Please click on the Apply to verify the status of jobs posted more than 15 days ago, as they may have expired. Similar Jobs
Job Description
- As a Security Engineer at Meesho, you will play a crucial role in ensuring the security of our products throughout their development lifecycle. Your responsibilities will include participating in threat modeling and design reviews from the initial stages to identify potential risks. You will integrate and manage SAST tools within our CI/CD pipeline to ensure continuous security testing as code evolves. Additionally, you will lead and conduct vulnerability assessments and penetration testing (VAPT) to proactively uncover and address security vulnerabilities before they reach production.
In this role, you will lead and manage all aspects of the Secure Software Development Lifecycle (SDLC) and implement security tools within the CI/CD pipeline following the DevSecOps approach. Your duties will also involve overseeing VAPT for various platforms such as web applications, APIs, iOS, and Android apps. You will be responsible for executing threat modeling, design, and architecture reviews to identify potential risks and enhancing security in production environments through manual source code reviews.
Furthermore, you will manage and optimize a self-managed bug bounty program, provide security architectural guidance to Engineering and IT teams, and handle issues identified from penetration tests and bug bounty programs. You will lead security training and awareness campaigns across the organization, manage Web Application Firewalls (WAF) to ensure robust protection, and engage in the Security Champions program to integrate security practices within teams. Your role will also involve assisting in creating and maintaining Security Risk Models for both new and existing systems.
To excel in this role, you should have at least 7 years of experience in product security with a focus on application security and DevSecOps. You must demonstrate proven experience in leading architectural changes or cross-team efforts to mitigate security vulnerabilities. Proficiency in programming languages such as Java, React, Node.js, and Python is essential, along with hands-on experience in manual source code reviews and securing production code. Expertise in deploying and managing security tools in CI/CD pipelines, experience with cloud platforms like AWS or GCP, and familiarity with Docker and containerization technologies are highly desirable.
Looking to get Placed? Try our Placement Guarantee Plan
Candidates with additional experience in infrastructure security, particularly in GCP, Docker, and containerization, will be considered a bonus. Possessing relevant certifications such as GIAC Web Application Penetration Tester (GWAPT) or OffSec's Advanced Web Attacks and Exploitation (WEB-300) will be advantageous. A strong understanding of SSO protocols, experience speaking at meetups or conferences, and participation in bug bounty programs will also be beneficial for this role.
At Meesho, we are committed to democratizing internet commerce for everyone and empowering small businesses to succeed online. If you are passionate about building impactful solutions with a fun and dynamic team, then this role is perfect for you. Join us at Meesho and be part of our journey in creating a positive impact in the e-commerce industry.,
Skills
PythonJavaNode.jsSoftware DevelopmentTestingCloudReactJenkinsPythonGCPArtifactoryReactContainerizationDockerNodejsAWSGitJavaIf an employer asks you to pay any kind of fee, please notify us immediately. Jobaaj does not charge any fee from the applicants and we do not allow other companies also to do so.
About Company
Meesho is India’s fastest growing internet commerce company and we are here to make eCommerce accessible to everyone. Our vision is to enable 100 million small businesses in India, including individual entrepreneurs, to succeed online. Meesho is democratising internet commerce by bringing a range of products and new customers online. What started, six years ago, as a reseller-focused platform enabling millions to sell online, has now emerged as a single ecosystem connecting sellers to consumers and entrepreneurs.
Important dates & deadlines?
Application Deadline
17 Oct 25, 01:14 PM IST
Similar Jobs
View All
Don't Miss out any Updates
Subscribe now for the latest job alerts
and never miss an update
Security Engineer IV
Share with
