More jobs:
Job Description & How to Apply Below
Location: Bengaluru
Job Description
Job Description – Security Assessor (Individual Contributor)
Position:
Security Assessor – Individual Contributor
Experience:
5–8 Years
Location:
Chennai, Bangalore, Dubai
Employment Type:
Full-time
Role Overview
We are seeking an experienced Security Assessor (Individual Contributor) with strong hands-on expertise in Web, Mobile, and API security, source code review, and intermediate-level cloud security capabilities and good knowledge of network security. The ideal candidate will also have a solid understanding of the banking domain , business risks, and risk assessment methodologies.
This role requires independently conducting security assessments, identifying vulnerabilities, working with business teams and providing remediation guidance with minimal supervision.
Key Responsibilities
Security Assessments
Perform Web Application Security Testing based on OWASP Top 10, SANS, and industry standards.
Conduct Mobile Application Security Testing (Android/iOS).
Evaluate API Security for REST, SOAP, Graph
QL, and microservices.
Secure Code Review
Conduct manual and automated source code reviews across multiple languages and frameworks.
Provide detailed remediation guidance to development teams.
Cloud Security
Perform intermediate cloud security reviews (AWS/Azure/GCP).
Identify misconfigurations and assess cloud-native security risks.
Network Security
Conduct basic network security assessments and configuration reviews.
Risk Assessment & Governance
Apply strong understanding of banking domain risks , regulatory expectations, and security controls.
Map technical findings to business impact , ensuring accurate risk interpretation.
Perform risk assessment and vulnerability risk rating using industry-standard frameworks (CVSS, OWASP risk rating, custom client risk models, etc.).
Support secure design discussions and provide guidance during architecture reviews.
Reporting & Collaboration
Prepare clear and comprehensive reports with risk ratings and remediation steps.
Collaborate with developers, Dev Ops, infrastructure, and architecture teams to close vulnerabilities.
Support integration of security controls into SDLC/Dev Sec Ops pipelines.
Required Skills & Expertise
Strong hands-on experience in Web, Mobile, and API Security Testing .
Proficiency in manual and automated source code reviews .
Intermediate-level understanding of cloud security (AWS, Azure, GCP).
Basic understanding of network security .
Strong knowledge of banking processes, application workflows, and business risks .
Ability to translate technical vulnerabilities into business impact .
Familiarity with risk assessment frameworks and vulnerability rating mechanisms .
Proficiency with security tools such as Burp Suite, MobSF, Postman, Checkmarx, Fortify, Sonar Qube, OWASP ZAP, etc.
Excellent analytical, documentation, and communication skills.
Ability to operate independently as an Individual Contributor in a fast-paced environment.
Preferred Qualifications
Certifications such as OSCP, OSWE, OSEP, CEH, eWPTX, eMAPT, CISA, CCSK, AWS/Azure Security , or relevant security credentials.
Exposure to Dev Sec Ops pipelines , CI/CD, container security.
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×