smallcase is on a mission to change how India & Indians invest. We build products & tools for individuals to invest better in stocks & ETFs and platforms & infrastructure for the industry to offer better investment products. Our user community is 6,50,000+ strong & we work with the largest financial brands in India like HDFC, Kotak, Edelweiss, IIFL & more
Looking for experienced folks in the area of information security with a strong understanding of security, network vulnerabilities.
Responsibilities
Own the complete security layer at smallcase
Ensure good compliance, we work with a lot of regulated entities
Assess and fix existing and new security considerations
Work with other Engineers to encourage security as a design paradigm and establish good practices
Enable security on the cloud for a modern product
Requirements
2+ years of relevant experience
A hacking mentality
Strong understanding of Unix based systems
Scripting - Python, shell
Understanding of cloud architectures and how to secure them
Understanding of data security on the cloud, in rest and in motion
Familiarity with web-app security concepts (SQL Injection, XSS, CSRF, RCE, IDOR etc.),OWASP-10
Strong understanding of networks and security - analysis tools, penetration testing, firewalls, VPCs, VPNs
Familiarity with security and compliance best practices
Familiarity with tools for Vulnerability scanners, IDS/IPS, Application Firewall, VAPT
Interest in building a team
Good to haves
Interest in finance
Understanding of Android-app security