Sr Security Engineer

Full time
|
4+
YEARS
|
Bangalore-IN

Roles and Responsibilities

  • Conduct penetration testing and vulnerability assessments on web applications, APIs, and cloud platforms (AWS, GCP, etc.) to identify vulnerabilities and potential attack vectors.
  • Identify security design gaps in new and existing cloud architectures and collaborate with cross-functional teams to design effective mitigation strategies.
  • Perform cloud security assessments, evaluating security controls and deployment models on various cloud platforms.
  • Lead and oversee the security team to ensure high-quality deliverables for clients.
  • Document findings, methodologies, and exploitation techniques in clear, actionable reports for both technical and non-technical stakeholders.
  • Lead incident response efforts in the event of security breaches or incidents.
  • Provide guidance, training, and mentorship to junior team members.
  • Perform threat modeling for cloud-based scenarios and apply principles to enhance platform security.
  • Plan and execute social engineering assessments to evaluate susceptibility to phishing, pretexting, and other manipulation techniques.
  • Demonstrate a deep understanding of cloud security concepts and best practices, advising clients on securing their environments effectively.
  • Define and develop build and release best practices, collaborating with teams to promote secure development and deployment.
  • Work with teams to implement security controls, defenses, and countermeasures to prevent internal or external attacks on cloud environments.
  • Stay current with developments in AppSec and CloudSec, researching emerging threats, attack vectors, and vulnerabilities in cloud and web technologies.

    • Technical Expertise

  • Education: Bachelor’s Degree in Computer Science.
  • Experience: 4+ years as a Penetration Testing Expert.
  • 3+ years of hands-on experience in cloud security architecture (AWS & GCP), including native tools and best practices.
  • Experience in planning and executing penetration tests/red team exercises for web applications, APIs, containers, and cloud platforms.
  • Proficiency in creating exploits and PenTest scripts.
  • Strong understanding of testing frameworks such as PTES and OWASP; expertise in OWASP Top 10 is essential.
  • Familiarity with industry-standard security practices (OWASP, SANS) and compliance frameworks such as ISO 27001, SOC 2, HIPAA, etc.
  • Proficiency in using tools like Burp Suite, Metasploit, Nessus, Wireshark, nmap, etc.
  • Knowledge of security for containers, hands-on experience with DevSecOps principles, and end-to-end secure development processes.
  • Relevant experience in DevOps and cloud migration.
  • Excellent communication skills.
  • Strong critical thinking and problem-solving abilities.

    • Good to Have Certifications:

    • Offensive Security Certified Professional (OSCP)
    • GIAC Certified Penetration Tester (GPEN)
    • eLearn Security Web Application Penetration Tester eXtreme (eWPTX)
    • CREST Registered Penetration Tester (CRT)
    • AWS Certified Security – Specialty
    • Google Cloud – Professional Cloud Security Engineer (PCSE)
    • Certified Cloud Security Professional (CCSP)

    Apply Now

    Engineering

    Get in touch.
    The Ankercloud Team loves to listen

    Uploading...
    fileuploaded.jpg
    Upload failed. Max size for files is 10 MB.
    Submit
    Thank you! Your submission has been received!
    Oops! Something went wrong while submitting the form.