Netsentries Application Security Engineers will perform code-aware security assessments, Threat Modeling, SAST, SCA, Security Engineering reviews, etc., of enterprise Web/Mobile applications on different platforms developed in various programming languages. They will work closely with the Netsentries AppSec and client development teams to remedy the identified vulnerabilities. Core responsibilities include: Perform in-depth static secure code analysis with open source and commercial tools Perform Threat Modeling and in-depth manual secure code reviews Perform security engineering reviews Reverse Engineering App binaries and analyzing the decompiled/disassembled code Prepare advisory for developers of the application on secure coding practices for addressing vulnerabilities identified Experience with assessments based on standards like etc. Collecting evidence to demonstrate the findings Collaborating with client-side application security and development teams Handle enterprise SAST projects involving a variety of programming languages including and not limited to web applications with Java, .NET, etc., Android and iOS mobile applications programming languages Execute code-aware security assessments in adherence with industry standards like OWASP ASVS,OWASP MASVS,OWASP Top10, OWASP Mobile Top 10, SANS 25, PCI-DSS, HIPAA, MITRE-CWE etc. Experience with enterprise SAST projects involving a variety of programming languages including and not limited to web applications with Java, .NET, etc., Android and iOS mobile applications programming languages Skills Required: A degree in computer science or related field and/or equivalent experience in software development. Exposure to industry standard development practices and programming languages would be a plus. Demonstrable understanding of enterprise architectures and best practices for high-volume, high-availability web / mobile apps. Excellent interpersonal communications skills. Experience with Android / iOS mobile platforms Experience in performing secure code reviews / reviewing results of static analysis tools Knowledge of Common Weakness Enumeration (CWE) and Common Vulnerabilities & Exposures (CVE) and their remediation recommendations Familiarity of vulnerabilities and attack methods, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), SQL Injection (SQLi), etc. and how to identify, trace and remediate them Understanding of OWASP Top 10 Certifications like OSWE is preferred Experience working with commercial SAST/SCA solutions like Checkmarx,Veracode,Synopsis etc. is an advantage.

Responsibilities : Lead and mentor a team of developers to deliver high-quality software solutions. Collaborate with product managers, architects, and other stakeholders to understand project requirements and provide technical guidance. Hands-on development using TypeScript, MongoDB, NestJS, Angular, Serverless architecture, Python, Container and Orchestration (Docker and Kubernetes) Design the solution architecture and project framework for the dev team to build on. Oversee and actively contribute to the design and architecture of scalable and maintainable software systems. Lead sprint planning and ensure the team meets project milestones and deadlines. Delegate tasks effectively, considering the strengths and expertise of individual team members. Clear blockers for developers by addressing technical challenges and providing guidance. Conduct code reviews to maintain code quality, consistency, and adherence to coding standards. Explain features and bugs to developers, fostering a collaborative and transparent development environment. Collaborate with cross-functional teams to ensure alignment between technical solutions and business goals. Requirements: Bachelor s degree in computer science, Software Engineering, or a related field. 6 years of professional experience in software development. Strong technical proficiency in TypeScript, Python, React JS, MongoDB, NestJS, Angular, Serverless architecture, and CloudFront. Proven experience in leading and managing development teams. Excellent soft skills, including task delegation, sprint planning, and effective communication. Knowledge on design patterns and Solution Architecture development Experience in resolving technical blockers and providing guidance to the team. Demonstrated ability to explain features and bugs to developers clearly. Experience with agile development methodologies. Ability to thrive in a fast-paced and collaborative environment. Strong problem-solving and decision-making skills.

Operating systems Network & Security Systems Virtualization Systems Cloud Services The intern will be responsible for: Researching & Documenting security controls of different IT systems Documenting the controls in a clear and concise manner Creating tutorials and guides on how to secure different IT systems Assisting in the development of compliance reports for internal & external teams Benefits: Opportunity to work on cutting-edge technology areas covering Cloud Services, Network & Security systems etc Gain valuable experience in a fast-paced and dynamic work environment. Learn from experienced professionals. Certificate of completion upon completion of the internship.

Create test plan for developed product(s), and subsystems. Create testing strategy and automation testing scripts for the product in CI/CD pipeline. Study and understand the design of the solution to prepare effective test plan and automation scripts. Automate testing of the applications using testing automation tools. Designs quality assurance and test processes for portions and subsystems of end-user applications, systems software, and firmware running on hardware, local, networked, and Internet- based platforms. Perform code coverage analysis Communicate with product owner, dev teams, product manager apprise of the issues or suggestions if any. Understand the business logic and requirements, and perform targeted automation scripts in order to ensure thoroughness. Documentation and tracking of test cases, and periodic reporting of bugs, status, and test reports. Requirements : A working knowledge of deploying service into AWS (1-2 years of experience). Experience in Docker, Kubernetes Atleast 2 years of experience in scripting languages such as Python Atleast 2 years of targeted experience in testing automation and associated tool such as Cyprus. Atleast 4 years of experience in creating a test plan, planning, managing and executing system testing, performance testing, security testing, etc. Experience in ticket management tools like Jira. Experience in documentation and tracking of test cases, and periodic reporting of bugs, status, and test reports. Working Experience in Typescript, Cypress (or playwright/selenium), Jest, automated e2e testing for ui and api, manual testing for ui and api, testing serverless apps Nice to Have: Experience with containerization and orchestration tools like Docker and Kubernetes. Familiarity with CI/CD pipelines for automated deployment.