This job ad has been posted over 30 days ago...



Web Application Firewall Engineer Full-time

at Defencely Cloud Security Pvt. Ltd. in Gurgaon (Published at 16-04-2017)

Job Details:

Level: Experienced
Job Location: Gurgaon
Position Type: Full Time
Experience: Preferred 2 Years.


Defencely Cloud Security Engineering team is seeking an Application Security Engineer to assist the Development, Production Engineering, and Security Operations teams with application-level security assessment and threat mitigation. The successful candidate must have professional work experience. This is a full-time position working for Defencely Cloud Security Pvt. Ltd. Outsourced or software development contractors will NOT be considered.


Review merge requests from Development and Production Engineering teams to proactively address security concerns before changes are merged to master.

Validate and address findings from static analysis tools. Perform routine internal penetration testing

Develop and evangelize secure programming standards. Conduct periodic internal software security audits. Validate, address, and document responses to security findings from third-party penetration testing engagements.

The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Defencely Cloud Security Pvt. Ltd. will be voluntarily entered into and your employment is considered at will. Defencely reserves the right to alter the job description at any time without notice.

Defencely is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legallyrecognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law.

Successful applicants must be:

1. Passionate about application security. WAF Firewall Knowledge is a MUST.
2. A self-starter who can identify work that needs to be done without waiting for direction
3. Able to work effectively & be pragmatic part of a remote team in a dynamic business environment
4. Comfortable working independently but able to escalate problems when necessary
5. Demonstrate strong oral and written communication skills
6. Eager to learn; able to understand and apply new things relatively quickly
7. Willing to mentor and guide fellow team members kindly and constructively
8. Enjoy sharing knowledge via documentation
9. Can work for eight solid hours per day where at least five overlap with 8am to 6pm Eastern
10. Available to work off-hours as necessary
11. Happy to travel occasionally for team meetings and events

Your experience should demonstrate that you:

1. Have extensive professional experience in information security, as a vulnerability researcher, QS engineer, or developer.
2. Are able to read and write Ruby code
3. Can write PoC code and documentation that clearly demonstrate vulnerabilities
4. Are proficient with or able to quickly learn automation tools such as Selenium
5. Are able to find solutions to challenging technical puzzles with atypical constraints
6. Can effectively use git and understand common SCM workflows
7. Are able to write code that is intentional and readable rather than magically obscure
8. MANDATORY are able to configure WAF Set-up such as Imperva WebSphere

It would really be outstanding if you:

1. Have previous professional, full-stack app-sec experience
2. Can list and demonstrate examples of the OWASP Top 10; have experience playing with railsgoat
3. Have deep knowledge of the Ruby on Rails and Java Spring web frameworks
4. Are familiar with BDD
5. Have working knowledge of AWS or other cloud computing platforms
6. Have used static analysis tools such as Brakeman and Bundler-Audit
7. Have experience using CI environments (Jenkins/Docker)
8. Are familiar with proxies, firewalls, mail infrastructure, and other solutions commonly seen in large enterprises
9. Can comfortably use advanced git features such as rebase, rebase -i, merge —no-ff
10. Have attained a four-year degree in something (…anything)
11. Have customer support experience (retail, help desk, consulting, etc.)
12. Include a link to GitHub/GitLab/Bitbucket profile

Competitive salary for Deserved Individuals.

Note: Applications have been closed.

Recent jobs at Defencely Cloud Security Pvt. Ltd.

Viewed: 1521 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend