Location
India/Remote
Department
Technical NSS (India)
Advertising Salary
Competitive

About The Role

Essential Roles & Responsibilities
  • Demonstrate the ability to manage and lead multiple security initiatives and programs concurrently.
  • Work with various security domains, including SAST, DAST, Mobile, Cloud Security, Container Security, and Architecture reviews.
  • Exhibit proficiency in collaborating with multiple vendors to support and enhance security capabilities.
  • Handle work allocations and establish delivery models for both full-time team members and contractors.
  • Lead and oversee the execution of security programs.
  • Collaborate with divisions and stakeholders to ensure the integration of security measures within the Software Development Life Cycle (SDLC).
  • Perform requirements review and actively participate in architecture/design reviews, emphasising security test strategy and best practices.
  • Handle the work allocation & delivery model for the full-time team members and the contractors.
  • Work with the divisions/stakeholders to ensure security is embedded within the SDLC
  • Perform Requirements review and participate in architecture/design reviews with an emphasis on security test strategy and ensuring best practices.
  • Strong communication skills and ability to produce clear, concise, and detailed documentation.
  • Design, create, and execute penetration tests on Web, Mobile, API, and Infrastructure as required.
  • Develop security test strategies, plans, and test cases, analyse results, and report findings to the teams.
  • Demonstrate experience in DevSecOps with hands-on expertise in Python and PowerShell scripting.
  • Contribute to security engineering and the development of Secure Design patterns.
  • Good understanding of code build process across multiple technology stacks/frameworks, MVC architecture, microservices, service mesh architecture, etc.,
  • Train and empower developers on security principles and coding practices.
  • Define security requirements in software development design and collaborate with developers to integrate security into the overall design.
  • Good to have knowledge of industry standards and frameworks like ISO 27001, PCI, OWASP, MITRE, CVSS.
  • Work in partnership with the development teams to deliver business functionality on time with the required quality that meets the acceptance criteria.
  • Demonstrate a good understanding of networking concepts.
  • Involved in requirements review and participate in architecture/design reviews with an emphasis on security test strategy and ensuring best practice.
  • The ability to work with stakeholders throughout the vulnerability lifecycle to communicate issues and provide remediation guidance.
  • Provide subject matter expertise in support of security incidents/investigations as required.
  • Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications.
  • Work towards execution of projects.
  • Strong communication skills and ability to produce clear, concise, and detailed documentation.
  • Excellent problem solving, analytical, and technical troubleshooting skills.

About You

Position Specifications
  • 8+ years of experience in information security
  • 4+ years of client-facing consulting work experience performing penetration testing.
  • Knowledge of common application security flaws, threat modelling, security controls, and common security libraries 
  • Understanding of security engineering principles, including cryptography, access control, system security, and security operations 
  • Experience working with Developer organisations 
  • Experience with code scanning (SAST, DAST) tools for Javascript, Java, and Python languages and relevant frameworks. 
  • Proficiency in programming languages and scripting (e.g., Java, Python, Ruby).
  • Excellent communication skills (written and verbal) with an ability to explain complex topics in a clear and concise manner to both technical and non-technical audiences 
  • Basics to intermediate development and scripting skills in at least one programming language 
  • Knowledge of cloud services and cloud security controls 
  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • Proven experience as an Application Security Architect or in a similar role.
  • Strong understanding of secure software development principles and practices.
  • Relevant security certifications (e.g., CISSP, CSSLP) are a plus.

About Us

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.

At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds, or as homeworkers.

Working for Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean with). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, dental, discounted gyms and app supported benefit access.  

But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. We proudly support local charities in each of our office locations, support employees with paid charity leave, organise key charity fundraising event per year and have a dedicated committee responsible for supporting employee’s fundraising efforts.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organisations, we are dedicated to building a more diverse and inclusive workforce. We are also very proud members of Tech Talent Charter, a government supported, industry-led membership group created to address the UK’s tech talent shortage and diversity gap through collective action.

Claranet Cyber Security is a world class business unit within Claranet, giving customers access to market-leading information security services spanning, training, consulting, and managed security services. Formed through the combined forces of NotSoSecure (based in US, UK and India), the UK Security Business Unit (previously known as Sec-1), and units in Brazil, France and Portugal.

Our work takes us around the world where we speak and provided Hacking Training at top security events such as BlackHat, AppSec, OWASP, Ruxcon Breakpoint, Defcon, HITB, and BruCON. Our Penetration Testing work feeds into this; we apply our research and share our knowledge through our Hacking Training, white papers and tools. Check out our blog posts on the NotSoSecure website.

The team has a strong heritage of penetration testing, consultancy and security training for leading worldwide brands, built on the quality of its technical team and excellent customer service. In recent years the teams have also created a number of new managed security services, and has aspirations to grow significantly over a number of markets, including US, Brazil, France and Germany, through sales to existing and new medium and larger enterprise organisations.

Our Vision

Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.

Role Summary

Our consultants work on everything from client projects to development work and training, dealing with large corporate penetration tests to gaining credit for published advisories. Technical excellence and customer service are key to our work, you will be passionate about finding vulnerabilities while being happy liaising with customers.

Our team is growing, and we need inspiring people to join us and help us to continue to build a world leading cyber security operation whilst benefiting from the opportunity to fulfil their potential.

Based in INDIA, this work will lead on penetration testing, SDLC projects including on-site work, but will have the opportunity to work on projects with worldwide clients, and will form part of our global team of penetration testers who share research, tooling, experience and collaborate freely on projects.

As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training, to both private customers, at our own events, and at leading international conferences.

Other jobs like this

    Location
    India/Remote
    Department
    Technical NSS (India)
    Advertising Salary
    Competitive
    Location
    Leeds/remote
    Department
    Technology Practice
    Advertising Salary
    Competitive
    Location
    India/Hyderabad
    Department
    Group Operations
    Advertising Salary
    Competitive