Application Security Engineer
Hyderabad, India
About Us
Headquartered in Silicon Valley, with offices located worldwide, OpsRamp is a modern SaaS platform company that’s just entered its next stage of growth with new investment from Morgan Stanley, HPE, and Sapphire Ventures. We’re disrupting the $28 billion-dollar market of IT operations management, fundamentally changing how IT teams support the business through infrastructure management.
As one of Forbes’ Top Cloud Computing Companies to Work For, our mission is to simplify and transform IT operations. OpsRamp is an IT operations management (ITOM) platform that allows enterprise IT teams and managed service providers to control the chaos of modern digital infrastructure. We do this through hybrid discovery and monitoring, event and incident management, remediation, and automation, powered by AI. We help our enterprise and MSP customers avoid costly outages and performance issues that result in lost revenue and productivity.
It’s truly the dawn of a new era for a major market, and we’re in the center of it. Are you ready to join the future of IT operations?
Requirements
Requirements
Required Experience – 5 -10 years
• Strong knowledge of the OWASP Top 10, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Insecure Direct Object reference, Click jacking, buffer overflows, etc.
• Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, APIs, DAST, SASTetc.
• Should have performed manual mobile application penetration testing on platforms like Android, IOS, etc – both client and server-side applications.
• Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
• Should have good understanding of web application architecture and Secure development life cycle (SDLC) and Experience in Java web application development.
• Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burp suite Pro, etc) is desirable.
• Should have Prepared audit reports and findings tracker sheets for applications.
• Should be used to researching the latest security best practices, reading up on new threats and vulnerabilities and disseminate this information within the team as well as the organization.
• Perform Black-Box / Grey Box External Network VA/PT assessments following structured phases.
- SOC2 type 2, ISO27001, PCI-DSS.
- Experience in security automation and security review in cloud infrastructure. Aws, azure.
- Certification: OSCP (preferred) , CEH , Security+, CCNA security ...etc
Good to Have:
1. Knowledge on Cloud & Kubernetes Security2. Certification if any3. Source code review.4. Knowledge on scripting.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android APIs Application security Automation AWS Azure Burp Suite CEH Cloud CSRF CVSS DAST iOS ISO 27001 Java Kubernetes Monitoring OSCP OWASP Pentesting SaaS SANS Scripting SDLC SOC 2 SQL SQL injection Vulnerabilities XSS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs