ApplicationSecurityEngineer

Atomicwork is on a mission to transform the digital workplace experience by uniting people, processes, and platforms through AI automation. Our team is building a modern service management platform that enables growing businesses to reduce operational complexity and drive business success. This is a hybrid position based out of our Bengaluru office. We offer competitive pay to employees and practical benefits for their whole family. If this sounds interesting to you, read on. What we’re looking for (qualifications) Familiarity and ability to explain common security flaws and ways to address them (e. g. OWASP Top 10) Experience identifying security issues through code review. Proficient in at least one of the CI/CD products - Github actions, ArgoCD, Jenkins Proficient in Java or Python Familiarity with some common security libraries and tools (e. g. static analysis tools, proxying / penetration testing tools). Good understanding of network and web related protocols - TCP, TLS, HTTPS, DNS Ability to work effectively in a fast-paced environment. Good knowledge in multiple classes of vulnerabilities that includes cross-site scripting, SQL Injection, CSRF, cryptographic related weakness, and code injection. Nice to have: Proficient in Kubernetes, AWS & Linux. Good understanding if REST architecture framework & SQL & non-SQL databases What you’ll do (responsibilities) Developing and improving our tools and processes designed for discovering and aggregating security vulnerabilities Perform manual & automated assessment of various Atomicwork applications. Building repeatable and automated security test suites Perform security-focused code reviews Analysing system services, spotting issues in code, networks and applications Integration and automation of SAST in the DevOps pipeline. Support the bug bounty program. What we offer (benefits) We are big on benefits that make sense to you and your family. Fantastic team —the #1 reason why everybody joins us. ‍ Convenient offices —