Fynd - DevSecOps Engineer - IT Security Strategy
SHOPSENSE RETAIL TECHNOLOGIES LIMITED
Location
Mumbai | India
Job description
Job Description :Fynd is India's largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming+crypto, image editing and learning space. Founded in 2012 by 3 IIT Bombay alumni: Farooq Adam, Harsh Shah and Sreeraman MG. We are headquartered in Mumbai and have 1000+ brands under management, more than 10k stores and servicing 23k + pin codes.We're looking for an SDE I/ SDE II- DevSecOps to join our Engineering Team. The team builds products for 10M+ Fynd users and internal teams. Our team consists of generalist engineers who work on building modern websites (SPA & Isomorphic), mobile apps for Android & iOS, REST APIs and servers, internal tools, and infrastructure for all our users.What will you do at Fynd ?Build a Culture around Security Engineering at Fynd
- Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.Drive a DevSecOps culture in the organization by implementing shift left security culture.Conduct security reviews, auditing, penetration testing, risk assessments, vulnerability assessments, threat modeling.Install, configure, manage, and maintain mission-critical enterprise applications such as AV, patching, SIEM, DLP, log management and other technical controls. Troubleshoot security system and related issuesImprove Cloud, Application ,Kafka, Database security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for CloudRun security automation tools for periodic scans - SAST, DAST, Infrastructure scanning, Compliance check Adhere to OWASP guidelines and bring the OWASP maturity model at organisation level.Strong understanding of network concepts including TCP/IP, and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.A good knack for automating infrastructure security as much as possibleSome specific requirementsNeed to have a professional experience of at least 3-4 years acquired in monitoring and improving DevSec Ops tools and processesExtensive knowledge in assurance tools such as BurpSuite, WebInspect, Fortify, OWASP ZAP, Sonarqube, Open source automation tools and their integrations into CI/CD cycles.Understanding of Zero Trust policy and its implementation.Identify security weakness across multiple programming languages like Python, Node JS, Java, Go, Javascript, HTML etcParticipate in incident handling and other related duties to support the information security function.Ability to drive security automation and DevSecOps within engineering life cycle, as well as vulnerability/bug remediationAbility to perform security assessments for web applications and mobile apps - Android/iOSProficient in any one programming language (e.g. Python, JavaScript, etc.) and Git workflows.Good to have audit experience across compliance certifications like ISO 27001/ISMS/PCI DSS / SoC 2Experience in Kubernetes Infra, Cloud deployment technologies - AWS, GCPWhat do we offer ?GrowthGrowth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially.Flex University: We help you upskill by organising in-house courses on important subjectsLearning Wallet: You can also do an external course to upskill and grow, we reimburse it for you.Culture- Community and Team building activities- Host weekly, quarterly and annual events/parties.Wellness- Mediclaim policy for you + parents + spouse + kids- Experienced therapist for better mental health, improve productivity & work-life balance We work 5 days from the office and we make sure people have everything they need :- Free meals- Snacks, goodies & a lot of fun culture (ref:hirist.tech)
Job tags
Salary