Information Security Analyst III
Bengaluru, Karnataka, India
Netskope
Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security.
Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events (pre and hopefully post-Covid) and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.
Role: Information Security Analyst III
Job Overview
Netskope Global Information Security organization is looking for a senior security analyst to be part of the application security team. This position will be responsible for implementing and automating security controls in different phases of the software development process and be a SME for DevSecOps functions.
Roles & Responsibilities
- Collaborate with engineering, operations, and security teams to design, implement, automate and maintain an effective application security program
- Implement, triage security vulnerabilities and automate security controls like SAST, DAST, SCA and IaC
- Analyze security vulnerabilities pertaining to DevOps platforms like GitHub Action, Drone, Jenkins, Spinnaker
- Develop the security best practices, standards and guidelines for engineering teams across different technologies and provide support in implementing them
- Develop security controls and process to be implemented as self-service and work with different stakeholders for implementation
- Develop and automate day-to-day operational tasks and deployment methods
- Support red team in performing security assessment of, but not limited to, web & mobile application, containers, k8s, thick client, cloud environments
Qualifications/Requirements
- 6+ years experience in application security and DevSecOps domain in product based organization
- Proven experience in security engineering and DevSecOps functions, building and managing security solutions across the stack
- Understanding of overall software development process and implementation of security controls in CICD pipeline
- Understanding of DevOps controls, process & technologies and security vulnerabilities pertaining to them
- Expertise in automating complex day-to-day operational tasks using Python or any other scripting language
- Knowledge of OWASP Web and Mobile Top 10 vulnerabilities, identifying, exploiting and remediating them
- Excellent written and verbal communication skills.
- Self-motivated, curious, knowledgeable pertaining to news and current events
#LI-SK1
Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate.
Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Cloud DAST DevOps DevSecOps GitHub Jenkins Kubernetes OWASP Privacy Python Red team SAST Scripting Security assessment Vulnerabilities
Perks/benefits: Career development Team events Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs