Job Description

At Zscaler, we’re committed to ensuring that all of our applications and systems are protected. Security is tightly woven into product and infrastructure development. We are responsible to ensure that our engineering partners build systems that are secure-by-default and to protect our users’ most sensitive data. As a Security Engineer, you will be joining a team of engineers who will champion security initiatives throughout the organization. You will be responsible for security assessments, penetration testing and building processes to make secure-by-default as a standard. You will be conducting regular audits/tests to identify risks and prioritizing fixes for the identified risks. You will continue to raise the bar to make our applications and products secure.

Key Responsibilities:

1. Role is to work in web application security assessments, hands on techniques for identifying SQL injections, XSS, CSRF, authentication, OWASP top 10 issues
2. Provide expert advice and recommendation to application development team as well as vendor
3. Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people.
4. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.

Qualifications

1. Good knowledge of security technologies for secure software development such as cryptography, authentication techniques and protocols etc
2. Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP, BEEF, MetaSploit and exploitation Identifying exploiting business logic framework related vulnerabilities
3. Experience in removing false positives, analyzing dynamic scan web inspect, appscan reports
4. Knowledge of SDLC and Shift-Left
5. Expect to have good verbal and written communication and a good team player