Job Role : - Application & infra Security with Red Teaming Skills Grade : - Deputy Manager Job Description : - Good understanding of Web-Application Security Testing, Infra Vulnerability Assessment, Penetration Testing and Generating Reports. At least 3+ years of hands on experience on conducting application security & Red teaming exercise. Good understanding of security solution such as firewall, DDOS, IPS, AD, WAF. Capable of working in a dynamic environment, multi-department coordination and attaining the target. Ability to handle multiple priorities. A proactive learner with a flair for adopting emerging trends and addressing industry requirements to achieve organizational objectives. Provide active participation in Defining Red team assessment program. Good communication & Mail drafting skills Monitor, report status and escalate issues or risks within the plan; internal metrics to include: actual vs. Planned, accuracy of testing. Conduct independent assessment with the help of external red teaming vendors. Primary Skills : - CEH, OWASP, Certified Expert penetration tester (CEPT), Certified Cloud pentation tester (CEPT) or other relevant Information security certifications/skillsets. No. of years’ experience : - 3+ year of experience Job Location : - Mumbai
Overview: As a Software Composition Analysis (SCA) Engineer, you will be responsible for ensuring the security, compliance, and integrity of all software components used in our projects. You will identify and address vulnerabilities, enforce licensing rules, and promote secure development practices across our technology stack. Work Experience: 1 - 3 Years Job Location: Mumbai What You Will Do: Component Security Analysis: Use SCA tools to scan software codebases including both in-house and third-party/open-source components for vulnerabilities and security risks. Vulnerability Assessment: Analyse scan results to determine the severity and urgency of each issue and prioritize fixes. License Compliance: Check all software components for compliance with licensing agreements. Advise teams on licensing implications to avoid legal risks. SBOM Management: Maintain an accurate Software Bill of Materials (SBOM), tracking all components, versions, and dependencies. Collaboration: Work closely with developers to communicate findings, suggest secure alternatives, and assist with remediation. Remediation Tracking: Follow up to ensure vulnerabilities are fixed and verify resolutions with follow-up scans. Reporting & Documentation: Document all findings, actions, and compliance status. Prepare clear reports for both technical and non-technical stakeholders. Continuous Learning: Stay current with the latest trends in software security, open-source risks, and regulatory requirements. Training & Improvement: Participate in security meetings and training sessions. Help improve SCA processes and tools based on industry best practices. Cross-Functional Coordination: Partner with compliance and legal teams to ensure all software meets regulatory and legal standards. Key Skills We’re Looking For Analytical Skills: Strong ability to analyse, prioritize, and solve complex security issues. SCA Tools: Hands-on experience with software composition analysis tools and methodologies. DevSecOps: Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. Compliance Knowledge: Understanding of regulatory standards such as GDPR, PCI DSS, and others relevant to software development. Open-Source Awareness: Basic knowledge of open-source software, including licensing and compliance considerations. Communication: Excellent ability to explain technical issues and collaborate with developers, security, and legal teams. Organization: Capable of managing multiple tasks and adapting to a fast-paced environment. Required Qualifications Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: 1–3 years in software development, application security, or a closely related area. Certification: Certified Ethical Hacker (CEH) certification is required. Join our team and contribute to building secure and compliant software solutions through effective Software Composition Analysis!
As a Deputy Manager specializing in Application & Infrastructure Security with Red Teaming Skills, you will be responsible for conducting Web-Application Security Testing, Infrastructure Vulnerability Assessment, Penetration Testing, and generating detailed reports. With a minimum of 2-3 years of hands-on experience in application security and Red teaming exercises, you are expected to possess a strong understanding of security solutions including firewall, DDOS, IPS, AD, and WAF. Your role will involve thriving in a dynamic work environment that requires multi-department coordination to achieve targeted outcomes. You should have the ability to manage multiple priorities efficiently and demonstrate a proactive approach towards learning and implementing emerging trends to meet industry demands and organizational objectives. Furthermore, you will actively contribute to defining the Red team assessment program, possess excellent communication and email drafting skills, and be adept at monitoring, reporting status, and escalating any issues or risks within the plan. Your responsibilities will also include conducting independent assessments with the assistance of external red teaming vendors. To excel in this role, you should hold primary skills in CEH, OWASP, Certified Expert Penetration Tester (CEPT), Certified Cloud Penetration Tester (CEPT), or other relevant Information Security certifications/skillsets. The ideal candidate for this position should have 2 to 3 years of relevant experience in the field. This position is based in Mumbai, offering a challenging yet rewarding opportunity for individuals with a passion for enhancing cybersecurity measures and ensuring the protection of critical assets.,