Senior Security QA Engineer

Bengaluru
What We Are

At VuNet, we are building next generation products that use a full stack product with big data and machine learning in innovative ways to monitor customer journeys and improve user experience. Our next generation systems are helping the largest financial institutions to improve their digital payment experience, driving more financial inclusion across the country.

We empower our teams to solve hard problems – customer and business problems – in ways that our customers love. Great ideas get converted to extraordinary products and reach the customers in the shortest time. Our teams are cross functional, immerse into details, engage in collaborative debate and working with a shared purpose of creating a world class product company.

We are looking for an enthusiastic Senior Security QA engineer, who would be responsible for ensuring the product meets the compliance and to create a security hardened platforms. You would own building a robust framework for product security. You must be an excellent communicator who is passionate to lead a team, bring awareness and help our teams like developers, testers practice security in coding & testing the product every day. You will be responsible for conducting security testing for the required modules, building automated ways, or using tools to scan and review the code to make it strong against any security attacks. We are looking to release a product that is 100% secure and easy to get any VAPT or security certification at any point in time. We need people who are self-started and have a drive to meaningful impact our continually improving product suite.

Bring your passion and dedication to this job, and there's no telling what you could accomplish. Join VuNet, and help us leave the world better than we found it.


Roles & Responsibilities
  • Operational ownership in the disciplines of: vulnerability management; incident response; malware analysis; audit and compliance schedules; security best practices to a large database and high-transaction software systems in the Telecommunications space; advancing the program development of key risk and performance indicators with documented metrics.
  • Perform penetration tests of both infrastructure and web applications, document and contextualize issues with respect to business impact and ensure to present reports on the test and help the team in learning about security that can be taken care while the product is being built and functional tested.
  • Research emerging attack vectors, techniques and perform proactive analysis of internal and external attack surface while applying information security best practices.
  • Bringing in innovations and robust automation with respect to the Security testing wherever required for high availability and scalable products, reusable and can be integrated into CI/CD

Mandatory Requirements
  • Overall experience of 6-8 years with Security specific experience of 3-5 years.
  • Hands-on experience with Dynamic Application Security Testing & Static Application Security Testing.
  • Performing web application security assessments, hands-on techniques for identifying SQL injections, XSS, CSRF, authentication, OWASP top 10 issues.
  • Knowledge of Secure SDLC and Security standards like OWASP, CWE, NIST, OSSTMMdProvide expert advice and recommendation to the application development team as well as vendor.
  • Experience in Linux & Windows operating system, MySQL Database.

Good To Have
  • Certification(any one of it) - Certified Application Security Engineer (CASE), Certified Application Security Specialist (CASS), ISTQB - Advanced Level Security Tester.
  • Basic Knowledge on DevSecOps Integration.
  • Good Domain understanding - Infrastructure and Application.
  • Understanding of Cloud, CI/CD pipeline, etc.
  • Shell/Python Scripting or any other scripting language.
  • Knowledge/Experience in the following technologies will be an added plus: Elasticsearch, Logstash, Kafka, Apache Spark, Redis, Cassandra, Hadoop, Docker Containers.
  • Good knowledge of security technologies for secure software development such as cryptography, authentication techniques, and protocols, etc.

Professional Attributes
  • Experience working as part of globally distributed teams.
  • Excellent communication, both verbal and written, and interpersonal skills.
  • Motivation and ability to be productive in a fast-paced, dynamic environment.
  • A self-starter, who loves to take on hard problems, loves solving service scalability problems, enjoys breaking things, and is enthusiastic to learn new technologies and work in startup environments.
  • Ambitious individuals who can work under their own direction towards agreed targets/goals.
  • Ability to manage change and be open to it good time management and an ability to work under stress.

How to Apply

If you are interested, e-mail us at jobs@vunetsystems.com, with your resume and an explanation of why you would be a good fit. We look forward to hearing from you.


Go Back