Job Title

Role - Product Security Engineer Exp - 1-4 years What are you expected to be good at? To be successful in this role, the following are the areas of expertise classified by their importance: Critical Minimum of 2+ years of in-depth experience in Application Security, with a focus on Web and Mobile Applications. Ability to Develop and implement automated tools (python/bash) to help spot known security exposures. Excellent understanding of security by design principles and architecture level security concepts. Experience and knowledge of penetration testing tools and methodologies. Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Competency in Cyber Security Risk Analysis. Understanding of application protocols, development, and common attack vectors. Proficiency in at least one scripting language, such as Bash, Python, Go etc. Experience with Secure Code Quality Tools like Sonarqube, Fortify etc. Experience with pentest tools and frameworks such as: Burp Suite, Kali open-source tools, OWASP ZAP, Metasploit, Nessus, Nmap, MobSF, Genymotion, Frida, APK Tool etc. Good To Have Understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like AWS. Understanding of CI/CD pipelines, Jenkins etc. Certifications like CEH, eJPT, LPT, AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), OSCP, OSWE/AWAE, SANS etc. Active participation in bug bounty programs, demonstrating practical skills in identifying and resolving security vulnerabilities. What are your responsibilities? Join a team dedicated to maintaining Curefit's world-class security posture. Conduct a regular pentesting of curefit assets. Conduct design reviews of upcoming features from an application security perspective, identifying potential threats and proposing mitigations. Develop security tools to monitor for security and compliance controls in real time. Develop a broad understanding of the curefit products and pro-actively update the threat model and implement mitigations. Improve secure software development practices. Create a roadmap of pentesting curefit assets and automate your test cases. Contribute within the team in planning and execution of security roadmaps to pentest curefit applications, focusing on real-time monitoring of security and compliance controls. Collaborate with the Product Team to ensure adherence to Security Standards