Product Security Analyst

Location

Bangalore | India

Job description

As a Product Security Analyst, you will ensure the security and protection of our companys applications and systems . You will work closely with our development teams to provide support on remediating vulnerabilities and to assess the security of new and existing applications. This is a critical role that is responsible for ensuring the security and integrity of our companys applications and systems.

Â

Your Mission

• Develop and maintain security testing plans
• Execute and automate application testing using scripts, as well as open source and professional tools
• Generate clear reports that outline the flaws detected during application testing
• Conduct Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA) to identify vulnerabilities and security risks in the Software Development Life Cycle (SDLC)
• Collaborate with development teams to remediate vulnerabilities, implement security improvements, and to integrate security into the Software Development Life Cycle (SDLC)
• Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
• Maintain security documentation, including standards and procedures

You Are/Have

• Self-motivated, curious, can learn on your own with little guidance and oversight
• A good communicator, verbally and in writing
• Strong analytical skills with a structured problem-solving approach

Your Experience Includes

• Bachelors degree in computer science, Information Systems, or related field
• At least 3 years of experience in application security, with a focus on manual penetration testing and security testing tools
• Experience working with security tools such as Burp Suite, Snyk, and Qualys
• Good understanding of network protocols
• Knowledge of security concepts such as network security, access controls, encryption, and vulnerability management
• Strong understanding of web application security concepts, OWASP Top 10, SANS Top 25, OWASP API Top 10 and security standards such as PCI-DSS and ISO 27001
• Knowledge of scripting languages such as Python and BASH is beneficial
• Strong interpersonal and communication skills, with the ability to explain technical security concepts to non-technical stakeholders
• Self-motivated, with the ability to work as part of a team
• Demonstrated creativity in complex problem solving and ability to work under pressure

Benefits

• As an employee at OneTrust , you will be part of the OneTeam

• That means you'll receive support physically, mentally, and emotionally so that you can do your best work both in and out of the office
• This includes comprehensive healthcare coverage, remote or hybrid workplace flexibility, flexible PTO, equity stock options, annual performance bonus opportunities, retirement account support, 14+ weeks of paid parental leave, career development opportunities, company-paid privacy certification exam fees, and much more
• Specific benefits differ by country

Job tags

Salary