- Coordinate with various technology stakeholders to discuss identified vulnerabilities and assist the engineering team in planning for risk mitigation.

- Active participation in the planning and implementation of new security benchmarks across the organization.

- Understanding of CI/CD pipeline and associated technologies.

Requirements :

- Hands-on experience in DevSecOps and security automation.

- Experience working in collaboration with product managers and software engineering teams to improve security throughout the SDLC.

- Experience conducting application security reviews, API design, code reviews, root cause analysis, and system architecture.

- Experience working with modern cloud-based microservice architectures or cloud security(AWS)

- In-depth understanding of AWS security ecosystem, including IAM, Security Groups, NACL, CloudTrail, VPC flow log, CloudConfig, Encryption, Inspector, System Manager, etc.

- Kubernetes experience, especially Kubernetes security experience, is a huge plus.

- Good experience in conducting red teaming campaigns and code reviews.

- Good to have skills (AWS security, EDR, WAF, Security monitoring).

- Coordinate with the Software Development team and perform source code and architecture reviews to identify vulnerabilities.

- Strong communication skills and the ability to communicate ideas to both technical and non-technical people.

- Open to working on dynamic requirements along with pre-defined responsibilities within the information security group.

Desired Skills :

- 3-5 years of proven experience in Penetration Testing.

- Application threat modeling.

- CI/CD and DevSecOps experience.

- Cloud security assessment(AWS).

- Analytical and problem-solving abilities.