hireejobs
Register for Job
Hyderabad Jobs
Banglore Jobs
Chennai Jobs
Delhi Jobs
Ahmedabad Jobs
Mumbai Jobs
Pune Jobs
Vijayawada Jobs
Gurgaon Jobs
Noida Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

Associate Principal Engineer - Information Security (Application security)

3.00 to 6.00 Years   Bangalore   20 Jan, 2021
Myntra
Job LocationBangalore
EducationNot Mentioned
SalaryNot Disclosed
IndustryInternet / E-Commerce
Functional AreaGeneral / Other Software
EmploymentTypeFull-time

Job Description

The role of the Application Security Analyst is to perform activities related to security and privacy by design in the application developed by Flipkart and integrate security controls throughout the SDLC life cycle. The engineer is responsible for establishing, implementing, monitoring, reviewing, and improving a suitable set of controls for the prevention of threats to the security of Myntra s applications and information assets, ensuring the business objectives of the organization.Responsibilities and Scope:

  • The candidate should have 3+ of experience in web application and mobile application security vulnerability assessment and penetration testing
  • Perform Static, Dynamic security testing (SAST and DAST) including penetration testing for thin & thick client-based applications
  • Exploit security flaws and vulnerabilities with attack simulations on multiple applications in the Android and IOS platforms
  • Develop PoC/exploits for vulnerabilities identified
  • Provide remediation guidance to identified vulnerabilities
  • Manual and automated security testing of Web applications, APIs, and mobile Apps
  • Use automated and manual code review techniques to identify application security vulnerabilities
  • Perform software applications reviews for potential security vulnerabilities by conducting application security reviews
  • Perform requirements review, design review, code review, and perform code review across multiple programming languages
  • Identify complex vulnerabilities such as business logic flaws and articulate to both technical and non-technical partners
  • Document vulnerabilities and work on vulnerability mitigation analyze application security policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material
  • Develop and maintain security testing plans and automate penetration and other security testing on the application, systems, networks, and data layers
  • Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make decisions based on risk
  • Produce actionable, threat-based, reports on security testing results
  • Build and maintain relationships with key stakeholders and business partners
Must-Have:
  • The candidate should be a team player with good interpersonal skills and should be able to work independently with minimum supervision in a complex Infrastructure environment
  • Ability to clearly communicate needs and requirements and influence stakeholders with minimal supervision
  • Ability to accurately estimate effort, set and meet deadlines
  • Development experience in one or more of the technologies; Node/JavaScript, Java, Python, PHP
  • Experience in research and development in - red team exercises, threat hunting, OSINT, Threat Modelling and building security tools
  • Good understanding in DevSecOps, security architecture review and network security assessments
  • Good experience in developing and/or maintaining multi-tier applications and hands-on development using Java / J2EE or .NET Technologies or any Web.
  • Good understanding of any application web servers. Well versed with OWASP standards. Unix / Linux / Debian
  • Hands-on experience with technology and to contribute to the design, development, and support of projects with the security recommendations
Nice to Have:
  • Good problem-solving skills. good communications and documentation skills
  • Ability to anticipate needs and provide creative input that ensures the success of the broader team
  • Aptitude for learning software vulnerabilities, exploits, countermeasures, and operational monitoring
  • Proficient in reading modern programming languages with the ability to quickly learn to read and interpret scripts written by others
,

Keyskills :
storageemcenvironmentlinuxsymmetrixresearchdevelopmentenvironmental impact assessmentred teamcode reviewdesign reviewproblem solvingweb applicationsecurity policynetwork securitysecurity testing

APPLY NOW

Associate Principal Engineer - Information Security (Application security) Related Jobs

© 2019 Hireejobs All Rights Reserved