13+ Web application security Jobs in Bangalore (Bengaluru) | Web application security Job openings in Bangalore (Bengaluru)
Apply to 13+ Web application security Jobs in Bangalore (Bengaluru) on CutShort.io. Explore the latest Web application security Job opportunities across top companies like Google, Amazon & Adobe.
at Upswing Financial Technologies Private Limited
As part of the Cloud Platform / Devops team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –
- Building Infrastructure on AWS driven through terraform and building automation tools for deployment, infrastructure management, and observability stack
- Building and Scaling on Kubernetes
- Ensuring the Security of Upswing Cloud Infra
- Building Security Checks and automation to improve overall security posture
- Building automation stack for components like JVM-based applications, Apache Pulsar, MongoDB, PostgreSQL, Reporting Infra, etc.
- Mentoring people across the teams to enable best practices
- Mentoring and guiding team members to upskill and helm them develop work class Fintech Infrastructure
What will you do if you join us?
- Write a lot of code
- Engage in a lot of cross-team collaboration to independently drive forward infrastructure initiatives and Devops practices across the org
- Taking Ownership of existing, ongoing, and future initiatives
- Plan Architecture- for upcoming infrastructure
- Build for Scale, Resiliency & Security
- Introduce best practices wrt Devops & Cloud in the team
- Mentor new/junior team members and eventually build your own team
You should have
- Curiosity for on-the-job learning and experimenting with new technologies and ideas
- A strong background in Linux environment
- Must have Programming skills and Experience
- Strong experience in Cloud technologies, Security and Networking concepts, Multi-cloud environments, etc.
- Experience with at least one scripting language (GoLang/Python/Ruby/Groovy)
- Experience in Terraform is highly desirable but not mandatory
- Experience with Kubernetes and Docker is required
- Understanding of the Java Technologies and Stack
- Any other Devops related experience will be considered
About us:
HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.
We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.
To know more, Visit! - https://www.happyfox.com/
Responsibilities:
- Perform manual and automated application penetration tests and provide suggestions to harden our products
- Participate regularly in the development and release process to identify and report security vulnerabilities in the code being shipped
- Conduct regular audits on all Features/APIs of the product and reports vulnerabilities to the development team
- Keep up with industry trends in the security space
- Triage inbound vulnerability reports with an appropriate level of urgency and track them until they are resolved by Engineering teams
- Should be able to understand different elements of our NodeJS, Python and similar stacks and provide guidance on secure software development practices to the team
- Scale our application security engineering team
Requirements:
- Strong verbal and written communication skills
- Has worked on Web Application Security Testing for a reasonably complex application. The mobile experience is a plus
- Good knowledge of secure software development guidelines from authoritative bodies like NIST, OWASP, SANS
- Hands-on experience in performing manual/automated security assessments with open-source/commercial security tools
1. Perform security assessment of web applications, Android, iOS mobile applications, Source Code Review
2. In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10
3. False Positive removal and manual application testing
4. Working exp of Python, Java, .Net etc
5. Experience of using MF Fortify is a must
6. Proactively identify vulnerabilities and recommend fixes
7. Ownership of the tasks, Adapt to technologies/languages/platforms/frameworks of the time
8. Experience in using security tools to carry out manual as well as automated security assessments
9. Experience working with common product flows like payment gateway integration, authentication etc.
10. Client handling exp
11. Should be able to address client queries, work on proposals etc
12. Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams
Our client is software services company based in Bangalore
- Document technical and functional specifications
- Perform unit testing of objects/ solutions created
- Perform configuration, integration, and personalizations in Oracle HCM EBS/Cloud
- Work in a functional and technical capacity and analyze business requirements, design, develop and deploy solutions
- Excellent troubleshooting, analytical and problem-solving skills
- Explore & investigate the client's pain areas, extend the scope, and keep the client satisfied
Experience and Skills:
- Minimum a Bachelor’s degree.
