Senior Information Security Analyst
Hyderabad
Applications have closed
Gainsight™ is a venture-backed, fast-growing tech company revolutionizing Customer Success for businesses. The Customer Success company helps businesses grow faster by reducing churn, increasing upsell, and driving customer advocacy. Gainsight provides a complete, end-to-end Customer Success solution through its services and technology. The industry-leading platform helps companies manage customer relationships effectively, track customer health, and transform the way organizations orient around the customer. Gainsight is the platform of choice for many leading companies like Box, Adobe, and Workday. The company has been recognized as one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and as one of 20 Great Workplaces in Tech by Fortune Magazine. Gainsight’s CEO, Nick Mehta, has been recognized as one of the Top SaaS CEOs in America. Gainsight India has also been certified as one of the Great Places to Work. The company has offices in California, Phoenix, St. Louis, London, Israel, and India.
About The Job Role
The Senior Information Security Analyst will drive the Product security track of world-class products for Gainsight, a growing Software as a Service innovator which takes Security seriously. This role will own the security posture of features being developed across the technology stack. This role is key to security since it encompasses activities such as code review, architecture/design reviews, testing vulnerabilities, threat modeling, technology/third-party library risks, liaising with Engineering on secure design patterns, and consulting with product teams on remediation patterns. The role takes pride in driving product security across Engineering by closely interacting with the Architecture Council and Security world. This role will report to the Product Security Manager and is based out of Hyderabad, India.
What You’ll Do Here
- Perform secure design and/or code reviews for vulnerabilities.
- Understand product in and out for finding design, functional, and technical security vulnerabilities.
- Champion application security paradigms and help implement remediations.
- Review scan results and advise appropriate remediations.
- Perform code release reviews for new changes being introduced for vulnerabilities.
- Understand and keep in sync with evolving production cloud configuration, application configuration, technology standards, and frameworks.
- Use industry-leading tools for validating application security issues, and drive adoption of those tools.
- Enable production releases of Gainsight’s industry-leading SaaS product by reviewing releases, with coaching, for security issues and signing off on releases as appropriate.
- Perform Proof of Concepts for new technology proposals for security posture.
- Consult with the Product organization spread across several teams for secure product development, review of their security concerns/remediation.
- Improve DevSecOps posture by incrementally automating and adopting seamless functions on SAST and DAST within deployment pipelines by working with release teams.
- Lead the organization in setting standards, procedures, and processes around Product Security with Engineering.
- Drive security culture with Engineering and own product security functions.
What We’re Looking For
- 5-8 years of hands-on experience in Product security functions.
- Minimum 2-3 years of hands-on experience in coding or product development across any technology stack.
- Solid expertise in application security including OWASP Top 10 and appropriate processes for signing off releases/features using industry known appsec tools.
- Hands-on experience performing Vulnerability Assessment on applications and cloud infrastructure by clearly understanding the business and threat landscape across the industry.
- Demonstrated expertise in identifying security vulnerabilities using leading tools either using SAST, DAST or IAST.
- Prior experience in Threat modeling is preferred.
- Understanding of network and security analysis tools, penetration testing, firewalls, VPCs, VPNs is desirable.
- At least one industry certification: CEH, GSEC, CompTia Security+, CISSP, ECSA or OSCP.
- Nice to have skills: AWS Cloud security, TOGAF or Java Certified Professional.
Why You’ll Love It Here
- Our Attitude: We’ve created a new industry from scratch, and we’re on the fast track!
- Our Leadership: We offer the leading tech solution for driving Customer Success.
- Our ROI: Reduce customer churn, increase up-sell, and improve customer satisfaction.
- Our Technology: Deep Salesforce.com hooks, predictive analytics, and highly scalable product with a beautiful user interface.
- Our Impact: We help our customers make millions of dollars more per year.
- Our Clients: Big companies like Box, Adobe, Marketo, and many others.
- Our Team: Tech all-stars from Facebook, Box, and others (and top consulting firms like BCG and McKinsey!).
- Our Values: They are unique - Golden Rule, Success for All, Childlike Joy, Shoshin, and Stay Thirsty, My Friends.
- Our Office: If you showed up one day, you might find anything from karaoke performances to mini-golf championships.
Here are our 5 core values:
- Golden Rule: We believe in trusting each other, and our community by exercising reliability.
- Success for All: We believe that success for our stakeholders comes with making a difference in each other’s lives.
- Child-like Joy: We aspire to experience passion, optimism, and laughter in everything we do.
- Shoshin: We believe in a beginner’s mind, and that learning comes from everywhere.
- Stay Thirsty, My Friends: We believe in an internally-driven strive for greatness.
Individuals seeking employment at Gainsight are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Application security AWS CEH CISSP Cloud CompTIA DAST DevSecOps ECSA Firewalls GSEC Java OSCP OWASP Pentesting Product security SaaS SAST Security analysis TOGAF VPN Vulnerabilities
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs