Software Test Engineering II-SUPPORT SERVICES-Applications-CTB at Kotak Mahindra Bank

, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

27 Apr, 26

Salary

0.0

Posted On

27 Jan, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Architectures, Threat Modelling, Vulnerability Scanning, Penetration Testing, Security Tools, Automation, Incident Response, DevSecOps, Security Metrics, Cloud Security, Scripting Languages, Programming Languages, Analytical Skills, Problem-Solving Skills, Security Frameworks, Security Assessments

Industry

Banking

Description

Kotak is at the forefront of technological transformation, building high-performance, scalable & secure systems that deliver a world-class banking experience for our customers. Our Platform Engineering team is the backbone of the organization, crafting the infrastructure and tools that fuel our product development. We are a collaborative and dynamic team of engineers who are obsessed with delivering exceptional developer experiences. We foster a culture of innovation, where experimentation is encouraged, and everyone contributes to our shared success. We are seeking a skilled Security Engineer to join our Platform Engineering team. You will be instrumental in safeguarding our applications & services by designing, implementing, and maintaining robust security measures. This role requires a deep understanding of security principles, a proactive mindset, and a passion for protecting sensitive information. Responsibilities: Design and implement security architectures, standards, and policies aligned with industry best practices. Conduct thorough threat modelling to proactively identify potential vulnerabilities and risks at the early stages of development. Execute security assessments, vulnerability scans, and penetration testing to uncover and mitigate risks effectively. Develop and maintain robust security tools and automation to streamline security processes and enhance efficiency. Implement proactive security monitoring and incident response processes, conduct in-depth root cause analysis, and implement corrective actions to prevent recurrence. Collaborate seamlessly with development teams to embed security into the software development lifecycle (DevSecOps) and foster a security-first culture. Define and track key security metrics to measure the effectiveness of security initiatives and drive continuous improvement. Stay up to date with the ever-evolving security landscape, emerging threats, and cutting-edge technologies to safeguard our systems. Qualifications: Bachelor's degree in Computer science, Information Security, or a related field. Expertise in integrating security testing tools (SAST, DAST, SCA) into the development environment to ensure early vulnerability detection. Proficiency in security frameworks and standards (e.g., OWASP Top 10, NIST, CIS, ISO 27001) to ensure compliance and best practices. Proficiency in scripting languages (PowerShell, Bash, etc.) and programming languages like Java, Python to facilitate automation and integration. Knowledge of cloud security (AWS, GCP, Azure) to protect cloud-based infrastructure and data. Experience with security tools (e.g., vulnerability scanners, intrusion detection systems) to identify and address threats effectively. Strong analytical and problem-solving skills to address complex security challenges. Preferred Qualifications: Certifications (e.g., CISSP, CISA, CISM) to demonstrate advanced security knowledge and expertise. Experience with DevSecOps practices and tools to foster a collaborative security approach.

Responsibilities

The role involves designing and implementing security architectures and conducting thorough threat modeling to identify vulnerabilities. Additionally, the engineer will collaborate with development teams to embed security into the software development lifecycle.