Senior Application Security Engineer
Hyderabad, India
About Us
Headquartered in Silicon Valley, with offices located worldwide, OpsRamp is a modern SaaS platform company that’s just entered its next stage of growth with new investment from Morgan Stanley, HPE, and Sapphire Ventures. We’re disrupting the $28 billion-dollar market of IT operations management, fundamentally changing how IT teams support the business through infrastructure management.
As one of Forbes’ Top Cloud Computing Companies to Work For, our mission is to simplify and transform IT operations. OpsRamp is an IT operations management (ITOM) platform that allows enterprise IT teams and managed service providers to control the chaos of modern digital infrastructure. We do this through hybrid discovery and monitoring, event and incident management, remediation, and automation, powered by AI. We help our enterprise and MSP customers avoid costly outages and performance issues that result in lost revenue and productivity.
It’s truly the dawn of a new era for a major market, and we’re in the center of it. Are you ready to join the future of IT operations?
Requirements
Required Experience – 5 -10 years
• Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.
• Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, APIs, DAST, SASTetc.
• Should have performed manual mobile application penetration testing on platforms like Android, IOS, etc – both client and server-side applications.
• Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
• Should have good understanding of web application architecture and Secure development life cycle (SDLC) and Experience in Java web application development.
• Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
• Should have Prepared audit reports and findings tracker sheets for applications.
• Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
• Perform Black-Box / Grey Box External Network VA/PT assessments following structured phases.
- SOC2 type 2, ISO27001, PCI-DSS.
- Experience in security automation and security review in cloud infrastructure. Aws, azure.
- Certification: OSCP (preferred) , CEH , Security+, CCNA security ...etc
Good to Have:
1. Knowledge on Cloud & Kubernetes Security 2. Certification if any 3. Source code review. 4. Knowledge on scripting.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android APIs Application security Automation AWS Azure Burp Suite CEH Cloud CSRF CVSS DAST iOS ISO 27001 Java Kubernetes Monitoring OSCP OWASP Pentesting SaaS SANS Scripting SDLC SOC 2 SQL SQL injection Vulnerabilities XSS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs