Cyber Security Analyst Job in Payu

Title: Cyber Security Analyst

Exp: 3 to 5 Yrs.

Education: Bachelor / Masters degree

About Company:PayU, the fintech-arm of Naspers, is a leading financial services provider in global growth markets. We use our expertise and heritage in cross border and local payments to extend the services we offer to merchants and consumers. Our innovative technology, developed in-house as well as through investments and strategic partnerships, empowers billions of people and millions of merchants to buy and sell online, extending the reach of financial services.

Our local operations span 18 growth markets across Asia, Central and Eastern Europe, Latin America, the Middle East and Africa. Here we deliver fast, simple and efficient financial services technology that unlocks access to more than 2.3 billion consumers in our regions. Regulated under the Reserve Bank of India, PayU India has advanced solutions to meet every digital payment need.

The company has an in-depth understanding of the vast and intricate details of the Indian market and its payment landscape. The company brings convenience and trust through continuous innovation leveraging technology.

PayU India forays into two business verticals payment offerings under PayU Payments Services Ltd. and alternate lending under PayU Finance. Headquartered in Sohna Road, Gurgaon, the company has a presence in Mumbai, Pune and Bangalore and has a total strength of 700+ employees. Anirban Mukherjee is the CEO for PayU India working with the global CEO Laurent Le Moal.

Under the aegis of PayU Payments Services Ltd., PayU provides payment gateway solutions to online businesses through its cutting-edge and award-winning technology. In India, PayU covers nearly 60% of the airline business and 90% of the entire e-commerce business and processes over INR 120,000 crores worth of digital payments annually (at current run rates). The company offers more than 70 local payment methods and serves more than 350,000 merchants including leading e-commerce businesses in India. The company also empowers SMBs, enabling them to accept mobile and online payments with minimum development effort. With credit being the key business priority, PayU has also developed LazyPay, an alternate lending platform to offer credit solutions such as Small Ticket Credit (Buy Now, Pay Later), App based personal loans and Point of Sale Credit (Merchant EMI). Since its launch in 2017, LazyPay has gained significant traction and has disbursed 20mn+ loans to a customer base of a million user.

PayU is bullish on investment opportunities in India. The company has been an aggressive investor, committed to the evolution of fintech in the country. PayU has spent about $250 million over the past three years in Asias third-largest economy and is further scouting for more lucrative investment and acquisition opportunities to fuel growth. PayUs acquisitions in India include that of Wibmo (April 2019 worth $70 mn) and Citrus Payment Solutions (September 2016 for $130 mn). PayU has also invested in PaySense (July 2018) and ZestMoney (December 2016) in India.

Requirements

Sr. Cyber Defense Analyst will be responsible for performing manual & automated application security assessments and communicating any findings to the Development and QA teams. You will provide application design support and security best practice guidance, in the form of consultations, to various development teams and Business stakeholders.

You will be working with a team of highly skilled Application Security Engineers that are responsible for the application security and security testing of applications and services. This is a great environment to get exposure to a wide array of FinTech technologies and progress your application security career and helping to ensure that our applications are designed and coded in a secure fashion.

Required Experience

• Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security
• Ability to automate technical tasks through use of APIs, CI/CD or scripting strongly preferred.
• Knowledge of OWASP Top 10 and SANS Top 25
• Red Teamer with proven skills in exploitation Subject Matter Expert in application security testing.
• Expert in Vulnerability Assessment and Penetration Testing Expert in source code review
• Hands on experience in SAST & DAST Tools & improving SDLC.
• Exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Web, iOS and Android
• Experience performing white box application penetration testing (Web, APIs, Mobile, Thick clients); or ability to demonstrate equivalent knowledge.
• Excellent skills with application security testing tools such as: Burpsuite, OWASP ZAP, SQLMap, IDA Pro, Kali, etc.
• Experience performing manual application source code security reviews for various languages such as: Java, .Net (C#, VB#), C++.
• Experience with scripting languages such as: Python, bash, Powershell, etc.
• Knowledge of containers and cloud technologies.
• Excellent oral and written communications skills.

Preferred Experience:

• Bug bounties, responsible disclosure awards & Hall of Fame are strongly preferred.
• Experience working in a DevSecOps and Continuous Integration/Continuous Delivery (CI/CD) environment.
• One or more scripting language like perl/php/python/bash OR one or more programming languages like C/C++/Java.
• Certifications such as GWAPT, Offensive Security Certified Professional (OSCP), OSCE or GIAC Penetration Testing (GPEN) are strongly preferred.