Performs static/dynamic code testing, manual code inspection, threat modeling, design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects. Supports the implementation and enforcement of secure design principles according to policies, standards and patterns of Information Security. Serves as a Subject Matter Expert (SME) in web application security for enterprise projects during development phases to provide Information Security consulting and recommendations, ensuring the implementation of approved security requirements. Develops and implement manual and automated web application security testing of financial web applications to enforce security standards. Works with security product vendors and service providers to evaluate security offerings, including product evaluations, proof of concept and pilot installations
• Work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Perform static/dynamic code testing, manual code inspection, threat modelling design reviews and penetration testing of internal web applications and external partner applications to identify vulnerabilities and security defects.
• Partner with team members in application risk assessment and risk categorization.
• Network with and act as a liaison between Security and software development teams and work closely with feature teams early on in the design phase to ensure applications are built securely.
• Support the implementation and enforcement of secure code design principles according to policies, standards, and patterns of Information Security.
• Design, develop and support security libraries that can be consumed by UI and backend systems with minimal effort.
• Understand online security breaches including detection and prevention. • Keep up-to-date with the latest cyber-crimes.
• Create reports and dashboards based on security events/incidents.
• Keep up-to-date with the latest security tools and trends and accordingly providing guidance to the team.
• Incorporate security in CI/CD workflow.
• Conduct assessments of web applications, client-side applications and tools, and APIs.
• Develop and implement manual and automated web application security testing of web applications to enforce security standards.
• Works with security product vendors and service providers to evaluate their security offerings
What We're Building
Kissht is solving the problem of ease of access to quick and instant personal loans when making ecommerce purchases. Think of us as the Bajaj Finserv for the eCommerce world. We are aiming to cut down the hassle and frustration for taking a small purchase loan down to zero.
Founded by CMU, Yale, IIT Mumbai and IIT Delhi graduates who've previously built innovative trading solutions, risk and credit management solutions and strategies at varied places like McKinsey, All Major Indian Banks, US Hedge Funds and many payment startups.
Kissht provides access to flexible credit, to a large segment of India’s young demographic who do not traditionally have access to it. Kissht aims to radically change the end-to-end customer experience of a borrower, for their personal and professional growth, and make young Indians more financially independent and financially literate, thus revolutionizing the way banking is done for today’s smartphone-wielding Indian.