Lead Application Security Engineer

Aera Technology

  • Pune, Maharashtra
  • Permanent
  • Full-time
  • 29 days ago
Aera Technology is the Decision Intelligence company. We deliver innovation and services that enable enterprises to operate sustainably, intelligently, and efficiently. Our platform, Aera Decision Cloud™, integrates with your existing systems to digitize, augment, and automate decisions in real time. Aera helps enterprises around the world transform decision making - delivering millions of recommendations that have resulted in significant revenue gains and cost savings for some of the world's best-known brands.Responsibility
  • Lead the application security program through tools and technologies to prevent OWASP Top 10 type of attacks.
  • Build our Secure Development program including secure development training and testing.
  • Oversee our penetration tests and remediation plans.
  • Work with our field teams to understand our data ingest and identify risks with new types of data.
  • Build our SCA and SAST tools in our CI pipeline.
  • Lead the application security processes including managing the existing security tools in the CI/CD pipelines, reviewing proposed project architectures, initial threat modeling, triage of the identified application security defects and the suggested fixes.
  • Work closely with the development teams to promote best application security practices.
  • Work closely with the infrastructure and the DevOps teams to ensure consistent implementation of the security standards including the remediation of the identified gaps in the security posture.
  • Contribute to the bug bounty triage and remediation processes.
  • Certify the security of each deliverable
Requirements
  • 5+ years of Software Development experience.
  • 3+ years of pen testing or bug bounty experience.
  • 4+ years working with SCA, SAST, and DAST tools and building remediations.
  • Expert in the OSI model and the security controls at each level.
  • Expert in OWASP top 10 attacks, remediations, and controls.
  • Must be able to communicate and prioritize security findings with developers.
  • Bachelor's degree in computer science, Information Technology, or a related technical area·
  • 3+ years of experience in cloud environments. Proficient in Bash, Powershell or other scripting languages.
  • Proficient with container technologies (Docker), orchestration (Kubernetes) and infrastructure as code (Terraform).
If you share our passion for building a sustainable, intelligent, and efficient world, you're in the right place. Established in 2017 and headquartered in Mountain View, California, we're a series D start-up, with teams in Mountain View, San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune (India), and Sydney (Australia). So join us, and let's build this!Aera Technology is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.Benefits SummaryAt Aera Technology, we strive to support our Aeranauts and their loved ones through different stages of life with a variety of attractive benefits, and great perks. In addition to offering a competitive salary and company stock options, we have other great benefits available. You'll find comprehensive medical, Group Medical Insurance, Term Insurance, Accidental Insurance, paid time off, Maternity leave, and much more. We offer unlimited access to online professional courses for both professional and personal development, coupled with people manager development programs. We believe in a flexible working environment, to allow our Aeranauts to perform at their best, ensuring a healthy work-life balance. When you're working from the office, you'll also have access to a fully-stocked kitchen with a selection of snacks and beverages.

Aera Technology