Cyber Defence Analyst

Bangalore, India /
Payments India - IT Operations /
About PayU 
PayU, a leading payment and Fintech company in 50+ high-growth markets throughout Asia, Central and Eastern Europe, Latin America, the Middle East and Africa, part of Prosus group, one of the largest technology investors in the world is redefining the way people buy and sell online for our 300.000+ merchants and millions of consumers. 

As a leading online payment service provider, we deploy more than 400 payment methods and PCI-certified platforms to process approximately 6 million payments every single day. 

Role: Cyber Defence Analyst
Company: PayU Payments Pvt Ltd
Location:  Gurgaon/Bengaluru
Education:  Bachelor / Master’s degree from reputed college in CS / ECE /Electrical
Experience: 3-5 years
Domain:  Fintech, ecommerce, web development at high scale


Cyber Defence Analyst will be responsible for performing manual & automated application security assessments and communicating any findings to the Development and QA teams. You will provide application design support and security best practice guidance, in the form of consultations, to various development teams and Business stakeholders.

You will be working with a team of highly skilled Application Security Engineers that are responsible for the application security and security testing of applications and services. This is a great environment to get exposure to a wide array of FinTech technologies and progress your application security career and helping to ensure that our applications are designed and coded in a secure fashion.
What you’ll be doing:
·   Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security
·   Ability to automate technical tasks through use of APIs, CI/CD or scripting strongly preferred.
·   Knowledge of OWASP Top 10 and SANS Top 25
·   Red Teamer with proven skills in exploitation Subject Matter Expert in application security testing.
·   Expert in Vulnerability Assessment and Penetration Testing Expert in source code review
·   Hands on experience in SAST & DAST Tools & improving SDLC.
·   Exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Web, iOS and Android
·   Experience performing white box application penetration testing (Web, APIs, Mobile, Thick clients); or ability to demonstrate equivalent knowledge.
·   Excellent skills with application security testing tools such as: Burpsuite, OWASP ZAP, SQLMap, IDA Pro, Kali, etc.
·   Experience performing manual application source code security reviews for various languages such as: Java, .Net (C#, VB#), C++.
·   Experience with scripting languages such as: Python, bash, Powershell, etc.
·   Knowledge of containers and cloud technologies.
·   Excellent oral and written communications skills.
What are we looking for?
·   A Bachelor's or Master's degree in Computer Science, Information Systems or other related discipline is required
·   Bug bounties, responsible disclosure awards & Hall of Fame are strongly preferred.
·   Experience working in a DevSecOps and Continuous Integration/Continuous Delivery (CI/CD) environment.
·   One or more scripting language like perl/php/python/bash OR one or more programming languages like C/C++/Java.

Behavioral Skills
We also look at you as the future leaders of our organization. Teamwork is of paramount importance. Flexibility, dedication, and passion are important traits for you to shape your career and grow as engineer. We expect you to demonstrate these traits in the current capacity.

What we offer
·         A positive, get-things-done workplace
·         A dynamic, constantly evolving space (change is par for the course – important you are comfortable with this)
·         An inclusive environment that ensures we listen to a diverse range of voices when making decisions.
·         Ability to learn cutting edge concepts and innovation in an agile start-up environment with a global scale
·         Access to 5000+ training courses accessible anytime/anywhere to support your growth and development (Corporate with top learning partners like Harvard, Coursera, Udacity)
About us:  
At PayU, we are a global fintech investor and our vision is to build a world without financial borders where everyone can prosper. We give people in high-growth markets the financial services and products they need to thrive. Our expertise in 18 high-growth markets enables us to extend the reach of financial services. This drives everything we do, from investing in technology entrepreneurs, to offering credit to underserved individuals, to helping merchants buy, sell and operate online. Being part of Prosus, one of the largest technology investors in the world, gives us the presence and expertise to make a real impact. Find out more 

Our Commitment To Building A Diverse And Inclusive Workforce 
As a global and multi-cultural organization with varied ethnicities thriving across locations, we realize that our responsibility towards fulfilling the D&I commitment is huge. Therefore, we continuously strive to create a diverse, inclusive and safe environment, for all of our people, communities and customers. Our leaders are committed to create an inclusive work culture which enables transparency, flexibility and unbiased attention to each and every PayUneer so they can succeed, irrespective of gender, color or personal faith. An environment where every person feels they belong, that they are listened to, and where they are empowered to speak up. At PayU we have zero tolerance towards any form of prejudice whether a specific race, ethnicity, or of persons with disabilities or the LGBTQ communities.