Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access (PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance.

Security Recruitment

Role Overview

The Application Security Engineer who will be responsible for running security scans which include but not limited to SAST, DAST, XSS , SQLi , CSRF and ad-hoc pen-testing.

The candidate should have

1. Hands-on experience in Sonatype, BurpSuite and open source security tools.

2. Experience with conducting different types of web application penetration testing, vulnerability assessments

3. Experience in analysis of technical security weaknesses and to performs risk analyses

4. Understanding and experience with OWASP main projects.

5. Good understanding of how the web works: HTTP(S), HTML, CSS, AJAX, etc

6. Good understanding of SAST, DAST, XSS , SQLi , CSRF.

Key Responsibilities

1. The candidate will play a key role in taking responsibility of analyzing security vulnerabilities and responsible to identify and report them early as well as providing guidance to application teams, and coordinating with cross functional teams across the platform.

2. Implement Application Cyber Security Controls/Policies developed by Application Program.

Ability to demo security vulnerability to application teams.

3. Drive application security issues to a resolution.

4. Provide a clear guidance to application teams during vulnerability mitigation effort

5. Conduct application security assessment using standard application security tools

6. Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status

7. Categorize and recommend assessment strategies for existing and new application development Coach development and stakeholder teams on application security Develop user training material and conduct training sessions (edited)

Technical Skills

1. Knowledge of any scripting language: Shell/Perl/Python/JavaScript

2. Knowledge of SQL

3. Added advantage of knowledge on cloud technology AWS/GCP/Azure.

4. Added advantage of knowledge on docker, Kubernetes

Saviynt is an amazing place to work. We are a high-growth, cloud software company with phenomenal people, that is building the most innovative identity platform in the world. Your time at Saviynt will be worthwhile. You will experience tremendous growth and learning while being part of something you are helping to define and build from the ground up. Through challenging yet rewarding work, you will be able to directly impact our clients, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic high-growth environment you belong with us!