Location
Bangalore | India
Job description
- Understand LCC airline site implementation and have the technical skill to decompose these systems using best suited approach for LCC content acquisition and integration.
- Develop programs that maximize LCC content acquisition, which includes addressing frequent changes on airline side, market specific changes to airlines (language, currency, website updates, mobile app updates, security updates etc).
- Improve time to market by building frameworks that optimize the content acquisition workflows and security challenges
- Be forward looking in identifying web content security trends and be abreast in identifying areas of risks that could potentially break the content acquisition strategy.
- Actively seek ways to improve the content acquisition methodology, including the technical debt and security orientation of the tools and infrastructures.
- Monitor continuously the health of the airline content portfolio and proactively identify the areas for improvement.
- Collaborate across geographically distributed sites and teams for increased problem solving and technology adoption in collaboration with your development peers.
Specific accountabilities :
Accountability / Business acumen
- Define and share the technical/functional team roadmap and vision according to the department/division/company objectives
- Report on team activities
- Be accountable for the performance and results of a unit within own discipline or function
- Develop plans and priorities to address resource and operational challenges
- Suggest alternatives / improvements / new techniques in processes, flows, operational models and plans
- Moderate budgetary impact on business
Decisions are guided by policies, procedures and business plan; receive guidance from senior manager
Required technical Skills/Abilities: -
- HTML / CSS / Web Application security
- Javascript browser apis and Node.js
- Mobile phone emulator or terminal development experience
- JavaScript obfuscation and strong JS challenge reverse engineering skills
- User-agent string knowledge
- Browser/mobile fingerprinting evasion knowledge
- Strong knowledge of TCPIP and DHCP/DNS and vpn/proxies/proxy-chains
- Exposure to Captcha, Akamai, Distill, Imperva, Bot detection and mitigation
- Object oriented programming (Java / C++) or Python
- Experience with User Behavior mimicking
- Well versed in OWASP cheat sheets
- Experience with red/blue teaming
- Expertise in user-agent, referrer, security response headers and session control
- Knowledge of Chromium headless driven by Selenium, Puppeteer or Playwright
- (Optional) Some experience with penetration testing WebApps
Required non-technical Skills/Abilities:
- Excellent verbal and written communication skills.
- Excellent problem-solving skills and attention to detail, analytical thinking
- Interest and experience in Capture the Flag (CTF) competitions
- Passionate about ethical hacking and breaking web code and security controls
- Team player and Accountable for self and team level tasks
Education Certificates and Experience
- Years of experience: 8 to 11 years
- Education: University degree in Computer Science or related field, or equivalent work experience or courses in infosec or appsec as part of studies
- Desired AppSec certificate such as CEH, GWAPT
Job tags
Salary
