software development engineer ii - application security

Bengaluru, Mumbai full-time

Job description

The job involves designing, developing, and maintaining security tools, integrating them into the CI/CD pipeline, performing security reviews and assessments, and resolving vulnerabilities. Required skills include a strong understanding of web application security threats, proficiency in languages like Python or NodeJs, experience with Kubernetes and cloud security, along with a hands-on, problem-solving attitude.

Responsibility

  • Design, develop, and maintain security tools and web applications.
  • Develop and integrate security automation tools into the CI/CD pipeline.
  • Create threat models to identify and mitigate risks.
  • Conduct security architecture and design reviews.
  • Review source code to identify potential security vulnerabilities.
  • Perform vulnerability assessments and prioritize identified vulnerabilities.
  • Develop PoC exploits and collaborate with the engineering team.
  • Solve complex vulnerabilities and communicate solutions.
  • Build and maintain strong stakeholder relationships.

Qualifications

  • 3 to 6 years of experience in Application Security with hands-on technical skills.
  • Strong understanding of web application security threats, exploits, and prevention techniques.
  • Proficiency in programming languages like Python, Go, or NodeJs.
  • Experience with Kubernetes, cloud security, WAF, Bot manager.
  • Implemented cryptographic controls and integrated SAST controls in CI/CD.
  • Familiar with Red team exercises, threat hunting, and OSINT practices.
  • Experience in mobile security testing, with knowledge of Selenium and Appium.

Job Summary

Sign in to Apply

Last Seen: 2024-12-09

Job Type: full-time

Location: Bengaluru, Mumbai

First Seen: 2024-09-23

Company Summary

Upstox is a fast-growing Indian online stock trading platform, offering equities, commodities, currency, and mutual fund investments. Backed by marquee investors, it's known for its user-friendly interface, low-cost model, and being a reliable choice for tech-savvy traders seeking efficient financial market access.