EdgeVerve
Location
Bangalore | India
Job description
Edgeverve is a subsidiary of Infosys Ltd, specializing in Products. You will get an opportunity to work with a motivated team of individuals that cater to critical areas of security like product security, Cloud security, Mobile security and Enterprise security. You will be overseeing effective vulnerability assessment, penetration testing of products catering to financial domain products, being a part of team responsible for secure architecture and design of products, secure deployment architectures and production operations and integrations. You will be responsible for the right security postures and standard processes on public and private cloud deployments of cloud-native products.
Responsibilities:
Up to date knowledge of emerging threats like various DDoS, ransomware attacks, identity and session hijacking, supply chain attacks and various emerging approaches to counter these effectively
Knowledge of various security assessments, vulnerability assessments and penetration tests on a wide variety of high critical web applications.
Understanding of SAST, DAST, ability to analyze security issues and suggest remediations.
Perform web services and API security assessments, Analysis and assessments of Identity and Token authentication and authorization mechanisms.
Analysis and assessment of cryptography implementations and key management and rotation
Ability to deep dive under an existing implementation and assess it thoroughly
Ability to truly validate the intricacies, pitfalls and common implementation gotchas and detect it effectively and ensure correct remediation
Requirements:
Thorough understanding of TLS 1.2, TLS 1.3 and public + symmetric key cryptography Knowledge of various security tools like Burp suite, Nmap, ZAP, Blackduck Hub,
Knowledge and experience of NVD and CVE/CWEs, FOSS CVE tracking, zero-day and other exploits and the process of publishing, reporting and assessing vulnerabilities and their impact
Knowledge and experience in implementation of OWASP-Top10, SANS-Top25, BDH, Palo Alto advisories
Knowledge of secure implementations on public and private Clouds like AWS, Azure, GCP, Openshift, VMWare
Experience:
6-15 years of production/cloud security experience in Financial domain and product security
Job tags
Salary
