Position Summary: Briefly describe the primary purpose and function of this position.
The candidate shall play the role of a security architect for the Ignite product and will be responsible for defining the security requirements and solutions required to make Ignite solution a robust product from security perspective. He/She shall drive the security value proposition of the product and will be responsible for representing that value proposition in front of customers.
The candidate will be an individual contributor in the program and unlikely to have direct reports.
Job Responsibilities: List the professional and/or technical competencies needed when performing the key responsibilities of the position. Explain the degree to which this position affects the business (i.e. making decisions, defining or setting strategy, etc.). Please further explain the breadth of the impact this position has (i.e. affects own team, department, function, division, geography, etc.).
The Candidate has a critical role to play in the Ignite product development being responsible for all security measures that are built into the product.
The candidate shall be responsible for defining the EtE security requirements for the product
The candidate shall be responsible for defining the security solutions that help fulfill the security requirements of the product. The candidate helps developers with resolution of vulnerabilities
The candidate shall be responsible for generating relevant technical documentation like architecture documents, high level designs, low level designs for the product
The candidate shall be responsible for evaluation of different off-the-shelf security solutions that could be used in the product
The candidate shall be responsible for security audit of the product and any third party components used in the product
The candidate shall be responsible for defining and enforcing the best development processes e.g. source code management tools, code reviews, static checks, dockerfiles etc critical to ensuring security compliance of the product to specific standards
The candidate shall be responsible for development of proposals to customers including analysis of requirements provided by the customer and positioning the security features of the product.
The candidate shall be responsible for advising the product qualification team on validation of security requirements of the product.
B.Tech/M.Tech in Comp. Sc
Security Certification from a 3rd party certification agency would be an additional benefit.
Atleast 3 years experience working on security solutions for products.
Thorough knowledge of authentication and authorization standards applicable in the Web services and Enterprise application world e.g. OAuth2, SAML etc. He/She needs to be aware of good password handling procedures and SSH usage among developers
Deep understanding of security vulnerabilities typical to web applications and application infrastructure servicing web applications.
Thorough knowledge on well-known security practices and solutions used in Web applications e.g. solutions applicable to top 10 OWASP vulnerabilities
Thorough understanding of Hash algorithms, encryption algorithms, ciphers used in products and their robustness. Ability to decide on the right encryption to use based on the application.
Candidate needs to be familiar with OWASP, SANS and other coding guidelines
Candidate should have hands-on experience with popular vulnerability analysis tools used in dynamic web and mobile applications like IBM AppScan vulnerability analysis tool
Candidate needs to be familiar with tools that could be used for static scan in CI/CD pipeline
Candidate needs to have thorough knowledge on techniques used in DAR security, DIT security and detection and removal of hard-coded credentials at app-level
Candidate needs to be familiar with requirements applicable to DB security
Candidate should have first hand experience with security audits and data that mandatoriley needs to be included in audit logs from security perspective
Salary: ₹ Not Disclosed by Recruiter
Industry: Software Development
[Apply here ]