- 3 to 10 years of experience as an Oracle HCM Techno-Functional Consultant
- 30% Functional and 70% Technical
- Strong experience in core HR, Payroll, Fast Formula, OTL and SSHR
- Should have expertise in Oracle HCM Cloud advanced tools such as HCM Extracts, HDL, PBL, BI Publisher, OTBI, Application Security, Page Composer, Page Configurator, REST APIs, SOAP, Webservices
- Able to provide strong leadership to develop best practices for effective Techno functional support for the enterprise business process area
- Good communication skills
- In-depth knowledge of the business process and capability to understand business requirements.
Desired Skills |
To have skills: · Proven technical expertise in cyber security domains, i.e. endpoint security, application security testing. · Knowledge and experience in public cloud solutions. · Knowledge on network security, networking concepts and architectural implementations. · Knowledge on vulnerability testing and define proper remediation’s. · Shell scripting experience - Shell/Bash/Python. · Working experience of Linux operation.
Desire to have skills: · One or more of the following cyber security certifications: CEH, CISSP, OSCP, SSCP CCSP. · Excellent problem solving, and follow-up skills. · Ability to convey technical security concepts to non-technical audiences. |
- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
This position is open for experienced professionals in the field of software testing. You will be working with an amazing team and will have tremendous opportunities to learn and grow quickly.We are looking for Quality Analyst to work on our product Faveo HELPDESK
Who are we looking for?
1 to 3 years of prior experience in QA
Proficient in Software testing
Role & responsibilities
Work on http://www.faveohelpdesk.com/" target="_blank">www.faveohelpdesk.com
Review Faveo in terms of UI, usability etc.
Web security testing Performance testing Write manual test cases Test the web,
Mobile application manually Test the web
Mobile application using open source testing tools
Document the test result
We use Github for issue management
Technologies you will work on
Manual testing
Automated testing
Tools you will use
Git – Github
Basic IDE usage of any of these: NetBeans/Dreamweaver/Brackets/Sublime
Selenium
Candidates with prior knowledge of these tools will be preferred
Qualification/Interest
Should have completed testing course from reputed institute
Candidates from engineering, computer science and information technology background preferred
Team player, friendly, self-motivated, quick & self learner and be able to work autonomously
How can I apply?
You are invited to send us your complete resume
Attach previous work or portfolio or project details
Resume should have candidate photograph in it Mention Linkedin Profile URL in the resume
Do go over our company website http://www.faveohelpdesk.com/" target="_blank">www.faveohelpdesk.com & LinkedIn profile before applying
Ethical Code
We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
-
- Manage a team of highly skilled security engineers
- Responsible for the security of all Ola applications.
- Enforce Security in SDLC, and ensure any identified vulnerabilities are fixed before a feature goes to production.
- Participate in the design review discussions to identify any security loophole, and recommend a secure design solution.
- Partner with engineering leaders across the company to help them prioritize security issues in their products.
- Run the Ola’s Bug Bounty program effectively.
- Develop a roadmap for future work to enhance security, derive a project plan, and ensure the completion of the project within the timelines.
- Mentor the team members and work towards their career growth.
Minimum Qualifications
- 7+ years of work experience in security engineering, including 2+ years of proven hands-on technical management experience of security engineers.
- Experience recruiting and managing technical teams, including performance management.
- Technical experience across security disciplines – web/mobile app security, infrastructure security, security operations center.
- Experience building relationships with stakeholders and business leaders.
- Must have Coding experience at least in one language.
- Knowledge of standards like PCI-DSS, ISO27001, GDPR etc.
BS/MS in Computer Science or equivalent experience
One of the world top Product/Consulting company
- 5+ Years of leading an engagement.
- 5+ Years developing and implementing security operations and technology in large, complex enterprises in multiple industry verticals, across a wide range of technology platforms.
- 4+ Years on any Cloud Platform (AWS, Azure, Google, others).
- Master's or Bachelor's degree in Information Science / Information Technology, Computer Science.
- Deep hands-on experience leading the design, development and deployment of business software at scale.
- Experience with service-oriented architectures, private and public clouds and web services security.
- Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls, Infrastructure and Network Security, Data protection, and Incident response.
- Professional experience and good technical knowledge of application security, system security, network security, authentication/authorization protocols, and cryptography.
- Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27xxx, SOC, HIPAA, GDPR, and NIST/DoD frameworks.
- Experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment.
