This job ad has been posted over 30 days ago...



Security Research Engineer Full-time

at Indusface in Banglore (Published at 20-11-2018)

Job title : Security Engineer (Vulnerability Research)
Location : Bangalore

We are on the lookout for a talented individual who is passionate about Vulnerability Analysis & Signature Development to work on our Web Security products. The individual will be joining a team with a proven track record in Bangalore India and be a part of our IndusGuard Suite of Products Unit. Primary focus of this role is to develop Scanner & WAF signatures delivered to customers regularly.

Job Description
• Create signatures for Indusface WAS & WAF products to detect & protect from Web application vulnerabilities.
• Reproducing vulnerabilities to understand the working of an exploit, etc. on need basis to verify existing WAS/WAF coverage.
• Problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.
• Develop tools for the automation of security processes using Python, PERL, PowerShell, etc.
• Collaborate with engineering teams to support/maintain/design backend applications and other operational platforms

Candidate Profile
Experience in the area of information security with strong understanding of security basics, network vulnerabilities and analysing/developing IPS/IDS/WAF signatures.
• Good understanding of:
 Firewalls, proxies, SIEM, antivirus, and IDPS concepts
 Windows & Linux operating systems (REDHAT)
 Network security, network layers (OSI Layer-3 and Layer-4)
 Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.
 Network Penetration testing and techniques
 Identify and Analyse network vulnerabilities, Attack reproduction
 Programming languages like C/C++, Java and Scripting language like Python, Perl, etc.
• Hands-on experience in:
 Web-app security (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25
 Network analysis tools like tcpdump, Wireshark, Burpsuite
 Crafting Regular Expressions, Verification & Validation
 Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools: Metasploit, Nessus, etc.
 Analysing existing or writing new POCs
• Effective written and verbal communication skills.

Good to have
• Developing security related tools / programs
• Knowledge on Cloud infrastructure services
• Virtualization software (VMWare , Virtual PC / Virtual Box , XEN , etc), VPNs
• Knowledge on ModSecurity and Rule writing
• Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl
• Experience/Knowledge in Amazon Web Services

What do you gain?
• Challenging, transparent and supportive work environment
• Opportunity to grow rapidly in your career along with the company’s growth
• Competitive compensation structure and benefits

There are over a billion web apps and millions of mobile apps in the world now. Indus face with a mission to secure them and with its own line of cutting edge Armory of application security products, are living the dream of becoming the next Billion dollar "Made in India" security company".

About Indusface

Indusface is an award-winning application security leader protecting 1200+ customers spread across 20 countries. Our application security cloud platform is industry’s first truly integrated ‘Total Application Security’ solution that ‘Detects, Protects & Monitors’ applications. It detects application-layer vulnerabilities accurately, patches them instantly without any change in code, and monitors continuously for emerging threats and Layer 7 DDoS attacks. Available on AWS marketplace and as a SaaS solution, Indusface products protect thousands of apps from hackers across the world.

Our security products have not only been mentioned in the Gartner Magic Quadrants for Application Security Testing and Web Application Firewall but we have won all major startup awards in the last 12 months.

• #1 Security Product Company by NASSCOM-DSCI 2016
• Top 5 in ET Startup Awards-Bootstrap Champ 2016
• iSpirit’s InTech50 Most Innovative Products from India 2016
• AWS ‘Regional Innovation Partner: Technology Partner 2016
• Top Emerging Information Security Product Company by NASSCOM-DSCI 2015

Recent jobs at Indusface

Viewed: 901 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend