Security Engineer II
Bengaluru/Mumbai
Upstox
Start Trading in Share Market, SIP, IPOs, Mutual Fund, Indices and Commodity at Upstox.com with hassle free process. We provide real time BSE, NSE, MCX, and NCDEX live price and market updates. Trade Now!
Upstox is one of India's leading Fin-Tech companies with a mission to simplify trading & investing to make it easily accessible to the masses. From new investors to seasoned traders, we aim to enable everyone to invest across multiple categories with our state-of-the-art trade & investment platform and commission-free pricing. We offer numerous asset categories to invest in, like Stocks, Digital Gold, IPOs, Mutual Funds, and more.By focusing on our customers’ needs and equipping them with personalized yet powerful tools, we witnessed a steep growth of 800% in our customer base from 25 Thousand in 2017 to 2 Lakh in 2019. With 1500% growth in 2020, currently, over 4 million customers trust us with their investment decisions, thus setting us on the course to become an industry leader in the country. The company was founded in 2009 by Ravi Kumar and Shrinivas Viswanath, and in 2016 Kavitha Subramanian joined as the third co-founder. Backed by Ratan Tata, we raised $4 million in Series A funding (2016) led by Kalaari Capital. In 2019, US-based investment firm Tiger Global Management invested $25 million in a Series B funding round.
Visit our Linkedin page to learn more about us.
Role: Security Engineer - II
Responsibilities:
1) Design, develop, and maintain tools and web applications to automate security tasks and enhance security measures across the organization.2) Develop and integrate security automation tools and processes into the CI/CD pipeline to ensure continuous security testing and compliance.3) Create threat models to identify risks and implement controls to mitigate those risks.4) Conduct security architecture and design reviews to identify and resolve issues in applications and infrastructure.5) Develop and maintain security testing plans.6) Review source code to identify potential security vulnerabilities.7) Perform vulnerability assessments, penetration testing, and prioritize the identified vulnerabilities.8) Develop proof of concept (PoC) exploits for vulnerabilities and collaborate with the engineering team to address them.9) Solve complex vulnerabilities, such as business logic flaws, and communicate solutions to both technical and non-technical stakeholders.10) Build and maintain strong relationships with key stakeholders and business partners.
Required skills and experience:
1) 3 to 6 years of experience in Application Security with hands-on technical skills.2) Strong understanding of web application security threats, exploits, and prevention techniques (SQL Injection, XSS, CSRF, etc.).3) Proficiency in programming languages like Python, Go, or NodeJs, with experience in building security tools.4) Experience with Kubernetes (K8s), cloud security, WAF, Bot manager, and securing web/mobile applications.5) Implemented cryptographic controls to protect sensitive data and integrated SAST controls in CI/CD pipelines.6) Familiar with Red team exercises, threat hunting, and OSINT practices.7) Experience in mobile security testing, with knowledge of Selenium and Appium being an advantage.8) Ability to estimate effort, meet deadlines, and communicate effectively.9) Proven ability to influence others without direct authority.10) Experience in Financial Services or Fintech is a plus, with a hands-on, problem-solving attitude.Upstox is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other characteristics.
Visit our Linkedin page to learn more about us.
Role: Security Engineer - II
Responsibilities:
1) Design, develop, and maintain tools and web applications to automate security tasks and enhance security measures across the organization.2) Develop and integrate security automation tools and processes into the CI/CD pipeline to ensure continuous security testing and compliance.3) Create threat models to identify risks and implement controls to mitigate those risks.4) Conduct security architecture and design reviews to identify and resolve issues in applications and infrastructure.5) Develop and maintain security testing plans.6) Review source code to identify potential security vulnerabilities.7) Perform vulnerability assessments, penetration testing, and prioritize the identified vulnerabilities.8) Develop proof of concept (PoC) exploits for vulnerabilities and collaborate with the engineering team to address them.9) Solve complex vulnerabilities, such as business logic flaws, and communicate solutions to both technical and non-technical stakeholders.10) Build and maintain strong relationships with key stakeholders and business partners.
Required skills and experience:
1) 3 to 6 years of experience in Application Security with hands-on technical skills.2) Strong understanding of web application security threats, exploits, and prevention techniques (SQL Injection, XSS, CSRF, etc.).3) Proficiency in programming languages like Python, Go, or NodeJs, with experience in building security tools.4) Experience with Kubernetes (K8s), cloud security, WAF, Bot manager, and securing web/mobile applications.5) Implemented cryptographic controls to protect sensitive data and integrated SAST controls in CI/CD pipelines.6) Familiar with Red team exercises, threat hunting, and OSINT practices.7) Experience in mobile security testing, with knowledge of Selenium and Appium being an advantage.8) Ability to estimate effort, meet deadlines, and communicate effectively.9) Proven ability to influence others without direct authority.10) Experience in Financial Services or Fintech is a plus, with a hands-on, problem-solving attitude.Upstox is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other characteristics.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Security Engineering Jobs
Tags: Application security Automation CI/CD Cloud Compliance CSRF Exploits FinTech Kubernetes Mobile security Node.js OSINT Pentesting Python Red team SAST Selenium SQL SQL injection Vulnerabilities XSS
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsCyber Security Specialist jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSystems Engineer jobsSystems Administrator jobsIT Security Analyst jobsSenior Product Security Engineer jobsCloud Security Architect jobsPrincipal Security Engineer jobsStaff Security Engineer jobsCyber Security Architect jobsSecurity Operations Analyst jobs
Kubernetes jobsForensics jobsCI/CD jobsEncryption jobsSaaS jobsSDLC jobsIDS jobsEDR jobsSplunk jobsIPS jobsBash jobsRMF jobsOWASP jobsTop Secret jobsIntrusion detection jobsSQL jobsCompTIA jobsFinance jobsThreat detection jobsDocker jobsITIL jobsDoDD 8570 jobsCRISC jobsActive Directory jobsOSCP jobs
VPN jobsBanking jobsGIAC jobsTCP/IP jobsUNIX jobsHIPAA jobsSANS jobsClearance Required jobsTerraform jobsMITRE ATT&CK jobsSOX jobsSOC 2 jobsIT infrastructure jobsCISO jobsIndustrial jobsCCSP jobsJavaScript jobsDNS jobsData Analytics jobsSOAR jobsPolygraph jobsCryptography jobsJira jobsAnsible jobsCyber defense jobs