Job Level
Mid-LevelSenior
Tech Stack
CloudCyber Security
About the role
- Job location: Remote in India
- Drive security-related engineering engagement and technical remediation across Sun King’s product lines
- Work across application security, architecture reviews, and cloud security to scale security engagement across Engineering
- Perform Application Security Reviews including penetration testing and code reviews on mobile applications, APIs, and web applications using OWASP standards
- Identify security loopholes in product design through Threat Modeling
- Deploy and manage security tool integration into the CI/CD pipeline
- Perform SAST, DAST, and SCA scans; review scan results for false positives and deliver findings to engineering teams
- Lead product security efforts during security incident management and define post-incident remediation plans
- Set up automated processes to monitor applications and systems for unusual activities
- Stay updated on the latest security vulnerabilities and trends
Requirements
- 3–6 years of experience in penetration testing, code review, DevSecOps, and architecture design reviews
- Minimum 3 years of experience in the application security domain
- Proficient in identifying vulnerabilities, guiding remediation steps, and tracking closure of issues based on severity
- Experience with web application scanning tools (Qualys WAS, AppSpider, Acunetix, Veracode, Burp Suite, Netsparker, OWASP ZAP, Checkmarx, Whitesource, Snyk, or similar)
- Strong knowledge of secure protocols, encryption standards, and authentication mechanisms
- Holds at least one security certification such as OSCP, OSWE, GPEN, GWAPT, CRTP, etc.
- Good communication and collaboration skills with the ability to engage effectively with diverse stakeholders