- Good understanding of Enterprise Networks, Security and Identity Access Management.
- Configuration management using CloudFormation and/or Chef/Puppet.
- Experience with agile approaches and Experience in DevOps or DevSecOps, and how they impact risk management and compliance.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment using scripting and/or IaaC.
- Knowledge of professional software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, libraries building, build processes, testing, and operations.
- Demonstrated ability to mentor other software developers to maintain architectural vision and software quality.
- Experience taking a lead role developing complex software systems that have successfully been delivered to customers.
- Ability to travel to customer sites as needed.
PREFERRED QUALIFICATIONS:
- AWS Solutions Architect Certified.
- AWS Security Speciality Certified.
- CISSP, CCSP, CISM, and/or other comparable certifications.
Description:
Rapyuta Robotics is seeking talented and ambitious individuals with a can-do attitude to help revolutionize robotics. We’re creating a whole new generation of multi-agent aerial and ground-based mobile robotic platforms with access to an inexhaustible supply of data storage & processing capabilities on the cloud. Our units will be capable of working autonomously and collaboratively, learning from their collective experiences and continuously improving upon themselves.
Frontend engineers are an essential part of the engineering team, helping to make the complex functionalities of our platform accessible through intuitive interfaces. As a senior front-end engineer your responsibilities will include but are not limited to:
- Working with product owners, designers, and backend developers to implement browser-based user interfaces to orchestrate and monitor fleets of autonomous machines
- Building reusable code and libraries for future use
- Ensuring the technical feasibility of UI/UX designs and address performance bottlenecks
- Maintaining standards of automated testing, code quality, and engineering best practices
- Manage a team of 3-4 front-end developers in their tasks across the company's project requirements.
Requirements
Must-Have:
- 4+ years of work experience in front-end development.
- Advanced knowledge of JavaScript (ES6), CSS3, HTML5 and browser APIs.
- Advanced knowledge of React.js
- Good knowledge of database technologies: MySQL, PostgreSQL etc and web application security
- Experience with cross-browser compatibility issues, client-side performance considerations and automated testing tools.
- Experience with software testing, specifically unit testing & integration testing.
- Experience managing a team of front-end developers for at least 1 year.
- Experience with code quality, build and debugging tools
Good to Have:
- Basic knowledge of browser engines: Gecko, Webkit, Servo, etc.
- Knowledge in agile development, and continuous integration for the front end.
- Past experience in the robotics domain and visualizations
Benefits
- Competitive salary
- Stock options
- Budget to buy equipment of choice
- An international working environment with exceptionally talented engineers
You will get to own and build world-class, stable, secure and scalable solutions
Ownership, trust and flexibility comes with the job and you are expected to consistently raise the bar in terms of technical proficiency and quality of code.
You will get to work with a highly experienced team in a very informal, yet results-oriented environment
You should think consumer-first and have the ability to work in a dynamic and fast-paced environment
You will actively participate in defining stable and scalable engineering processes to meet the demands of a fast growing team.
3+ years hands-on application development experience in Python, Django, Flask & NodeJS
Highly proficient in SQL and NoSQL databases and Redis.
Should have a strong hands-on working knowledge on AWS services like EC2, S3, Route53, SES, SQS, SNS etc.
Should have successfully built and deployed complex and resource efficient backend APIs that work flawlessly at scale
Should be willing to take on responsibility and ownership and should be highly motivated and fun to work with :)
Experience in working at fast-paced startups is a big plus!
If you have the knowledge, experience and hunger to make a positive impact, we’d love to meet you.
We are looking for candidates with the below experience.
- Mandatory experience on any of
a) Cylance Protect and Optics
b) Crowdstrike Falcon Insight
c) Sentinel One ActiveEDR
d) Carbon Black EDR
- Hands-on experience in security incident response lifecycle and its phases
- Should have experience in L1 and L2 in EDR
- Hands-on experience in event and log analysis on Windows endpoints
- Overall experience: 3-7 years, Relevant experience: 2+ years
Please note : Candidate should have experience in the below skills must :
- EDR Experience
- EDR Product Worked on and which level of support they are working on
- Incident Response
- Malware Analysis
- Flexible for shifts
Requirements:
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.