back

Security Researcher

Open position

Bangalore
3-5 years
Careers  »  Current Openings  »  Security Researcher

Responsibilities:

We are on the lookout for a talented individual who is passionate about Vulnerability Analysis & Signature Development to work on our Web Security products. The individual will be joining a team with a proven track record in Bangalore India and be a part of our Suite of Products Unit. Primary focus of this role is to develop Scanner & WAF signatures delivered to customers regularly.

Job Description:

  • Create signatures for Indusface WAS & WAF products to detect & protect from Web application vulnerabilities.
  • Reproducing vulnerabilities to understand the working of an exploit, etc. on need basis to verify existing WAS/WAF coverage.
  • Research the advanced threat landscape, emerging trends of vulnerabilities, attacks, etc. and translate it into actionable foundational insights and opportunity areas to enhance scanner/WAF vulnerability coverage.
  • Problem solving and troubleshooting skills are a must, as solutions to many problems might not be obvious.
  • Develop tools for the automation of security processes using Python, PERL, PowerShell, etc.
  • Collaborate with engineering teams to support/maintain/design backend applications and other operational platforms 

Candidate Profile:

3+ years of experience in the area of information security with strong understanding of security basics, network vulnerabilities and analysing/developing IPS/IDS/WAF signatures.

  • Good understanding of:
    • Firewalls, proxies, SIEM, antivirus, and IDPS concepts
    • Windows & Linux operating systems (REDHAT)
    • Network security, network layers (OSI Layer-3 and Layer-4)
    • Protocols like TCP/IP, DNS, HTTP, HTTPS, SSH etc.
    • Network Penetration testing and techniques
    • Identify and Analyse network vulnerabilities, Attack reproduction
    • Programming languages like C/C++, Java and Scripting language like Python, Perl, etc.
  • Hands-on experience in:
    • Web-app security  (SQL Injection, XSS, CSRF etc.), OWASP-10, SANS Top 25
    • Network analysis tools like tcpdump, Wireshark, Burpsuite
    • Crafting Regular Expressions, Verification & Validation
    • Vulnerability scanners, IDS/IPS, Application Firewall, VAPT tools: Metasploit, Nessus, etc.
    • Analysing existing or writing new POCs
  • Effective written and verbal communication skills.

Good to have :

  • Developing security related tools / programs
  • Knowledge on Cloud infrastructure services
  • Virtualization software (VMWare , Virtual PC / Virtual Box , XEN , etc), VPNs
  • Knowledge on ModSecurity and Rule writing
  • Experience in any of Java, Test NG, Linux Scripting, shell scripting, Python, Perl
  • Experience/Knowledge in Amazon Web Services
Indusface
Indusface

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Join us

Resume *
Invalid file type please choose a PDF or DOC

Have a friend who
would love this?

Linkedin Icon - Indusface Share with your network
Refer A Friend Program - Indusface