applications.

-       Experience with unit testing frameworks (Jest, Mocha) and UI testing tools.

-       Excellent communication, collaboration, and problem-solving skills.

-       Ability to work independently and manage multiple tasks effectively.

-       A passion for building high-quality, user-centric mobile applications.

Nice To Have:

-       Experience with native development (iOS/Android) for deep integrations.

-       Experience with containerization technologies (Docker, Kubernetes).

-       Experience with continuous integration/continuous delivery (CI/CD) pipelines.

-       Experience with GraphQL or RESTful APIs.

Marrow is a learning platform for doctors, medical students, and other healthcare practitioners with topic-wise learning modules, tests and performance analytics, and high-quality recorded medical video classes. Marrow is currently used by over 5 lakh medical students in India to prepare for the country’s largest medical competitive exam - NEET PG.

USP of Marrow

1) Loved by more than 70% of aspiring doctors in India.

2) NEET-PG 2020, 2021, 2022,2023 - Top 10 Rankers were the Marrow users.

DailyRounds is a healthcare startup focused on organizing “Knowledge of practice of Medicine” and building a community of Doctors (and healthcare professionals). We hold the largest IP (intellectual property) in clinical medicine in India. We hope to put this IP, network, and our best efforts to help Doctors improve how they diagnose and treat. We are a diverse team of 300 people based in Bangalore.

We are product-driven. We believe businesses should scale and be profitable. We avoid fads and focus on what makes business sense, what can scale, and what can make a positive impact (in that order).

In April 2019 M3 India, the Indian subsidiary of Japanese Healthtech company M3 (one of the largest healthcare networks globally, listed on the Tokyo Stock Exchange), picked up a majority stake in DailyRounds to foray into case-based problem-solving, community platform, and

medical test preparation business in India.

We seek a highly skilled and experienced Mobile Application Security Engineer to join our dynamic security team. The ideal candidate will possess a deep understanding of mobile security for both Android and iOS platforms, with hands-on experience in identifying and mitigating security vulnerabilities. This role involves ensuring the security of mobile applications through rigorous testing, threat modeling, and implementation of security best practices.

What are we looking for

• 2-5 years of experience in mobile application security for Android and iOS platforms.
• Proven expertise in vulnerability assessment, penetration testing (VAPT), and security analysis of mobile applications.
• Strong understanding of Android and iOS security architectures.
• Proficiency in security tools such as Frida, Burp Suite, OWASP Mobile Security Testing Guide (MSTG), etc.
• Experience with common mobile security vulnerabilities (e.g., OWASP Mobile Top 10) and mitigation strategies.
• Knowledge of CVE databases and experience in reporting and managing vulnerabilities.
• Familiarity with secure coding practices and security standards.

What you will be doing here

Security Assessment and Testing:

• Conduct thorough security assessments of mobile applications, including static and dynamic analysis.
• Perform vulnerability assessments and penetration testing (VAPT) on Android and iOS applications.
• Utilize tools such as Frida, Burp Suite, and other mobile security testing frameworks to identify security weaknesses.

Vulnerability Management:

• Identify, report, and track mobile application security vulnerabilities (Common Vulnerabilities and Exposure)
• Work closely with development teams to ensure vulnerabilities are addressed and resolved.
• Develop and maintain a vulnerability management program for mobile applications.

Security Architecture and Design:

• Collaborate with development and product teams to design secure mobile applications.
• Implement security best practices and guidelines for mobile app development.
• Conduct threat modeling and risk assessments to identify potential security threats.

Security Tools and Automation:

• Develop and maintain custom scripts and tools to automate security testing.
• Stay updated with the latest security tools, technologies, and trends in mobile security.

Documentation and Reporting:

• Create detailed security assessment reports and documentation.
• Provide recommendations for security improvements and risk mitigation.
• Document security policies, procedures, and guidelines for mobile application security.

Please note that only shortlisted candidates will be contacted.

• OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
• OWASP TOP 10 vulnerabilities and their mitigations
• Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
• Understand/modify exploit code and find logical security flaws in applications
• Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
• To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.

• Document technical and functional specifications
• Perform unit testing of objects/ solutions created
• Perform configuration, integration, and personalizations in Oracle HCM EBS/Cloud
• Work in a functional and technical capacity and analyze business requirements, design, develop and deploy solutions
• Excellent troubleshooting, analytical and problem-solving skills
• Explore & investigate the client's pain areas, extend the scope, and keep the client satisfied

• Minimum a Bachelor’s degree.
• 3 to 10 years of experience as an Oracle HCM Techno-Functional Consultant
• 30% Functional and 70% Technical
• Strong experience in core HR, Payroll, Fast Formula, OTL and SSHR
• Should have expertise in Oracle HCM Cloud advanced tools such as HCM Extracts, HDL, PBL, BI Publisher, OTBI, Application Security, Page Composer, Page Configurator, REST APIs, SOAP, Webservices
• Able to provide strong leadership to develop best practices for effective Techno functional support for the enterprise business process area
• Good communication skills
• In-depth knowledge of the business process and capability to understand business requirements.

Requirements:

• Overall experience in the field of Information risk and security related initiatives/ projects.
• Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
• Ability to understand business concepts and integrate business risk elements into security operations.
• Experience in conducting VAPT.
• Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
• Strong ethics and understanding of ethics in business and information security.
• Should have exposure to Code review, Network VA/PT and App VA/PT work.
• Understanding and familiarity with common code review methods and standards.
• Experience with code scanning toolsets such as Fortify and Ounce.
• Understanding of HTTP and web programming.
• Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
• Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
• In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.