Nexthire

    Role: Application Security Engineer

    Experience: 8+yrs

    Location: Bangalore

    Careers at CData

    Solving the biggest data integration challenges. Smart people. Amazing products.

    As a team member at CData, you will experience a collaborative, growth-oriented, and empowering environment where opportunities to follow your passion and develop new skills are part of your every day. In addition, we value our employees as our greatest resource without which we could not be successful. We understand the importance of healthcare, wellness, and a work-life balance that enables you to spend time with those you love. So, we pride ourselves on remaining competitive with the compensation and benefits packages we offer.

    We are always looking for self-motivated, talented, and hard-working individuals who want to work in an exciting and fast-paced environment using the latest technology and products. Our current openings are listed below. If you fit the job description qualifications and are looking for an exciting career opportunity with a rapidly expanding software company, apply now!

    About Us

    CData Software (www.cdata.com) is a leading data access and connectivity solutions provider. Our mission is to simplify the way our users connect, integrate, and automate their enterprise data.

    We offer a straightforward approach to connectivity, with easy-to-use data providers, drivers, and tools accessible from any technology, source, or platform – whether on-premises or in the cloud. Our drivers are universally accessible, providing access to data through established data standards and application platforms such as ODBC, JDBC, ADO.NET, OData, SSIS, BizTalk, Excel, etc.

    CData allows businesses to realize the tremendous value of democratized data while reducing the complexity and expense of implementing a connectivity solution.

    Job Description

    The Application Security Engineer is responsible for leading department-wide focus on the strategy, development, implementation, and maintenance of the application security program across research, development, quality assurance, support, and IT systems. This is a hands-on position that requires a great deal of general security experience, as well as application development experience and secure coding knowledge.


    Day-to-Day Responsibilities:

    Responsibilities include but are not limited to:

     Manage threat detection & SIEM platforms.

     Advise in, and participate in, the design of secure products and architectures.

     Perform architecture security reviews, security focused code reviews, and security testing.  Create or approve documentation that codifies the application security program: this will include the development of secure coding policies, procedures and standards, modification of the SDLC to include the necessary security checkpoints, product deployment, and code review methodologies.

     Evaluate potential security related issues and make recommendations on third party tools and components. CData Software India Pvt Ltd

    www.cdata.com

    CData

     Mentor more junior engineers by leading and influencing technical decisions, processes, and best practices with an expert ability to explain technical concepts in written and verbal forms.

     Work closely with engineering and product teams to design and implement security-related systems and functionality, including writing secure code as necessary, and verification of threat models, risk, and security posture.

     Monitor software usage and perform forensics to verify that the software and infrastructure is performing to the required security standards.

     Perform constant monitoring and awareness of key developments in the area of systems, web application, and client application security in order to provide direction of security trends and anticipate emerging standards and best practices.

     Attend all meetings necessary for the seamless delivery of the product as part of the Software Development Life Cycle for both On-prem and SaaS.

     Engage with customers as needed for deep dives into CData SDLC controls.

     Manage and conduct penetration testing and security code reviews.

     Lead hands-on trainings for engineering teams following OWASP top risks.

     Participate in public security projects and or volunteer time and knowledge to improve the broader security community, representing the company's mission and goals, as well as promoting cooperation and knowledge sharing.

    Qualifications:

     8+ years of increasing responsibility and complexity in terms of any applicable professional experience.  Bachelor's Degree or global equivalent in related discipline.

     Typically holds 2 or more industry certifications CISSP preferred.

     Actively engage using a unique wide-range of professional skills with an expert understanding of industry practices and compliance – SOC2, ISO, NIST.

     Excellent planning / organizational skills and techniques.

     Excellent analysis and problem-solving skills.

     Excellent writing, presentation, and communication skills.

     Excellent negotiating skills.

     Excellent knowledge of secure application programming, coding life cycles and designs.

     Excellent understanding of security principles, best practices architectures, tools and processes.  Advanced knowledge of multiple current operating systems, network architecture and hosting environments Azure, AWS, GCP.

     Excellent knowledge of authentication protocols and encryption.

     Advanced knowledge of data storage formats, tools and languages.

     Advanced knowledge in supply chain / build release risks.

     Advanced knowledge in Application Penetration testing tools and processes.

     Advanced knowledge of technical stacks, React, .Net, Java, APIs, and SQL Server BD.

    Travel Required: No regularly scheduled travel is expected.

    %FOOTER_POWERED_BY%breezy