Talent.com
This job offer is not available in your country.
Product Security Engineer

Product Security Engineer

TravelokaDelhi, India
6 days ago
Job description

Job Description

Product Security Engineer at Traveloka will be required to ensure that our products and services are shipped with high security standards through application security testing, hardening, and secure framework. A Product Security Engineer will be smart and self starter. The person needs to find unique ways to understand complex software architecture and should be able to perform manual security code review. They need to be able to integrate security in the software development process with defense-in-depth strategies such as automated testing in CI / CD pipeline. A Product Security Engineer preferably needs to have a software development background and should have practical programming knowledge.

They will work very closely with our Software Engineering Team to implement Secure SDLC in Traveloka. They will also need to have proficiency in handling multiple projects based on different frameworks and groups.

Responsibilities

  • Carry out manual and automated review of source code to identify security vulnerabilities and risks
  • Implement automated security testing tools (SAST, DAST, IAST) and their deployment within continuous integration systems
  • Implement hardening and secure framework such as RASP, WAF, safe library, and security decorator functions
  • Perform vulnerability assessment & penetration testing on web API, front-end service, internal RPC, and mobile application
  • Attend design reviews and actively lead the discussions from a security standpoint
  • Analyze possible security incident related to application security such as payment abuse or sensitive data exposure via web API
  • Ensure that product security requirements are identified early on and are being baked into all projects
  • Provide effective recommendations or patches to mitigate security vulnerabilities
  • Develop in-house tools to integrate with SDLC and to track and derive security metrics

Skills & Experience

  • Academic background in Computer Science or equivalent
  • Relevant professional experience or extensive experience in security activities (e.g. CTF, bug bounty, security research, publications, blog)
  • Practical knowledge of modern software development such as microservices, application containerization, REST architecture, object oriented programming, stateless / stateful authentication, and cloud platform
  • Working knowledge of one or more of these programming languages : Java, JavaScript, Kotlin, C#, Objective-C, Swift
  • Experience in security code review, vulnerability assessment, and penetration testing.
  • Knowledge of common vulnerabilities such as OWASP Top 10 and CWE including business logic issue (e.g. IDOR)
  • Core skill set in two or more of the following areas :
  • JavaScript framework (e.g. React)
  • Java framework (e.g. Spring)
  • Android / iOS platform
  • DevOps
  • AWS
  • Automation tool development
  • Dynamic debugging
  • Unit testing
  • Algorithm & data structure

    • If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

    Create a job alert for this search

    Security Engineer • Delhi, India

    Related jobs
    • Promoted
    CyberArk Engineer

    CyberArk Engineer

    Next VenturesMeerut, IN
    Job Opportunity : CyberArk Engineer.Contract / Permanent / Fixed Term.Privileged Access Management (PAM) implementations using CyberArk technologies. CyberArk Core-PAS, AAM, PTA, HTML5 Gateway.AUTOIT...Show moreLast updated: 1 day ago
    • Promoted
    Senior Product Security Engineer

    Senior Product Security Engineer

    sliceDelhi, India
    We’ve all felt how slow, confusing, and complicated banking can be.We’re building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transc...Show moreLast updated: 6 days ago
    • Promoted
    AWS security engineer

    AWS security engineer

    JRD SystemsDelhi, IN
    We are seeking a highly skilled.Senior DevOps / Platform Engineer.The ideal candidate will have deep expertise in infrastructure automation, Terraform, and cloud platform management, with a strong De...Show moreLast updated: 11 days ago
    • Promoted
    Senior Security Consultant

    Senior Security Consultant

    Claranet IndiaDelhi, IN
    Founded at the beginning of the dot.CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP)...Show moreLast updated: 30+ days ago
    • Promoted
    JD Edwards Security Consultant

    JD Edwards Security Consultant

    IT ConsultingMeerut, IN
    JD Edwards Security Consultant.Collaborate with global business stakeholders to understand business processes and security requirements within JD Edwards. Design and document standardized user roles...Show moreLast updated: 23 days ago
    • Promoted
    Senior Security Architect

    Senior Security Architect

    ValueLabsDelhi, India
    Dear Candidate, we are hiring Application Security +Dev Sec Ops Architect for Chennai location.Please find below JD and if you are interested , do share resume to below email id.Kubernetes / Open Shi...Show moreLast updated: 6 days ago
    • Promoted
    Vulnerability Management Specialist_9+years_Remote

    Vulnerability Management Specialist_9+years_Remote

    Tekgence IncDelhi, IN
    Remote
    Job Title : Vulnerability Management Specialist (AWS & Wiz).Duration : 12+ months , extendable.We are seeking a skilled Vulnerability Management Specialist with hands-on experience in AWS environment...Show moreLast updated: 1 day ago
    • Promoted
    Incident Manager

    Incident Manager

    TalentojMeerut, IN
    Act as the primary point of contact for major incidents and escalations, ensuring rapid response and communication across technical and business teams. Lead and coordinate incident resolution effort...Show moreLast updated: 30+ days ago
    • Promoted
    IBM Security Verify Directory (ISVD) Administrator

    IBM Security Verify Directory (ISVD) Administrator

    BLS360Meerut, IN
    Job Title : IBM Security Verify Directory (ISVD) Administrator.Contract (Long-Term Potential).Join our Identity and Access Management (IAM) team as an experienced IBM Security Verify Directory (ISVD...Show moreLast updated: 1 day ago
    • Promoted
    Product Security Engineer II

    Product Security Engineer II

    FICODelhi, India
    FICO (NYSE : FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!.As a ...Show moreLast updated: 6 days ago
    • Promoted
    Network Security Architect

    Network Security Architect

    Next Digital RecruitmentDelhi, India
    Job Title : Cyber Security Engineer L3 and Team Leads Locations : Bengaluru.Key Responsibilities : • Design, deploy, and manage security architectures focusing on SSE, SASE, and Identity Management so...Show moreLast updated: 6 days ago
    • Promoted
    Security Consultant

    Security Consultant

    World Wide TechnologyDelhi, IN
    Be the primary lead in cybersecurity delivery engagements for a wide variety of clients in different industry verticals.Evaluate and recommend security strategies for networks, systems, operations,...Show moreLast updated: 11 days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Paramount Computer SystemsMeerut, IN
    Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 11 days ago
    • Promoted
    Senior Penetration Tester

    Senior Penetration Tester

    Vista Applied Solutions Group IncDelhi, IN
    Client is looking for Senior PenTester and this is remote position from India.Security and Penetration Testing.OSCP Certification - Industry-standard credential demonstrating practical penetration ...Show moreLast updated: 11 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaMeerut, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA)

    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA)

    SentinelDelhi, IN
    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA).The security function of a world renowned manufacturing organisation for power tools is seeking a Saviynt IGA Engineer ...Show moreLast updated: 16 days ago
    • Promoted
    Ethical Hacker

    Ethical Hacker

    MAI LabsDelhi, IN
    We're building something audacious, something global, in next tech at.Our mission? To distribute participatory power to billions of people in the digital economy. What this actually means : We have b...Show moreLast updated: 16 days ago
    • Promoted
    Workday Security System Analyst

    Workday Security System Analyst

    AvalaraMeerut, IN
    Avalara is an AI-first company.We expect every engineer, manager, and to actively leverage AI to enhance productivity, quality, innovation, and customer value. AI is embedded in our workflows, and p...Show moreLast updated: 1 day ago