1. Assist in performing White-Box, and Grey-Box penetration testing of internally developed applications, cloud infrastructures, and APIs under guidance of senior team members.

2. Conduct security risk assessments and provide vulnerability remediation guidance to product development software engineers.

3. Support holistic assessments of security layers across infrastructure, application, people, and process.

4. Collaborate with product managers, designers, and engineers to participate in threat modeling and architecting secure systems.

5. Assist in promoting security remediations in the CI/CD pipeline by contributing to tools and services for engineers to consume.

6. Help maintain the platform that ensures software development is safe, easy, and low-risk.

7. Analyze source code for potential security vulnerabilities using SAST/DAST tools and manual review techniques.

8. Participate in security incident response, assist in investigating security breaches and vulnerabilities, and support remediation plan development. 9. Support the design, implementation, and maintenance of cloud security measures to protect the organizations cloud infrastructure, platforms, and software.

10. Learn and contribute to automation in security assessment processes.

11. Gain hands-on experience in threat detection and incident response activities.

12. Hands on knowledge in threat modelling and Penetration testing

Requirements:

1. Bachelors degree in any field but active in bugbounty

2. 2+ years of experience in network/application/api penetration testing.

3. Intermediate experience in cloud environments, especially AWS. Exposure to cloud penetration testing is desirable.

4. Demonstrated experience in application security or related roles, with understanding of software development practices and methodologies.

5. Working knowledge of web application/API/mobile application vulnerabilities, secure coding practices, and common attack techniques (OWASP Top 10, API Security Top 10).

6. Security Tools: Hands-on experience with: a. Security assessment tools: Burp Suite, OWASP ZAP, Caido or similar tools b. Vulnerability scanners: Nessus, OpenVAS, Qualys, or equivalent c. Penetration testing frameworks and methodologies (OWASP, OSSTMM, PTES) d. Penetration testing distributions (Kali Linux, Parrot OS)

7. Programming & Scripting:Working knowledge of programming languages such as Python/Bash (Automation and Scripting)

8. Effective communication and interpersonal skills, with the ability to collaborate with cross-functional teams and explain security concepts to both technical and non-technical audiences

More Jobs at Reward360

Information Security Engineer

bengaluru

2.0 - 7.0 yrs

INR 4 - 9 Lacs

Information Security Engineer

bengaluru

3.0 - 8.0 yrs

INR 3 - 7 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

Reward360

Login to

Please Verify Your Phone or Email

Confirm Action

Information Security Engineer