Job Title

CriticalRiver Inc. is a global technology consulting company specializing in Salesforce, NetSuite, and Oracle solutions. We provide consulting, implementation, integration, analytics, managed services, and quality assurance to help clients drive digital transformation and improve operational efficiency.Our expertise spans cloud, automation, and next-generation technologies such as AI/ML, IoT, RPA, and Industry 4.0. We serve a diverse range of industries, includingEnergy & Utilities, High Tech, Financial Services, Manufacturing, and Not-for-Profit.At CriticalRiver, we are committed to delivering innovative, end-to-end solutions that empower our clients to achieve sustainable business growth while fostering a culture of collaboration, innovation, and continuous learning.Role SummaryWe are seeking an experienced Security Engineer with 8+ years of expertise to join our team. This role focuses on securing web applications, distributed systems, and blockchain infrastructure while implementing industry-best security practices across the organization.Responsibilities- Design and implement comprehensive security controls across application ecosystems - Conduct thorough security assessments using SAST/DAST tools (SonarQube, Burp Suite, OWASP ZAP) - Architect secure web applications with proper HTTPS, TLS, HSTS, and Content Security Policy implementation - Manage and optimize key management infrastructure using Key Vaults - Establish robust identity and access management frameworks with RBAC enforcement - Provide security guidance for Hyperledger Fabric blockchain implementation and setting up Fabric CA - Lead vulnerability remediation efforts based on OWASP Top 10 guidelines - Collaborate with development teams to integrate security into the SDLC - Develop security standards, policies, and best practicesRequired Skills & Qualifications- 8+ years of hands-on experience in application and web security - Deep expertise in OWASP Top 10 vulnerabilities and mitigation strategies - Proven experience with SAST/DAST security testing tools - Strong knowledge of secure web protocols: HTTPS, TLS 1.2/1.3, HSTS, CSP - Hands-on experience with Key Management Systems - Expertise in identity management solutions and RBAC implementation - Practical experience with Hyperledger Fabric security architecture - Strong understanding of cryptography, secure coding practices, and threat modelling - Excellent communication and collaboration skillsPreferred Qualifications- Security certifications (CISSP or similar) - Experience with cloud security (Azure, AWS, GCP) - Knowledge of container and Kubernetes security - Familiarity with DevSecOps practices and CI/CD pipeline security - Experience with security monitoring and incident response