Application Security Analyst
Pune
Applications have closed
AppDirect
AppDirect powers millions of cloud subscriptions worldwide with marketplace, billing, reseller, and distribution solutions.About the Team:
AppDirect is the leading cloud service marketplace company dedicated to revolutionizing the way businesses run. We offer a cloud service marketplace and management platform that enables companies to distribute web-based services. The global network of AppDirect-powered marketplaces allows businesses to find, buy, and manage the best applications the cloud has to offer.
With our award-winning platform, service providers can launch a state-of-the-art online application store within a matter of weeks, while developers can integrate once and make their software available across multiple marketplaces worldwide. Our products offer more advanced features and tools than any other competitive solution, putting AppDirect at the forefront of the rapidly evolving market for cloud services delivery. AppDirect powers the cloud marketplaces of trusted companies around the globe— Comcast, Staples, Deutsche Telekom, Vodafone, Telstra, Rackspace, Cloud Foundry, and more—and has helped to connect millions of companies with today’s leading web-based applications.
About You:
We’re looking for talented yet humble individuals who are smart, passionate and want to drive disruption in the Information security industry. If you thrive in a fast-paced, collaborative workplace, AppDirect provides an environment where you will be challenged and inspired every day. If you relish the freedom to bring creative, thoughtful solutions to the table that reflect your experience and personality, there's no limit to what you can accomplish here.
What you'll do and how you'll make an impact:
- Perform pen-testing and security reviews of AppDirect products and services
- Identify security gaps and vulnerabilities through SAST, DAST, SCA, penetration testing, code review.
- Ensure end-to-end security of AppDirect Marketplace by hands-on testing, hypothesizing threats, helping development teams remediating risks upfront, and championing secure implementation efforts
- Help Developers mitigate identified vulnerabilities by providing and/or implementing technical solutions.
- Organize CTFs & Hackathons for internal teams
- Manage bug bounty program
- Develop custom tools and automation that enable DevSecOps and SecOps.
- Proactively research the latest vulnerabilities and exploits
- Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals
What you'll need:
- 2-4 years of professional hands-on experience in application security
- Demonstrated experience in programming languages (e.g. Golang, Java, Python, and/or JavaScript) and development tools (e.g. Maven, Gradle, Jenkins)
- Experience reviewing code in any one language. (Node.js, Java, React, iOS and/or Android)
- Ability to successfully integrate security into a developers world
- Deep knowledge and experience in using SAST, DAST, IAST, SCA, and fuzz testing tools
- A strong foundation of security architecture, protocols, vulnerabilities, and countermeasures.
- Strong understanding of secure coding standards and security risks e.g. OWASP Top 10.
- Familiar with agile development processes and have experience integrating secure development practices into the agile model.
- Familiarity with cryptography primitives and fundamentals (e.g. SSL/TLS, PKI).
- Experience working with development, engineering, and architecture teams to ensure security best practices are followed.
- Ability to communicate effectively utilizing critical thinking skills, the ability to learn new concepts, and problem-solving as they arise.
- Self-motivated; able to work independently.
About AppDirect:
AppDirect is the only end-to-end commerce platform for selling, distributing, and managing cloud-based products and services to succeed in the digital economy. The AppDirect ecosystem connects channels, developers, and customers through its platform to simplify the digital supply chain by enabling the onboarding and sale of products with third-party services, for any channel, on any device, with support. Powering millions of cloud subscriptions worldwide, AppDirect helps organizations, including Jaguar Land Rover, Comcast, ADP, and Deutsche Telekom connect their customers to the solutions they need to reach their full potential in the digital economy.
We believe that the unique contributions of all AppDirectors are the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
At AppDirect we take privacy very seriously. For more information about our use and handling of personal data from job applicants, please read our Candidate Privacy Policy. For more information on our general privacy practices, please see AppDirect Privacy Notice: link: https://www.appdirect.com/about/privacy-notice
Tags: Agile Android Application security Automation Cloud Cryptography DAST DevSecOps Exploits Golang iOS Java JavaScript Node.js OWASP Pentesting PKI Privacy Python SAST SecOps TLS Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs