What You’ll Do 
<ul>
<li>Mentor junior Security Engineers and Security Champions on security best practices and techniques.</li>
</ul>

<ul>
<li>Improve our security tooling and processes.</li>
</ul>

<ul>
<li>Conduct security talks and training sessions.</li>
</ul>

<ul>
<li>Identify critical flaws and weaknesses in our web applications, services and our cloud infrastructure then design and implement strategic solutions to remediate them.</li>
</ul>

<ul>
<li>Write and review technical proposals, architectural diagrams, application code and IaC.</li>
</ul>

<ul>
<li>Use automated and manual testing techniques to gain a better understanding of the environment and reduce false negatives.</li>
</ul>

<ul>
<li>Reduce manual security review efforts by improving our tooling and processes.</li>
</ul>

<ul>
<li>Improve the scope of our assessments by adding new techniques and new categories of vulnerability assessments.</li>
</ul>

<ul>
<li>Consolidate and track vulnerabilities across our organisation and our supply chain to assist in identifying areas to focus our security uplift efforts.</li>
</ul>

<ul>
<li>Review and define requirements for developing and deploying secure products; create guidelines and standards to meet these requirements.</li>
</ul>

<ul>
<li>Work closely with the team to build systems that protect against and eradicate entire classes of vulnerabilities.</li>
</ul>

About You

<ul>
<li>Experience working as a Senior Security Engineer with deep involvement in securing modern web applications and APIs.</li>
</ul>

<ul>
<li>Experience conducting threat modelling, security reviews and risk assessments.</li>
</ul>

<ul>
<li>Solid project management experience leading initiatives that have measurably improved the security of organisations.</li>
</ul>

<ul>
<li>Proficient in one or more high-level programming languages.</li>
</ul>

<ul>
<li>Proficient with common developer tools and processes such as Github, CI/CD, containers and orchestration, IaaS/PaaS, APIs, Websockets, Databases, Front-End and Back-End systems.</li>
</ul>

<ul>
<li>Experience securing Data to meet various privacy framework and regulation requirements.</li>
</ul>

<ul>
<li>Deep understanding and experience in securing AWS environments.</li>
</ul>

<ul>
<li>Experience in deploying AppSec tools (e.g., SAST, SCA, WAF etc) throughout the stages of the SDLC to ensure the most relevant vulnerabilities are surfaced and false positives are kept to a minimum.</li>
</ul>

<ul>
<li>Understanding of web security mechanisms (such as SOP, CORS, CSP, Subresource Integrity, and same-site cookies).</li>
</ul>

<ul>
<li>Strong understanding of various authentication/authorization protocols e.g. OAuth, SAML and JWT.</li>
</ul>

Senior Security Engineer

India

What You’ll Do Mentor junior Security Engineers and Security Champions on security best practices and techniques. Improve our security tooling and processes. Conduct security talks and training sessions. Identify critical flaws and weaknesses in our web applications, services and our cloud infrastructure then design and implement strategic solutions to remediate them. Write and review technical proposals, architectural diagrams, application code and IaC. Use automated and manual testing techniques to gain a better understanding of the environment and reduce false negatives. Reduce manual security review efforts by improving our tooling and processes. Improve the scope of our assessments by adding new techniques and new categories of vulnerability assessments. Consolidate and track vulnerabilities across our organisation and our supply chain to assist in identifying areas to focus our security uplift efforts. Review and define requirements for developing and deploying secure products; create guidelines and standards to meet these requirements. Work closely with the team to build systems that protect against and eradicate entire classes of vulnerabilities. About You Experience working as a Senior Security Engineer with deep involvement in securing modern web applications and APIs. Experience conducting threat modelling, security reviews and risk assessments. Solid project management experience leading initiatives that have measurably improved the security of organisations. Proficient in one or more high-level programming languages. Proficient with common developer tools and processes such as Github, CI/CD, containers and orchestration, IaaS/PaaS, APIs, Websockets, Databases, Front-End and Back-End systems. Experience securing Data to meet various privacy framework and regulation requirements. Deep understanding and experience in securing AWS environments. Experience in deploying AppSec tools (e.g., SAST, SCA, WAF etc) throughout the stages of the SDLC to ensure the most relevant vulnerabilities are surfaced and false positives are kept to a minimum. Understanding of web security mechanisms (such as SOP, CORS, CSP, Subresource Integrity, and same-site cookies). Strong understanding of various authentication/authorization protocols e.g. OAuth, SAML and JWT.

Senior Security Engineer · New Delhi

Job highlights

Skillset required

Job Description

Job Description for Senior Security Engineer

More at Postman