Job Title

Send resumes to: Location: NoidaExp: 3+ yearsAbout the RoleWe seek an actively-minded and technically, technologically experienced, (3-4 years) PSIRT Engineer. The preferred candidate must possess an effective background in software development, security incident response, and code review to detect the vulnerabilities of the product codebases and third-party integrations.Key ResponsibilitiesEngage in product vulnerability-related security incident response, detection, to resolution.Review code routinely to find and prioritise possible weaknesses or bad patterns, or insecure design implementations.Evaluate both internal/external vulnerability reports (e.g., bug bounty programmes, disclosures by customers, vulnerability scanners).Work with development teams to reproduce, evaluate, and fix reported vulnerabilities.Keep the PSIRT process running - monitoring CVEs, arranging vulnerability reporting, and creating advisories.Lessons learned and root cause analysis of support to improve post-incident.Keep abreast of the most recent vulnerability trends and strategies of attacks and defence.Required Skills & Experience3-4 years working in Product Security, Application Security, or PSIRT.Good knowledge of C, C++, Java, Python, or Go (capable of conducting reviews).Familiarity with the use of static and dynamic code analysis tools (e.g., App Scan , Klockworks ).Understanding of software vulnerability types (e.g. buffer overflows, XSS, SQLi, CSRF, race conditions).Practical implementation of CVSS scoring, CVE management and coordinated disclosure.Knowledge in threat modelling and secure development lifecycle (SDLC).Sound knowledge of network protocols, APIs and operating systems (Linux/Windows).Good communication and documentation expertise to carry out connections between the engineering and product teams.Preferred / Nice-to-HaveWork with open-source vulnerability scanning tools (e.g., Snyk, Dependency-Cheque, Trivy).Reverse engineering/binary analysis knowledge (e.g. Ghidra, IDA Pro).Introduction to incident management models (FIRST, ISO 30111, ISO 29147).Certifications such as CEH or Security+ are an advantage.Past input to security advisories or open source PSIRT programmes.Soft SkillsCritical thinking and detailing.Close cooperation and interaction among cross-functional teams.Effective prioritisation and handling of several incidents.Love for learning and never ending product security.