Security Engineer

5 Years ago • 1-4 Years

Job Summary

Job Description

As a core member of the security team, you will significantly impact the security program's priorities and direction, playing a key role in its development. You will identify critical flaws in web applications and cloud infrastructure, collaborate on technical proposals and code, improve assessment scope, and educate the organization on secure services. This role involves understanding complex information flows, using high-level programming languages, and familiarity with web technologies and security mechanisms. The team is committed to adhering to security compliance as a central function of the business. You will also be responsible for educating the organization to pre-emptively develop secure services and to prevent security regressions by organizing talks and preparing written articles.

Must have:

1-4 years of experience as a Security Engineer or Software Engineer with web security experience.
Ability to understand complicated information flows.
Proficiency in one or more high-level programming languages.
Understanding of web technologies (Browsers, JavaScript, APIs, Websockets, Databases, Front-End, Back-End systems).
Understanding of web security mechanisms (SOP, CORS, CSP, Subresource Integrity, same-site cookies).
Awareness of applications implementing OAuth, SAML and JWT authentication.

8 skills required

8 skills required for this role

Add these skills to join the top 1% applicants for this job

javascript

back-end

web-security

jwt

front-end

websockets

oauth

organisational-skills

Job Details

What this role is about : As one of the core members of the security team, you will have an outsized impact on the priorities & direction of the security program and play a key role in building out our security program. The product features brings with it a unique set of security challenges, which are critical for us & we are committed to adhere to the security compliance as a central function of the business.

At Fi you will :

Identify critical flaws in our web applications and cloud infrastructure that could be exploited.
Collaborate with peers to write and review technical proposals, architectural diagrams, application code and cloud formation.
Reduce assessment time by maintaining specifications and tooling. Improve the scope of our assessments by adding new techniques and new categories of vulnerability assessments.
Educate the organization to pre-emptively develop secure services and to prevent security regressions by organizing talks and preparing written articles.

You should apply if you have:

Between 1-4 of experience as a Security Engineer or working as a Software Engineer with deep involvement in securing web applications.
The ability to understand complicated information-flows along with the ability to use one or more high-level programming language.
The understanding of web technologies such as Browsers, JavaScript, APIs, Websockets, Databases, Front-End and Back-End systems.
The understanding of web security mechanisms (such as SOP, CORS, CSP, Subresource Integrity, and same-site cookies)
The awareness of applications implementing OAuth, SAML and JWT authentication.

Selection Process : Once you apply via the careers page, we will reach out to shortlisted candidates with further steps. We are currently functioning from office in Bangalore. We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.