Location
Bangalore | India
Job description
As a Product Security Analyst, you will ensure the security and protection of our companys applications and systems . You will work closely with our development teams to provide support on remediating vulnerabilities and to assess the security of new and existing applications. This is a critical role that is responsible for ensuring the security and integrity of our companys applications and systems.
Â
Your Mission
- Develop and maintain security testing plans
- Execute and automate application testing using scripts, as well as open source and professional tools
- Generate clear reports that outline the flaws detected during application testing
- Conduct Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA) to identify vulnerabilities and security risks in the Software Development Life Cycle (SDLC)
- Collaborate with development teams to remediate vulnerabilities, implement security improvements, and to integrate security into the Software Development Life Cycle (SDLC)
- Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
- Maintain security documentation, including standards and procedures
You Are/Have
- Self-motivated, curious, can learn on your own with little guidance and oversight
- A good communicator, verbally and in writing
- Strong analytical skills with a structured problem-solving approach
Your Experience Includes
- Bachelors degree in computer science, Information Systems, or related field
- At least 3 years of experience in application security, with a focus on manual penetration testing and security testing tools
- Experience working with security tools such as Burp Suite, Snyk, and Qualys
- Good understanding of network protocols
- Knowledge of security concepts such as network security, access controls, encryption, and vulnerability management
- Strong understanding of web application security concepts, OWASP Top 10, SANS Top 25, OWASP API Top 10 and security standards such as PCI-DSS and ISO 27001
- Knowledge of scripting languages such as Python and BASH is beneficial
- Strong interpersonal and communication skills, with the ability to explain technical security concepts to non-technical stakeholders
- Self-motivated, with the ability to work as part of a team
- Demonstrated creativity in complex problem solving and ability to work under pressure
Benefits
Job tags
Salary