Our Firm



Senior Security Engineer


Spredfast + Lithium | 3050: Development | Bangalore, Karnataka

Job Description (Sr Security Engineer)

What you’ll do

  • Drive the implementation and rollout of security-in-depth concept to ensure security is incorporated in all the different layers within our products
  • Conduct security code reviews using automated and manual techniques
  • Conduct security scanning and testing on our hosting environment and web applications
  • Work with engineering and software QA teams to prioritize and address security bug fixes, security feature implementations and various security enhancements
  • Conduct security architecture design reviews and develop or enhance security requirements related to new and existing software platforms, systems and features
  • Conduct internal and external security assessments, audits, and penetration testing
  • Create and maintain comprehensive internal and external documentation
  • Develop training materials for security awareness and deliver security technology training, such as emerging trends of security risks, latest security tools and methodologies, information security concepts, etc.
  • Manage and enhance a security lab environment
Skills & Requirements

Skills & Requirements


  • 5+ years of professional experience in information security and web application security
  • Excellent understanding of web application technologies (Java, JavaScript, HTML, XML, JSON, REST, AJAX)
  • Deep understanding of OWASP Top 10 and SANS Top 25 application security errors
  • Experience using commercial and/or open source static code analysis tools such as Veracode, Fortify or Checkmarx.
  • Familiarity with scripting languages such as Perl, PHP, Python, Ruby, Shell, etc.
  • Experience with commercial and/or open source security tools (for example: Qualys, Nessus, Metasploit, Wireshark, IDS/IPS, Firewall, etc.)
  • Strong analytical and problem-solving skills
  • Strong oral and written communication skills
  • Associate or bachelor’s degree (Computer Science or Technology preferred)


Additional Desired Qualification


  • Security certifications such as CISSP, CISM, GPEN, CEH, CCNA, etc.
  • Strong understanding of web protocols and standards (TCP/IP, HTTP, SSL, DNS, etc.)
  • Experience with audits and compliance (SAS 70/SSAE 16, ISO 27001, SOX, PCI DSS, etc.)