Stay in Touch

TITLE

 

Application Security Architect

COMPANY

 

Qubole

LOCATION

 

Bangalore, IN

Description

Qubole, the leading cloud-agnostic, big data-as-a-service provider, is passionate about making data-driven insights easily accessible to anyone. Qubole delivers the industry’s first autonomous data platform. The cloud-based data platform, Qubole Data Service (QDS), removes the burden of maintaining infrastructure of multiple big data processing engines, and enables customers to focus on their data. Qubole customers process nearly an exabyte of data every month. Qubole investors include Charles River, Institutional Venture Partners, Lightspeed, Norwest, Harmony and Singtel Innov8. 
 
About the Role
As an Security Application Developer you would be expected to be a passionate coder who wants to take their skillset to new heights by applying security methodologies, techniques and tools to code.  As a Security Application Developer you would make significant contributions to security, engineering by improving effectiveness and ensuring that the code is free of dangerous security defects. The successful candidate would be expected to develop elegant solutions to potentially complex business and application programs and apply technology solutions while teaching others the value of secure code and following best practices.
 
Security Application Developers are expected to constantly seek opportunities for improvement not only to the code but to the entire stack, ensuring that code is not only secure but optimized.  That security doesn’t reduce efficiency but improve it. You would be expected to have experience in at least two of the four of the following C++, Java, Ruby, Python and have experience working in UNIX/Linux environments hosted in the Cloud (AWS/Azure) and operating in/on containers.

Responsibilities

    • Identify and exploit vulnerabilities in open source, and custom software applications; infrastructure, code; and processes running across cloud applications operating in multiple clouds
    • Never stop learning the latest and most advanced security testing techniques, development tools, and frameworks
    • Maintain testing tools and creating new tools where appropriate
    • Design and implement security related application features features
    • Help find security issues in feature requirements, technical designs, and implementations and understanding (or want to learn) security testing (e.g. fuzzing)

Qualifications

      • Highly Technical. You have Java/Ruby/Python experience and understand how things work and you write code
      • You enjoy being creative and curious - approach problems from multiple angles and dig into new topics and apply insights to your projects.
      • Experience with Amazon AWS/Microsoft Azure services as a IaaS/PaaS and optionally containers (Dockers/Kubernetes)
      • Experience with static code analysis techniques, such as Fortify or CheckMarx, or open-source equivalents; threat analysis or modeling helpful
      • Experience understanding security aspects of pentest assessment and mapping security findings into software engineering bugs fixes or enhancement requests
      • Strong Understanding of security models surrounding encryption, authentication, authorization and access controls, and related open-source technologies
      • Understanding of data security and access modeling for relational and non-relational data stores
      • Bachelor's degree in Information Technology, Computer Science, or related field and 6 years experience in information technology or related field within the last 10 years OR 8 years experience in information technology or related field within the last 10 years.
 
Additional Preferred Qualifications
    • OSCP, OSWP, OSCE, GPEN, GWAPT, GXPN certifications (current)
    • Experience with bug bounty programs

Apply for the job

Subscribe to our blog.


 

Blog & Newsletter Signup