Security Engineer - Application Security

Bangalore, Karnataka
1. Engineering – Security Engineering
Full time
About the Role

At Hotstar, we have over 300 million users and capture close to a billion click stream messages daily. The engineering team at Hotstar is at the centre of the action and is responsible for creating unmatched user experience. Our engineers solve real life complex problems and create compelling experiences for our customers.
The Security team helps secure applications that run the Hotstar business, streaming product, live broadcast and social gaming. Security team helps secure platforms, application(mobile and living room) and the cloud-based infrastructure on which Hotstar services are built to handle scale nothing like any other OTT service. We need passionate hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses.
The pace of our growth is incredible – if you want to tackle hard and interesting problems at scale, and create an impact within an entrepreneurial environment, join us!

Your Key Responsibilities

    • Perform security assessment of web applications, Android, iOS mobile applications and on different platform TV applications
    • Work on new product features to make Hotstar users and data more secure by involving right from the walkthrough of the product features and practicing secure SDLC
    • Think out of the box in building attack scenarios
    • Come up with the threat landscape right from the inception of the idea to product solution to the architecture and implementation of the solution
    • Proactively identify vulnerabilities across our platform and recommend fixes
    • Ownership of the tasks
    • Inclination towards learning multiple areas of security and build competency to deliver a wide spectrum of security like cloud security, operating systems etc.
    • Adapt to technologies/languages/platforms/frameworks of the time
    • Innovate to identify the security vulnerabilities as fast as possible in the lifecycle
    • Promote the culture of security first at Hotstar
    • Identifying the problem statements which upon solving will increase the security posture of Hotstar

What to Bring

    • In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10
    • Experience in doing security assessments on web applications, Android and iOS mobile applications in microservice architecture
    • Experience in using the security tools to carry out the manual as well as automated security assessments
    • Experience working with common product flows like payment gateway integration, authentication etc.
    • Knowledge of how applications get built which may help in multiple scenarios to break the very things
    • Knowledge and understanding of Python, Java, PHP, C, C++, SQL, Javascript, Ruby, NodeJS, Go etc. is a huge plus
    • Passion for security, and a practical and balanced approach to security issues
    • Ability to visualize the root cause and deep dive
    • Curiosity in knowing how things work in different conditions
    • Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams
    • Contributions to the security community is a huge plus and shouldn’t be a tool junkie
    • Lazy,so that could make machines work for him/her [automation]