Software Engineer II (Security Testing)
HealthEdge
Hyderabad, India
5d ago

Job Description :

  • Have a background in code development or source code review.
  • Understand and recognize common vulnerability types, including SQL / command injection, XSS, CSRF, and SSRF. In-depth knowledge of OWASP Top 10 and CWE Top 25.
  • Experience in using tools like Veracode, Acunetix, SonarQube
  • Knowledge of HIPAA.
  • Able to understand C#, .NET, SQL, HTML, CSS, JavaScript, PowerShell
  • Can lead major security initiatives and drive projects to completion
  • Have a deep knowledge of key security concepts such as authentication, authorization, encryption, role-based access control, and security by design
  • Have the ability to explain sophisticated security problems and provide expert advice on secure design practices
  • Good experience on SAST and DAST
  • Excellent written and verbal communication skills
  • Sharp analytical abilities and proven design skills
  • Responsibilities

    Perform architecture and code review of complex web applications and APIs

    Write code to integrate security services into our CI / CD pipelines

    Lead security assessments and application penetration tests

    Work with engineers and leaders to help prioritize and remediate vulnerabilities

    Collaborate with software engineers across product teams to refine the security of our products and resolve open security flaws

    Analyzes business and user security needs and documents requirements

    Develops test plans, for new and modified security architecture changes

    Help to integrate automated and repeatable controls into the SDLC pipeline.

    Provide other engineering team members with well-researched practical Security advice to demonstrate reusability, abstracting configuration from code, collaborating with all teams to provide and help contribute to secure development guidance.

    Train software developers in secure coding practices

    Reviewing .NET code for security vulnerabilities

    Performing impact analysis and suggesting appropriate fixes for open issues

    Threat modeling

    Develop common security functionalities in .NET Framework / Core and JavaScript

    Lead the SecOps Team and support in planning and operation of the team

    Qualifications

    BS / BE / BTech in Computer Science or related field, or equivalent work experience.

    Have 5+ years of experience in application security testing, code reviews and architecture reviews.

    Have a background in code development or source code review.

    Understand and recognize common vulnerability types, including SQL / command injection, XSS, CSRF, and SSRF. In-depth knowledge of OWASP Top 10 and CWE Top 25.

    Experience in using tools like Veracode, Acunetix, SonarQube, CheckMarx, BurpSuite, Teamcity etc.

    Knowledge of SCRUM Framework and Agile practices.

    Knowledge of HIPAA.

    Experience working with C#, .NET, SQL, HTML, CSS, JavaScript, PowerShell, Windows Server etc.

    Can lead major security initiatives and drive projects to completion

    Have a deep knowledge of key security concepts such as authentication, authorization, encryption, role-based access control, and security by design

    Can explain sophisticated security problems and provide expert advice on secure design practices

    An understanding of network and web related protocols (such as, TCP / IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

    Excellent written and verbal communication skills

    Demonstrable teamwork skills and resourcefulness

    Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid analysis paralysis )

    Strong sense of ownership, urgency, and drive

    Sharp analytical abilities and proven design skills

    Hold any industry certifications such as Security+, CEH, eJPT, OSWA, OSWE, CISSP etc.

    Knowledge and experience with Azure and Cloud Security is a bonus.

    Participation in the security community is a bonus.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form