Senior Information Security Analyst

Hyderabad

Applications have closed

Gainsight™ is a venture-backed, fast-growing tech company revolutionizing Customer Success for businesses. The Customer Success company helps businesses grow faster by reducing churn, increasing upsell, and driving customer advocacy. Gainsight provides a complete, end-to-end Customer Success solution through its services and technology. The industry-leading platform helps companies manage customer relationships effectively, track customer health, and transform the way organizations orient around the customer. Gainsight is the platform of choice for many leading companies like Box, Adobe, and Workday. The company has been recognized as one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and as one of 20 Great Workplaces in Tech by Fortune Magazine. Gainsight’s CEO, Nick Mehta, has been recognized as one of the Top SaaS CEOs in America. Gainsight India has also been certified as one of the Great Places to Work. The company has offices in California, Phoenix, St. Louis, London, Israel, and India.

About The Job Role

The Senior Information Security Analyst will drive the Product security track of world-class products for Gainsight, a growing Software as a Service innovator which takes Security seriously.  This role will own the security posture of features being developed across the technology stack. This role is key to security since it encompasses activities such as code review, architecture/design reviews, testing vulnerabilities, threat modeling, technology/third-party library risks, liaising with Engineering on secure design patterns, and consulting with product teams on remediation patterns.  The role takes pride in driving product security across Engineering by closely interacting with the Architecture Council and Security world. This role will report to the Product Security Manager and is based out of Hyderabad, India.

What You’ll Do Here

  • Perform secure design and/or code reviews for vulnerabilities. 
  • Understand product in and out for finding design, functional, and technical security vulnerabilities.
  • Champion application security paradigms and help implement remediations.
  • Review scan results and advise appropriate remediations.
  • Perform code release reviews for new changes being introduced for vulnerabilities.
  • Understand and keep in sync with evolving production cloud configuration, application configuration, technology standards, and frameworks.  
  • Use industry-leading tools for validating application security issues, and drive adoption of those tools.
  • Enable production releases of Gainsight’s industry-leading SaaS product by reviewing releases, with coaching, for security issues and signing off on releases as appropriate.  
  • Perform Proof of Concepts for new technology proposals for security posture.
  • Consult with the Product organization spread across several teams for secure product development, review of their security concerns/remediation.
  • Improve DevSecOps posture by incrementally automating and adopting seamless functions on SAST and DAST within deployment pipelines by working with release teams.
  • Lead the organization in setting standards, procedures, and processes around Product Security with Engineering.
  • Drive security culture with Engineering and own product security functions.

What We’re Looking For

  • 5-8 years of hands-on experience in Product security functions.
  • Minimum 2-3 years of hands-on experience in coding or product development across any technology stack.
  • Solid expertise in application security including OWASP Top 10 and appropriate processes for signing off releases/features using industry known appsec tools.  
  • Hands-on experience performing Vulnerability Assessment on applications and cloud infrastructure by clearly understanding the business and threat landscape across the industry.  
  • Demonstrated expertise in identifying security vulnerabilities using leading tools either using SAST, DAST or IAST.
  • Prior experience in Threat modeling is preferred.
  • Understanding of network and security analysis tools, penetration testing, firewalls, VPCs, VPNs is desirable.
  • At least one industry certification: CEH, GSEC, CompTia Security+, CISSP, ECSA or OSCP.  
  • Nice to have skills: AWS Cloud security, TOGAF or Java Certified Professional.

Why You’ll Love It Here

  • Our Attitude: We’ve created a new industry from scratch, and we’re on the fast track!
  • Our Leadership: We offer the leading tech solution for driving Customer Success.
  • Our ROI: Reduce customer churn, increase up-sell, and improve customer satisfaction.
  • Our Technology: Deep Salesforce.com hooks, predictive analytics, and highly scalable product with a beautiful user interface.
  • Our Impact: We help our customers make millions of dollars more per year.
  • Our Clients: Big companies like Box, Adobe, Marketo, and many others.
  • Our Team: Tech all-stars from Facebook, Box, and others (and top consulting firms like BCG and McKinsey!).
  • Our Values: They are unique - Golden Rule, Success for All, Childlike Joy, Shoshin, and Stay Thirsty, My Friends.
  • Our Office: If you showed up one day, you might find anything from karaoke performances to mini-golf championships.

Here are our 5 core values:

  • Golden Rule: We believe in trusting each other, and our community by exercising reliability.
  • Success for All: We believe that success for our stakeholders comes with making a difference in each other’s lives. 
  • Child-like Joy: We aspire to experience passion, optimism, and laughter in everything we do.
  • Shoshin: We believe in a beginner’s mind, and that learning comes from everywhere.
  • Stay Thirsty, My Friends: We believe in an internally-driven strive for greatness.  

Individuals seeking employment at Gainsight are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.

 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics Application security AWS CEH CISSP Cloud CompTIA DAST DevSecOps ECSA Firewalls GSEC Java OSCP OWASP Pentesting Product security SaaS SAST Security analysis TOGAF VPN Vulnerabilities

Perks/benefits: Career development Startup environment

Region: Asia/Pacific
Country: India
Job stats:  7  0  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.