2+ Vulnerability assessment Jobs in Pune | Vulnerability assessment Job openings in Pune

PortOne is re−imagining payments in Korea and other international markets. We are a Series B funded startup backed by prominent VC firms Softbank and Hanwa Capital

https://portone.io/global/en

PortOne provides a unified API for merchants to integrate with and manage all of the payment options available in Korea and SEA Markets - Thailand, Singapore, Indonesia etc. It's currently used by 2000+ companies and processing multi-billion dollars in annualized volume. We are building a team to take this product to international markets, and looking for engineers with a passion for fintech and digital payments.

Culture and Values at PortOne

• You will be joining a team that stands for Making a difference.
• You will be joining a culture that identifies more with Sports Teams rather than a 9 to 5 workplace.
• This will be remote role that allows you flexibility to save time on commute
• Your will have peers who are/have
• Highly Self Driven with A sense of purpose
• High Energy Levels - Building stuff is your sport
• Ownership - Solve customer problems end to end - Customer is your Boss
• Hunger to learn - Highly motivated to keep developing new tech skill sets

Who you are ?

* You are an athlete and Devops/DevSecOps is your sport.

* Your passion drives you to learn and build stuff and not because your manager tells you to.

* Your work ethic is that of an athlete preparing for your next marathon. Your sport drives you and you like being in the zone.

* You are NOT a clockwatcher renting out your time, and NOT have an attitude of "I will do only what is asked for"

* Enjoys solving problems and delight users both internally and externally

* Take pride in working on projects to successful completion involving a wide variety of technologies and systems

* Posses strong & effective communication skills and the ability to present complex ideas in a clear & concise way

* Responsible, self-directed, forward thinker, and operates with focus, discipline and minimal supervision

* A team player with a strong work ethic

Experience

* 2+ year of experience working as a Devops/DevSecOps Engineer

* BE in Computer Science or equivalent combination of technical education and work experience

* Must have actively managed infrastructure components & devops for high quality and high scale products

* Proficient knowledge and experience on infra concepts - Networking/Load Balancing/High Availability

* Experience on designing and configuring infra in cloud service providers - AWS / GCP / AZURE

* Knowledge on Secure Infrastructure practices and designs

* Experience with DevOps, DevSecOps, Release Engineering, and Automation

* Experience with Agile development incorporating TDD / CI / CD practices

Hands on Skills

* Proficient in atleast one high level Programming Language: Go / Java / C

* Proficient in scripting - bash scripting etc - to build/glue together devops/datapipeline workflows

* Proficient in Cloud Services - AWS / GCP / AZURE

* Hands on experience on CI/CD & relevant tools - Jenkins / Travis / Gitops / SonarQube / JUnit / Mock frameworks

* Hands on experience on Kubenetes ecosystem & container based deployments - Kubernetes / Docker / Helm Charts / Vault / Packer / lstio / Flyway

* Hands on experience on Infra as code frameworks - Terraform / Crossplane / Ansible

* Version Control & Code Quality: Git / Github / Bitbucket / SonarQube

* Experience on Monitoring Tools: Elasticsearch / Logstash / Kibana / Prometheus / Grafana / Datadog / Nagios

* Experience with RDBMS Databases & Caching services: Postgres / MySql / Redis / CDN

* Experience with Data Pipelines/Worflow tools: Airflow / Kafka / Flink / Pub-Sub

* DevSecOps - Cloud Security Assessment, Best Practices & Automation

* DevSecOps - Vulnerabiltiy Assessments/Penetration Testing for Web, Network and Mobile applications

* Preferrable to have Devops/Infra Experience for products in Payments/Fintech domain - Payment Gateways/Bank integrations etc

What will you do ?

Devops

* Provisioning the infrastructure using Crossplane/Terraform/Cloudformation scripts.

* Creating and Managing the AWS EC2, RDS, EKS, S3, VPC, KMS and IAM services, EKS clusters & RDS Databases.

* Monitor the infra to prevent outages/downtimes and honor our infra SLAs

* Deploy and manage new infra components.

* Update and Migrate the clusters and services.

* Reducing the cloud cost by enabling/scheduling for less utilized instances.

* Collaborate with stakeholders across the organization such as experts in - product, design, engineering

* Uphold best practices in Devops/DevSecOps and Infra management with attention to security best practices

DevSecOps

* Cloud Security Assessment & Automation

* Modify existing infra to adhere to security best practices

* Perform Threat Modelling of Web/Mobile applications

* Integrate security testing tools (SAST, DAST) in to CI/CD pipelines

* Incident management and remediation - Monitoring security incidents, recovery from and remediation of the issues

* Perform frequent Vulnerabiltiy Assessments/Penetration Testing for Web, Network and Mobile applications

* Ensure the environment is compliant to CIS, NIST, PCI etc.

Here are examples of apps/features you will be supporting as a Devops/DevSecOps Engineer

* Intuitive, easy-to-use APIs for payment process.

* Integrations with local payment gateways in international markets.

* Dashboard to manage gateways and transactions.

* Analytics platform to provide insights

As a Security Researcher in SaaS security posture management, your primary responsibility will be to conduct research on emerging security threats and vulnerabilities in SaaS environments and to develop and implement strategies to mitigate those risks. Specifically, your job duties will include: Conducting in-depth research on emerging security threats and vulnerabilities in SaaS environments.

• Analyzing data and security logs to identify potential threats and take proactive measures to prevent them.
• Developing and implementing security policies and procedures to protect against security threats in SaaS environments.
• Collaborating with other members of the IT team to implement security measures and ensure compliance with industry standards and regulations.
• Keeping up-to-date with the latest security technologies and trends in SaaS security posture management.
• Communicating findings and recommendations to management and other stakeholders.
• Participating in incident response and resolution activities in the event of a security breach in SaaS environments.
• To be successful in this role, you should have a Bachelor's or Master's degree in Computer Science, Information Security, or a related field, and have experience in researching emerging security threats and vulnerabilities in SaaS environments. You should also have strong analytical and problem-solving skills, and hold industry certifications such as CISSP, CEH, or OSCP. Excellent communication and collaboration skills are essential to work effectively with cross-functional teams.