2+ Vulnerability scanning Jobs in India

About us

Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 8300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to DevSecOps with Astra's CI/CD integrations.

Astra is loved by 650+ companies across the globe. In 2023 Astra uncovered 2 million+ vulnerabilities for its customers, saving customers $69M+ in potential losses due to security vulnerabilities. 

We've been awarded by the President of France Mr. François Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security. Loom, MamaEarth, Muthoot Finance, Canara Robeco, ScripBox etc. are a few of Astra’s customers.

Role Overview

As an SDE 2 Back-end Engineer at Astra, you will play a crucial role in the development of a new vulnerability scanner from scratch. You will be architecting & engineering a scalable technical solution from the ground-up.

You will have the opportunity to work alongside talented individuals, collaborating to deliver innovative solutions and pushing the boundaries of what's possible in vulnerability scanning. The role requires deep collaboration with the founders, product, engineering & security teams.

Join our team and contribute to the development of a cutting-edge SaaS security platform, where high-quality engineering and continuous learning are at the core of everything we do.

Roles & Responsibilities:

• You will be joining our Vulnerability Scanner team which builds a security engine to identify vulnerabilities in technical infrastructure.
• You will be the technical product owner of the scanner, which would involve managing a lean team of backend engineers to ensure smooth implementation of the technical product roadmap.
• Research about security vulnerabilities, CVEs, and zero-days affecting cloud/web/API infrastructure.
• Work in an agile environment of engineers to architect, design, develop and build our microservice infrastructure.
• You will research, design, code, troubleshoot and support (on-call). What you create is also what you own.
• Writing secure, high quality, modular, testable & well documented code for features outlined in every sprint.
• Design and implement APIs in support of other services with a highly scalable, flexible, and secure backend using GoLang
• Hands-on experience with creating production-ready code & optimizing it by identifying and correcting bottlenecks.
• Driving strict code review standards among the team.
• Ensuring timely delivery of the features/products
• Working with product managers to ensure product delivery status is transparent & the end product always looks like how it was imagined
• Work closely with Security & Product teams in writing vulnerability detection rules, APIs etc.

Required Qualifications & Skills: 

• Strong 2-4 years relevant development experience in GoLang
• Experience in building a technical product from idea to production.
• Design and build highly scalable and maintainable systems in Golang
• Expertise in Goroutines and Channels to write efficient code utilizing multi-core CPU optimally
• Must have hands-on experience with managing AWS/Google Cloud infrastructure
• Hands on experience in creating low latency high throughput REST APIs
• Write test suites and maintain code coverage above 80%
• Working knowledge of PostgreSQL, Redis, Kafka
• Good to have experience in Docker, Kubernetes, Kafka
• Good understanding of Data Structures, Algorithms and Operating Systems.
• Understanding of cloud/web security concepts would be an added advantage

What We Offer:

• Adrenalin rush of being a part of a fast-growing company
• Fully remote & agile working environment
• A wholesome opportunity in a fast-paced environment where you get to build things from scratch, improve and influence product design decisions
• Holistic understanding of SaaS and enterprise security business
• Opportunity to engage and collaborate with developers globally
• Experience with security side of things
• Annual trips to beaches or mountains (last one was Chikmangaluru)
• Open and supportive culture 

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting