Application Security Engineer

Gurugram, Haryana, India Full-time

About Us

At SplashMath, our vision is to transform K-12 learning by making it fun and personalized for every child globally and to prepare them for the skills required in 21st-century. Our flagship product SplashMath is making learning math fun and engaging for K-5 kids. With more than 30M+ students onboard, it is the fastest growing elementary math program in the United States. SplashMath has won almost all Ed-tech awards ranging from Stevie Award for best Ed-tech product, Tabby award for best business, Parents Choice Award, Best App Ever Award, and many others. We believe, this is just the beginning.

What you ‘ll do: Core Responsibility

We are looking for an Application Security Engineer who will play a key role in securing all applications built by SplashMath. 

The person will work with application development teams to ensure that security, privacy, and compliance requirements are built into the applications.  In addition, potential candidate will be expected to help develop tools and scripts to enhance the security processes and systems at SplashMath.

  • Perform manual and automated application security assessments (DAST, SAST) & penetration tests (incl. business logic security testing), for both web & mobile applications (iOS)
  • Review AWS Configuration, Logs etc. for Possible Security Issues & update WAF configuration
  • Document vulnerabilities which were found by various means, prioritize findings and provide recommendations for remediation
  • Provide security recommendations as a subject matter expert for development teams during all phases of development and track open issues and follow up to ensure remediation
  • Validate vulnerability resolutions and ensure they are deployed to production in a timely manner
  • Participate in the change management process ensuring that all releases are reviewed by security before being approved for production
  • Deliver application security training to SplashMath engineers

Qualifications and Skills

  • 3+ years of hands-on application security assessment experience and experience using any one of the tools like Burp Suite, IBM AppScan, HPE fortify, NetSparker, Acunetix
  • Experience in managing WAF & AWS environments for security related activities (incl. Reviewing Configuration, Log reviews etc.) highly desirable. Understands computer network and protocols.
  • Experience with various programming languages (preferably Python and JavaScript)
  • Knowledge of web technologies (JavaScript, HTML5, HTTP, REST, SOAP, etc.) & OWASP Testing Framework, OWASP Top 10 etc
  • Able to multi-task and work independently with minimum supervision to meet firm deadlines

Culture at SplashMath

At SplashMath we dig individuality. We love people who have something to say, and we listen. With us, you will get a chance to weave a little bit of you in our suite of learning products that are being used by millions of users. We have a workplace that is perennially high on energy. You can find people deeply engrossed in conversations that range from the latest movie to the newest tech on the block, and you will also see people who don’t want to have anything to do with that and are quietly typing away on their machines.

For more information about the company, please visit www.splashmath.com

Apply for this opening at http://studypad.recruiterbox.com/jobs/fk01ki1?apply=true