Loading...

Title:  Technical Lead - Information Security

Location: 

Hyderabad, TG, IN Bengaluru, KA, IN

Description: 

Team Summary

Arcesium is a post-trade technology and professional services firm. We offer a new way for hedge fund managers to scale their business while maintaining control of critical non-investment activities. Arcesium combines a comprehensive and fully-integrated technology platform with a team of experienced hedge fund professionals to solve the most complex post-trade challenges of asset managers.

We are looking for an intelligent and passionate candidate for our Security Engineering team based in Hyderabad. The team works with multiple development groups in coordination with the Core Infra group to identify vulnerabilities and design & implement highly secure solutions.

What You'll Do

  • Contribute towards the development of overall cyber security strategy and roadmap(s)
  • Develop solution architectures and blue prints based on business, technology and security objectives
  • Architect enterprise-level security solutions and drive technical design and implementation
  • Resolve security architecture/ design issues across multiple teams and managing dependencies between projects
  • Operate as a technical subject matter expert and advise project teams regarding integration with multiple cyber security technologies
  • Proactively identify and fix security flaws and vulnerabilities in our software

What You'll Need

  • Must have Knowledge of common application security attacks (e.g. Deserialization attacks, Injections attacks, SSRF, XSS, SQL Injection, XSRF, buffer overruns, DoS etc)
  • Must have Experience performing manual security review of applications
  • Experience working with proxy tools such as Burp, ZAP, fiddler
  • Perform source code review of applications written in Java, Python
  • Guidance to developers on fixing the issues
  • Research & Maintain secure coding guidelines
  • Proficient in Secure coding best practices and OWASP TOP 10 vulnerabilities
  • Experience with vulnerability management tools such as Nessus, Qualys
  • Analyzing tool results and removing false positives
  • Good to have experience working with AWS security tools such as WAF, GuardDuty, SecurityHub
  • Must have Experience with any scripting language
  • Knowledge of Kubernetes and Docker containers
  • Strong understanding of security fundamentals and general security technologies
  • Excellent communicator, comfortable discussing/consulting with technical and senior business staff and management
  • Strong interpersonal skills as well as excellent written and verbal communication skills
  • Self-motivated and individual contributor