10.0 - 14.0 years

0 Lacs

karnataka

On-site

As a Staff Security Engineer at Loco, you will play a crucial role in developing the company's security strategy, enhancing threat visibility, and proactively hunting for adversaries. Your primary responsibilities will include analyzing security signals, devising innovative techniques to detect and mitigate threats, and collaborating with security researchers to validate and implement findings into real-world detection rules and playbooks. You will be tasked with building and optimizing security tools to detect and prevent malicious activities, analyzing threat feeds, IOCs, and TTPs to stay ahead of emerging threats, and integrating intelligence into security operations. Additionally, you will be expected to automate threat detection workflows using Python, Golang, or cloud-based automation tools and participate in industry working groups and standards initiatives such as the Cloud Security Alliance. To qualify for this role, you should have 10-12 years of experience in security engineering, with a focus on application and infrastructure security in AWS, Azure, or GCP environments. You should also possess 3-5 years of experience in protocol-level debugging using tools like Wireshark, tcpdump, nmap, netcat, mitmproxy, and censorship-resistant tunnels like Shadowsocks, WireGuard, and V2Ray. A deep understanding of Threat Modeling, Certificate Management, and Deep Packet Inspection techniques is essential, along with a strong grasp of TLS, DNS, Network protocols, and Proxy protocols like SOCKS5 and TLS Tunneling. Proficiency in Python 3.7 or above is a must. Candidates with relevant certifications such as GWAPT, OffSec's Advanced Web Attacks and Exploitation (WEB-300), a strong understanding of SSO protocols like OIDC, OAuth 2.0, and SAML, and active participation in security meetups, conferences, and bug bounty programs will be given bonus points. Join Loco and contribute your expertise to the dynamic field of security engineering under the guidance of Abin Chandra.,

Posted 1 week ago

Apply

Senior Security Engineer Uplers

3.0 - 5.0 years

10 - 20 Lacs

Bengaluru

Work from Office

Shift: (GMT+05:30) Asia/Kolkata (IST) What do you need for this opportunity Must have skills required: Frida, Ghidra, Reverse Engineering Anakin (YC S21) is Looking for: About the Role: Were looking for an experienced engineer to help us understand and interact with web and mobile application APIs in a structured and compliant manner. This includes analyzing how apps and websites generate secure API requests, inspecting native/mobile code, and building reliable systems for data extraction, strictly in accordance with terms of service. Key Responsibilities: Analyze Android apps (Java/Kotlin/native code) to understand API flows and request signing mechanisms. Study browser and JavaScript behavior to understand how websites structure and secure their API calls. Investigate how common client-side security mechanisms (e.g., token generation, header signing, session validation) are implemented. Build tools or automation scripts to replicate legitimate client behavior in a compliant and respectful manner. Collaborate with internal teams to integrate and maintain data extraction systems responsibly. Must-Have Skills: Experience in reverse engineering Android apps (APK analysis, native code inspection). Deep understanding of web technologies, JavaScript execution, and HTTP protocol. Familiarity with client-side security implementations such as token generation, obfuscation, and API protection. Must have a solid understanding of JWT, JWE, cookies, and session management in web and mobile applications. Hands-on experience with tools like Frida, mitmproxy, Burp Suite, Wireshark, Ghidra/IDA Pro or similar. Strong scripting skills (Python, Node.js, etc.). Nice-to-Have: Background in security engineering, penetration testing, or application security research. Familiarity with CAPTCHA handling methods and automation frameworks (e.g., Puppeteer, Playwright). Experience with mobile app instrumentation (NDK, JNI). Experience working with large-scale distributed systems, as it helps in building scalable and resilient data extraction infrastructure.

Posted 1 month ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.