Senior Security Engineer Full-time

at Home Credit India in Gurgaon (Published at 10-02-2020)

Company - Home Credit India
Role - Sr. Security Engineer/ Senior Analyst
Experience - 3 - 5 Years (Minimum)
Location - Gurgaon, Haryana
Requirement - Immediate

About Company -
Home Credit Group is an international consumer finance provider with operations in 9 countries. Founded in 1997, the company focuses on responsible lending primarily to people with little or no credit history. With simple, easy and fast services, it operates in highly attractive markets. Home Credit is a leading provider of consumer finance in selected countries.
Home Credit India Finance Pvt. Ltd. is a leading Non-Banking Financial Company (NBFC) in consumer finance lending. The company is committed to drive credit penetration and financial inclusion by offering large financial solutions that are simple, transparent and accessible to all. With largest penetration in sub Rs. 10,000 category, Home Credit India has an employee base of over 15,000 and has been consistently expanding operations since its entry in 2012, with its operations spread over 179 cities across 20 States in India. The company has a strong network of around 29,000 points-of-sale (PoS) and is growing with a customer base of over 10 million customers, driven by Pan-India expansion across major markets, a range of diversified and innovative products backed by superior customer experience. Home Credit India has been recognized by Aon Hewitt as a Regional AON Best Employer 2017 for employer excellence.

Home Credit India is looking for Application Security Engineer who will be responsible for security assessments and penetration testing of application and IT Infrastructure environment as well as to perform security research and providing security solutions, processes, and testing methodologies

Key Tasks and Responsibilities:

• Perform application penetration testing, vulnerability assessments and source code reviews
• Profile an application, identifying threats, and developing test cases to target identified threats
• Identify and report vulnerabilities in applications and networks
• Manage project timelines, deadlines and expectations - including business, development, Infrastructure and product team interactions
• Prepare reports documenting identified issues and findings tracker sheets for applications
• Interact with Development and product owners in a collaborative manner to deliver results, provide feedback and remediation recommendations on findings
• Research emerging security topics and new attack vectors
• Write tools and scripts to automate technical processes and make assessments more efficient
• Coaching/ mentoring team members on technical/functional/ operational/ aspects and expertise relevant to Application and Network security assessments

Skills Required:

• In-depth understanding of security issues, exploitation techniques, and remediation measures
• Should have a good understanding of application level attacks with hands on experience in discovering and exploiting issues with/without the assistance of automated tools
• Development knowledge of any current programming languages
• Strong understanding of software and application security
• Strong oral and written communication skills
• Application Security Assessment – In-depth knowledge of web & mobile application attacks and defense strategies (SQL injection, XSS cross-site scripting, CSRF, logic flaws, etc.) and Thick client applications, mobile applications, ERP applications (SAP, etc.)
• Experience with analyzing Router, Switches, Firewall rule base focused on security
• Experience in Internal & External Penetration Testing on Network Infrastructure (including
Servers, firewalls, Routers, switches, etc.) including conducting wireless security assessment
• Certifications like CEH, OSCP, SANS GPEN, CISSP or any other industry accredited security certifications would be preferred
• Understanding of application security guidelines/requirements from OWASP etc.
• Good interpersonal, problem solving, reasoning and analytical skills
• Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.
• Should have good understanding of web application architecture and Secure development life cycle (SDLC)

Viewed: 239 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend