Talent500 Tech Looking for Senior Application Security Engineer (Python & Vulnerability Management) at Bgalore Full Time

We are Talent500:

• We help companies hire, build and manage global teams. We are trusted by the worlds leading companies – from Fortune 500s and larger enterprises (Walmart, Target, Nike, Pepsi etc) to industry leaders (Airbnb, Twitter, Uber) and some of the worlds fastest-growing start-ups from the portfolios of investors such as Accel, Sequoia and Techstars.
• Our suite of proprietary AI-enabled tools and products provide businesses with an end-to-end platform to build their global teams. This includes:
• Access to a Global Talent Network of 300,000+ professionals globally
• Data-sciences based screening engine which predicts the right-fit candidate with ~80% accuracy helping companies hire 2.5x faster
• Tools to manage contracting, payroll and benefits without the hassle of setting up legal entities or infrastructure
• We are backed by Accel Partners & ANSR, a global leader and enterprise transformation platform. For the last 15 years, the worlds leading organizations have trusted ANSR to transform their businesses by building technology and innovation hubs in talent-rich locations. ANSR is today one of the largest drivers of FDI into India with over $1.5B of capital investments.

Roles and Responsibilities:

• Partner with engineering teams across Talent500 to create secure application and deployment architectures utilizing threat models and risk analysis documentation
• Define policies across the organization for secure software development activities within hybrid cloud environments
• Work with development teams, operations, governance, and other stakeholders to draft security standards and implement monitoring to adhere to those standards
• Integrate and/or build security tools for integration in the CI/CD and build processes and work with development teams to mitigate findings
• Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks
• Analyze and harden existing applications, infrastructure, automation, and deployment processes
• Conduct internal penetration testing and coordinate external penetration tests and bug bounty programs
• Coordinate with security researcher community for submitted vulnerabilities and issues

Ideal Background:

Bachelor’s degree required; BS or MS in Computer Science, Information Technology, or related

• Experience with code Reviews with respect to the Security aspect
• Comprehension in multiple programming languages (Python, java, Javascript/Typescript)
• 6+ years’ experience in application security, with experience across SDLC activities such as threat modeling, secure code review, vulnerability management, and penetration testing
• Broad knowledge of web, application, and cloud attack vectors and exploits
• Deep security subject matter expertise in at least one major public cloud provider (AWS)
• Subject matter expertise in applied key management, certificate management and cryptography
• Deep understanding of authentication and authorization concepts and protocols including IAM, mTLS, OAuth/OIDC, and SAML
• Comprehension in multiple programming languages (Python, Go, Scala, C/C++, Javascript/Typescript)
• Deep security subject matter expertise in at least one major public cloud provider (AWS, GCP, Azure)
• Experience with deploying and securing SaaS applications and cloud environments at scale
• Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices
• Coordinating penetration testing / bug bounty programs and assisting with remediation
• Knowledge of regulatory guidelines and standards such as SOC2, ISO 27001, FedRAMP, etc.
• Understanding of application security maturity model frameworks and how to apply them
• Strong written and verbal communication skills

Why work at Talent500?

• Build the future of work: We’re working on a problem every business leader understands deeply. The pandemic has created a once-in-a-lifetime shift in how businesses and professionals think about work. We have an opportunity to drive this new shift towards distributed work and global teams
• Growth and scale: We are tackling a global problem and a rapidly growing market ($50B+) with a LOT of headroom for us to grow. We are currently growing at 35% quarter-on-quarter and expect this to be a BIG, fast-growth business. If you are looking for growth in your professional life and lots of learning along the way, this is it.
• Experienced team and investors: We have an experienced team: our founders have founded, scaled, and sold companies before. We are trusted by some of the worlds best companies and investors
• Remote-first: We offer work-from-anywhere for multiple roles @ Talent500. We back this with plenty of remote-friendly policies for our team – including generous home-office setup budgets, flexible work / check-in hours, mobile and internet reimbursements, L&D budgets, best-in-class medical for you + family, mental health coaching and counseling support and more.