Security Engineer I Job in Mumbai at Shaadi.com

Shaadi.com is hiring for the role of Security Engineer I!

Responsibilities of the Candidate:

• Conduct thorough penetration testing on Web applications, APIs, and Mobile Applications to uncover vulnerabilities and potential attack vectors.
• Develop proof of concept (POC) exploits to demonstrate security flaws and vulnerabilities on various application platforms, including web, Android, and iOS.
• Create detailed assessment reports outlining identified vulnerabilities with clear and concise descriptions, impact, steps to reproduce, and recommendations for remediation.
• Collaborate with developers to create new product features, ensuring a primary focus on user data security and integrity.
• Stay up-to-date with the latest security vulnerabilities, trends and attack techniques to continuously improve testing methodologies.
• Communicate and demonstrate vulnerabilities to application/system owners and also provide appropriate remediation and mitigations for the identified vulnerabilities.
• Handle the bug bounty program and coordinate the resolution of security issues reported by external researchers.

Requirements:

• Minimum 1 year of prior experience in a Security Analyst role or similar position
• Proven experience in conducting security assessment of web applications, API and mobile applications.
• Good understanding of OWASP Top 10 and other vulnerabilities as well as business logic flaws.
• Proficiency in using penetration testing tools and frameworks to carry out manual as well as automated security assessments.
• Strong problem solving, troubleshooting, and analytical skills with a keen attention to detail.
• Excellent written and verbal communication skills.
• Good to have security certifications such as CEH, eJPT, eWPTX or OSCP
• Ability to work independently and collaboratively in a fast-paced environment