Skyhigh Security
Location
Bangalore | India
Job description
Responsibilities:
Collaborate with development teams to integrate security practices into the Software Development Life Cycle (SDLC).
Provide guidance and assistance in implementing secure coding practices and principles.
Conduct security code reviews and provide feedback to development teams.
Utilize SAST tools to analyze source code for security vulnerabilities.
Review SAST scan results and collaborate with development teams to remediate identified issues.
Conduct DAST scans on applications to identify security weaknesses and vulnerabilities.
Plan and execute penetration tests on applications, systems, and networks.
Identify and exploit security vulnerabilities to assess the organizations security posture.
Develop and execute fuzzing techniques to identify software vulnerabilities.
Analyze fuzzing results and work with development teams to mitigate discovered vulnerabilities.
Manage and maintain security testing tools and platforms, ensuring they are up-to-date and effective.
Evaluate new security tools and technologies to enhance the organizations security capabilities.
Qualifications:
5 to 7 years of experience in a security engineering role, with a focus on secure SDLC, SAST, DAST, Penetration Testing, and Fuzzing.
Strong understanding of application security principles and common vulnerabilities (OWASP ASVS, CWE).
Experience with one or more scripting languages (Python, Bash, PowerShell) for automation and tool development.
Certifications such as OSCP or GPEN or GXPN.
Excellent communication and collaboration skills, with the ability to work effectively across teams and departments.
Company Benefits and Perks
Job tags
Salary
