Application Security Engineer

Pune, IN

Job Description / Skills Required

Do you want to shape the future of enterprise software?
 
Aera Technology is the Cognitive Automation company that makes business agility happen. We deliver the first scalable digital platform that integrates with existing systems to make and execute business decisions in real time. In the era of digital acceleration, Aera helps enterprises around the world transform how they respond to the ever-changing environment.
 
In this role you will be responsible for ensuring the core security system for the Aera platform. Our customers trust us with some of their most sensitive data and the security of our system depends on a secure system. Our product security team will ensure that our products meet the regulatory and customer requirements for our software.

Responsibilities

    • Build security testing automation built into every step of our SDLC
    • Review customer use cases with project management and build automated test cases for authentication and authorization
    • Ensure code repos are scanned with SAST and SCA security tools
    • Schedule and plan penetration tests and build remediation plans for issues found
    • Work with engineering teams to translate security vulnerabilities into actionable stories and tickets with an SLA
    • Perform security reviews with architects and engineers for new products, and create threat models and risk assessments before development
    • Build a software development culture of secure development standards and practices

About You

      • At least 3 years of experience testing against the OWASP top 10
      • At least 2 years of experience in software development
      • Expert in web application security authentication and authorization
      • Experience with application security testing tools like Burp, Metasploit, Nmap
      • Ability to translate SAST, DAST, and SCA results into actionable tickets for software engineers
Nice to Have:
    • Experience with Federated SAML using an Identity Provider like Ping, Okta, or Auth0
    • Understanding of OWASP Top 10 issues, especially as it relates to authentication
    • Research or public talks in the area of authentication
At Aera, our purpose is to enable a sustainable, efficient, and intelligent world with Cognitive Automation. Our Cognitive Operating System is increasingly used by the world's largest companies to fundamentally transform their organizations and how work is done.
 
If you share our passion for fundamentally transforming how people work — from people working machines, to machines working, guided by people, you’ve met your match. Headquartered in Mountain View, California, we're growing fast, with teams in Mountain View and San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune, and Bangalore (India), Sydney (Australia) and Singapore.  So join us, and let’s build the future of work together!
 
Aera Technology is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, Aera Technology will consider for employment qualified applicants with arrest and conviction records.
 
Aera Technology respects the privacy of your data.  Please take the time to read our Candidate Privacy Notice, available here.