Security Controls Assessor - Part time & Remote
TestPros, Inc.
CloudCyber Security
Product Security Engineer
Greenlight Planet
full-time
Posted on:
Origin: • 🇮🇳 India
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudCyber Security
About the role
- Job location: Remote in India
- About the role:
- In this role, your principal mission will be to drive security-related engineering engagement and technical remediation across Sun King’s product lines. You will work across application security, architecture reviews, and cloud security to scale security engagement across Engineering. As a Product Security Engineer, you will leverage your software engineering skills and security expertise to raise the security bar across our infrastructure, mobile services, and web apps.
- Perform Application Security Reviews, including Penetration Testing and Code Reviews, on Mobile Applications, APIs, and web applications using OWASP standards.
- Identify security loopholes in product design through Threat Modeling.
- Deploy and manage security tool integration into the CI/CD pipeline.
- Perform SAST, DAST, and SCA scans using in-house preferred tools; review scan results for false positives and deliver findings to engineering teams.
- Lead product security efforts during security incident management and define post-incident remediation plans.
- Set up automated processes to monitor applications and systems for unusual activities (e.g., unauthorized access, modification, duplication, or destruction of information).
- Stay updated on the latest security vulnerabilities and trends.
Requirements
- 3–6 years of experience in penetration testing, code review, DevSecOps, and architecture design reviews.
- Minimum 3 years of experience in the application security domain.
- Proficient in identifying vulnerabilities, guiding remediation steps, and tracking timely closure of issues based on severity.
- Experience with web application scanning tools such as Qualys WAS, AppSpider, Acunetix, Veracode, Burp Suite, Netsparker, OWASP ZAP, Checkmarx, Whitesource, Snyk, or similar.
- Strong knowledge of secure protocols, encryption standards, and authentication mechanisms.
- Holds at least one security certification such as OSCP, OSWE, GPEN, GWAPT, CRTP, etc.
- Good communication and collaboration skills with the ability to engage effectively with diverse stakeholders.
Similar jobs on JobTailor
Information Security Compliance Analyst
D2L
CloudCyber Security
Lead Product Security Engineer
Emerson
CloudCyber SecurityIoTJavaMicroservices.NETPerlPython
Chief Information Security Officer
Daxko
AWSAzureCloudCyber SecurityGoogle Cloud PlatformSDLC
IT Audit Infrastructure, Assistant Vice President
State Street
CloudCyber SecurityFirewalls