Lead Security Engineer

This role is for one of Weekday's clients
Salary range: Rs 1000000 - Rs 2000000 (ie INR 10-20 LPA)
Min Experience: 8 years
Location: Bangalore
JobType: full-time

Requirements

Key Responsibilities:

• Conduct vulnerability assessments and penetration testing across multiple platforms, including web applications, mobile applications, networks, and APIs.
• Perform secure code reviews to identify and mitigate security vulnerabilities in software.
• Develop detailed penetration testing reports, including findings, impact analysis, and actionable remediation recommendations.
• Continuously stay updated with emerging security trends, attack vectors, and mitigation techniques.
• Performing red teaming activities.
• Should be capable of understanding customer requirements for security testing.
• Capable of providing security solutions to the customer for complex security testing/risk requirements.
• Should be capable of handling escalations.
• Lead and mentor a team of security engineers.
• Drive upskilling initiatives, conduct training sessions, and enhance skill development.
• Manage resource allocation, project timelines, and overall team performance.
• Provide guidance on security-related issues and support developers during the mitigation process.
• Experience with any programming language is a plus.
• Having hands-on experience in manual secure code review is a plus.
   
  Requirements:
   
• Should have a minimum of 8 years or equivalent skills in the security domain.
• Conduct thorough penetration tests on web applications, mobile applications, and other systems to identify vulnerabilities and weaknesses.
• Experience in Network VAPT, Active Directory penetration testing.
• Perform in-depth assessments using both manual and automated testing methodologies.
• Proficient in mobile application penetration testing (android and iOS) and thick client.
• Experience in secure code review (manual and automated).
• Proficiency with penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, OWASP ZAP, etc.
• In-depth knowledge of OWASP Top 10, SANS Top 25, and other relevant security standards.
• Familiarity with scripting languages like Python, Bash, or PowerShell.
• Proven track record in team management, mentorship, and stakeholder engagement.
• Excellent analytical, problem-solving, and communication skills.

Note: Certified in any of these certifications - OSCP, OSWA, PNPT, eJPT, eCPPTv2, CRTP, CRTE, CRTO and any other relevant.