Security Engineer II- PenTester
Gurugram, Haryana, India
Junglee Games
Junglee Games provides the most thrilling, action-packed desktop and mobile games engineered by the world's best tech minds.As our Security Engineer II- PenTester you will be working on the following.
Responsibilities:
- Exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Web, iOS and Android
- Ability to flow from black box to grey box to white box tests.
- Ability to effectively work with the engineering teams to provide technical risk. Assessment of technologies in networks, applications, code reviews in the release management cycle.
- Ability to perform vulnerability assessments and penetration testing, utilizing tools – commercial and open source.
- Perform, review and analyze security vulnerability data to identify applicability and false-positives.
- Conduct penetration testing in line with Open Web Application Security Project (OWASP)
- Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
Requirements
- Engineering degree in computer science or related field. Masters degree is a plus
- 3-5 years Experience in Security Pen Testing methodologies including automated scans and manual methods
- At least one automated testing suite such as Burp, Nexpose, ZAP.
- Ability to grasp new technology concepts quickly
- Understanding of the following:
- Understanding of Web Servers and HTTP
- In-depth understanding of OWASP top 10 vulnerabilities
- Basic understanding of PHP, Javascript, Golang, Python
- TCP/IP networking including IP classes, subnets, NAT
- SSL Handshake and Certificates – Understanding
- DNS, and DHCP, Network troubleshooting
- Remote access methods
- Should be aware of the latest Major Application Zero-day vulnerabilities
- Should be able to understand security alerts and take necessary actions accordingly
- Good documentation and communication skills
- Ability to work in a team environment and interact with people
Good to Have Skills:
- Knowledge & Experience in automated solutions to help incorporate Security in all stages of the DevOps pipeline (app and infra). This includes (but is not limited to) SAST, DAST and Container Scanning.
- Experience with security issues in Cloud Technologies (AWS, GCP, Azure) is a plus
- Work directly with internal infrastructure teams (DevOps) to align and execute infrastructure changes to support the tools, apps and processes
- Experience with Docker and containerization technologies
- Understanding of cryptography primitives
- Hall of fame (Good to have)
About Junglee Games
Junglee Games is a leader in the skill-gaming space, with close to 75 million users. Founded in San Francisco in 2012, and part of the $30 Bn Flutter Entertainment Group, Junglee Games is the fastest-growing skill-gaming company in the world. Some of our notable games are Junglee Rummy, Howzat, Eatme.io and Solitaire Gold.
Since we were founded, we've drawn 500 of the world’s most talented people into our ranks. Our team has worked on international AAA titles like Transformers, Star Wars: The Old Republic, Real Steel, Rio, Mech Conquest, and Dueling Blades. Our designers have worked on some of Hollywood’s biggest hits including the movie Avatar.
Junglee is not just a gaming business - it is a blend of data science, innovation, cutting-edge technology and, most importantly, a values-driven culture that is creating the next set of conscious leaders. Junglee Games is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Application security AWS Azure Black box Cloud Computer Science Cryptography DAST DevOps DNS Docker Exploit GCP Golang iOS JavaScript Open Source OWASP Pentesting PHP Python Risk assessment SAST TCP/IP Vulnerabilities White box
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs