Myntra off- campus recruitment drive to hire candidates for Associate Principal Engineer. Inteesterd candidate can read the details and apply as soon as possible.
About: Myntra is a one stop shop for all your fashion and lifestyle needs. Being India’s largest e-commerce store for fashion and lifestyle products, Myntra aims at providing a hassle free and enjoyable shopping experience to shoppers across the country with the widest range of brands and products on its portal. The brand is making a conscious effort to bring the power of fashion to shoppers with an array of the latest and trendiest products available in the country.
Position: Associate Principal Engineer
- The candidate should be a team player with good interpersonal skills and should be able to work independently with minimum supervision in a complex Infrastructure environment.
- Ability to clearly communicate needs and requirements and influence stakeholders with minimal supervision.
- Ability to accurately estimate effort, set and meet deadlines.
- Experience in research and development in – red team exercises, threat hunting, OSINT, Threat Modelling and building security tools.
- Good understanding in DevSecOps, security architecture review and network security assessments.
- Good experience in developing and/or maintaining multi-tier applications and hands-on development using Java / J2EE or .NET Technologies or any Web.
- Good understanding of any application web servers. Well versed with OWASP standards. Unix / Linux / Debian.
- Hands-on experience with technology and to contribute to the design, development, and support of projects with the security recommendations.
- The candidate should have 3+ of experience in web application and mobile application security vulnerability assessment and penetration testing.
- Perform Static, Dynamic security testing (SAST and DAST) including penetration testing for thin & thick client-based applications.
- Exploit security flaws and vulnerabilities with attack simulations on multiple applications in the Android and IOS platforms.
- Develop PoC/exploits for vulnerabilities identified.
- Provide remediation guidance to identified vulnerabilities.
- Manual and automated security testing of Web applications, APIs, and mobile Apps.
- Use automated and manual code review techniques to identify application security vulnerabilities.
- Perform software applications reviews for potential security vulnerabilities by conducting application security reviews.
- Perform requirements review, design review, code review, and perform code review across multiple programming languages.
- Identify complex vulnerabilities such as business logic flaws and articulate to both technical and non-technical partners.
- Document vulnerabilities and work on vulnerability mitigation analyze application security policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material.
- Develop and maintain security testing plans and automate penetration and other security testing on the application, systems, networks, and data layers.
- Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make decisions based on risk.
- Produce actionable, threat-based, reports on security testing results.
- Build and maintain relationships with key stakeholders and business partners.