< Retour aux résultats de recherche

Senior Security Engineer

Marque: Victoria's Secret
Emplacement: Bangalore, Karnataka, IN

Domaines d’emploi: Information Technology
Type d’emploi: Full-time
Job ID: 04DMH

Description

Purpose

Senior Security Engineer works within global information security function and will be responsible for Infrastructure and Application Pentest that includes Dynamic Application Security Testing, API Pentest, manual application and infrastructure Pentest.  Candidate will be responsible for ensuring the security and integrity of applications and underlying infrastructures.

Responsibilities:

  • Perform Application Security Assessment and Pentest for AI models, interfaces, and data pipelines (e.g., prompt injection, model inversion, jailbreaking, Agentic behaviour Limit etcetera)
  • Perform application security testing and Pentest – Dynamic web/mobile Application Security Testing and API Security Testing
  • Identify vulnerabilities/misconfigurations in network devices, servers, firewalls, Cloud and other infrastructure components
  • Perform Social Engineering, IOT/OT, Wireless, Active Directory and Web/Mobile Application Penetration Testing
  • Design and simulate end to end Pentest exercise to identify gaps in process and systems that a threat attacker can exploit to gain unauthorized access
  • Identify misconfigurations, AD flaws and perform exploitative Pentest
  • Perform Red team activities and work with blue teams to validate detection and response capabilities
  • Assess vulnerabilities and classify them based on the impact assessment
  • Collaborate with Dev team and drive remediation – tracking vulnerabilities and remediation progress
  • Participate in daily standups and provide cybersecurity updates

Business Strategy

  • Possess deep functional knowledge & work as subject matter expert as needed
  • Expertise to coach & demonstrate know how as needed

Change Management

       Change agent with strong credibility and influence team

 

Relationship Management

  • Work closely with the respective stakeholders. Collaborate and build strong relationship with functional teams to ensure required support for vulnerability remediation and enhancement of processes.

  • Excellent collaboration skills and the ability to influence team members

Qualifications

Qualification:

Education & Skill

  • Bachelor’s degree in Information Technology/Information Security or equivalent experience in technology
  • Security certifications preferred such as:
    • GIAC Web Application Penetration Tester (GWAPT)
    • EC-Council Certified Penetration Tester (CPENT)
    • Offensive Security Certified Professional (OSCP)

Work Expérience :

  • 5-8 years of experience in Infrastructure and Application Security Penetration Testing
  • Fair understanding of AI deployment model, underlying infrastructure and related security
  • Thorough understanding of OWASP  AI Pentest guidelines, OWASP LLM Top 10 and MITRE ATLAS and other relevant AI security frameworks
  • Experience in using different Penetration Testing Tool framework
  • Experience in infrastructure Penetration Testing – Active Directory, Perimeter Devices, OT/IOT systems, Wireless devices etcetera
  • Good understanding of OWASP Top 10 vulnerabilities and MITRE ATT&CK Framework
  • Strong verbal and written communication skills
  • Ability to communicate technical issues to non-technical audiences

Victoria's Secret

Postuler

Partager ce poste