Information Security Analyst
ASTRA by Czar Securities
Astra Security is a Techstars backed cybersecurity company building software as a service (SaaS) solutions to secure businesses. We are amongst the few technology startups that offer a suite of features such as on the cloud Pentest, self served vulnerability scanner, Application Firewall, and Malware scanners in a well-packaged suite for small & medium enterprises. With an aim to offer a homogenous experience to its customers, Astra Security incorporates cutting-edge solutions that are easy to comprehend and tailor-made to suit any business requirement.
The company has earned several accolades including ‘The Most Innovative Security Company’ by Prime Minister Narendra Modi at the Global Conference on Cyber Security (2017), one of the top 50 emerging cybersecurity companies at ‘Emerge 50’ by NASSCOM, the French Tech Ticket under which Astra Security got rewarded by the President of France under the La French Tech program. In 2020, Astra Security was also named as a CyberTech100 company.
Astra is a trusted security partner to some of the well-known brands like Spicejet, Vodafone, Lynas, Dream 11, Unilever, NIIT, ITC, Wipro, Muthoot Finance, Ford, Mobstac, Rocketlane, Rattle etc.
At Astra you will be:
- Carrying out VA/PT for web apps, mobile apps, Cloud infrastructure, SaaS apps, network devices, open-source projects etc.
- Developing and testing rule sets for our DAST scanner.
- Interacting with clients over remediation calls.
- Facilitating clients to map out the steps for fixing vulnerabilities.
- Maintaining our vulnerability management system.
Required Qualifications & Skills:
- OSCP or CREST certified
- 2+ years of experience in doing pentests on multiple assets including web apps, cloud infrastructure etc. Comfortable in Black Box/WhiteBox testing with capability of finding business logic vulnerabilities
- Experience directly interfacing with customers over calls & emails
- Able to write & understand code in any one programming language.
Good to have:
- A few published CVE’s
- Good bug bounty/CTF experience
- Adrenalin rush of being a part of a growing company
- Holistic understanding of SaaS and enterprise cloud security business
- Opportunity to engage and collaborate with developers globally
- Annual trips to beaches or mountains
- Open and supportive culture
- Fully remote & agile working environment
Something looks off?