Security Specialist

  • Gurgaon, Haryana, India
  • Full Time
  • Mid Level

Hey, future #Allstar,

We’re Allbound, a fast-growing, innovative tech startup. At Allbound, our goal is to make businesses and partnerships run smoother and more efficiently through technology. The Allbound platform empowers companies to train, onboard, collaborate, and track deals and opportunities with partners. Simply put, we make it easy to work with partners, helping everyone stay on the same page.

Now that you know what we do, you’re probably wondering, what’s our culture like? We’re passionate about providing the best solutions for our customers, and that could not be accomplished without our team of #Allstars. We celebrate wins and losses together and take every opportunity to embrace challenges with optimism. Overall, we’re here to make a difference in the way people do business all over the world. 

Think you’ve got what it takes to be an #Allstar too?


Allbound is seeking a detail-oriented and process-driven Security Specialist to improve our application, system, and infrastructure security and maintain secure operations. You will be a key member of a growing engineering team building a robust security and privacy program to meet high customer expectations.  

The ideal candidate for this role is eager to work for a SaaS startup poised for continued growth. Our future Security Specialist is seeking an opportunity to grow and advance within a quickly expanding company and industry.

Does this sound like you? If so, apply now.

Primary Responsibilities

  • Advice and guide product security strategy (“security by design”) together with the engineering team
  • Execute and guide threat modeling exercises and security risk analyses during design/development phases
  • Own and perform Application Security Vulnerability Management
  • Assist in developing automated security testing to validate that secure coding best practices are being used.
  • Lead all the compliance and audit processes for Allbound (SOC2, GDPR, CCPA, etc)
  • Support the engineering teams in growing and maintaining the Cloud Infrastructure on AWS
  • Guarantee compliance with privacy regulations from a product development perspective
  • Protects the systems by defining access privileges, control structures, and resources.
  • Monitor and improve security controls in the design and development phases:
    • Security baseline
    • Code review process
    • Vulnerability management (e.g., of open source packages)
    • Vulnerability scanning (tooling and configuration)
    • Application security testing
  • Follow up incident response management and vulnerability disclosure processes.
  • Stay up-to-date with the latest security/privacy technologies, trends, and regulations and translate impact to the business stakeholders.

Required Experience

  • Bachelor’s Degree in CS or related field or equivalent experience
  • Solid understanding of security protocols, cryptography, authentication, authorization, and best practices
  • Familiar with OWASP projects (Top 10, ASVS, SAMM, …)
  • Familiarity with common security libraries, security controls and common security flaws.
  • Understanding of network and web-related protocols (such as TCP/IP, UDP, HTTP, HTTPS, SSL, etc.)
  • Understanding of virtualization and container technologies (Docker, Kubernetes) 
  • Experience with the AWS networking services WAF, VPC, NACL, Security Groups, Route53, etc
  • Experience implementing multi-factor authentication, single sign-on, identity management, or related technologies
  • Experience with agile development process across international teams
  • Good verbal, written, presentation, facilitation, and interaction skills, including the ability to effectively communicate risks, issues, and concepts to multiple organization levels and customer management
  • Experience with SAST and DAST tools.

Big Pluses

  • Experience achieving and maintaining compliance with SOC2, NIST 800-53, and other security frameworks
  • Professional security training and certification
  • Hands-on experience with Docker, Kubernetes and managing the complete cloud infrastructure for a SaaS company
  • Hands-on experience with EDR, Cloud Proxy, SSO, MDR, MDM.
  • Hands-on experience with managing build and deployment pipelines

Intangibles

  • Customer-centric mindset
  • Detail-oriented
  • Life-long learner
  • Business-minded thinker
  • Process-driven
  • Team player who loves to share knowledge and credit
  • Loves a startup environment

Benefits and Perks

  • Competitive Salary
  • Paid Holidays
  • Medical  Insurance
  • One of the best PTO policies

Allbound is Proud to be an Equal Opportunity Employer

Individuals seeking employment at Allbound are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation.

Read More

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*