Company Overview

Arcesium is a global financial technology firm that solves complex data-driven challenges faced by some of the world's most sophisticated financial institutions. We constantly innovate our platform and capabilities to meet tomorrow's challenges, anticipate the risks our clients encounter, and design advanced solutions to help our clients achieve transformational business outcomes.

Financial technology is a high-growth industry as change and innovation continue to disrupt the status-quo and prompt major transformation. Arcesium is at a particularly interesting time in our own growth as we look to leverage our successfully established market position and expand operations in pursuit of strategic new business opportunities. We value intellectual curiosity, proactive ownership, and collaboration with colleagues, and we empower you to meaningfully contribute from day one and accelerate your professional development.

• Conduct manual penetration testing on web applications and other systems.
• Demonstrate and promote security best practices, including secure development and cloud security
• Assist with the development of remediation recommendations for identified findings
• Identify and articulate (written and verbal) findings to the development teams
• Stay up-to-date with the latest security trends, technologies, and best practices

• 5 - 8 Years, out of which at least 3+ years in the security engineering field
• B.E/B.Tech or M.Tech/MS: Degree in computer science engineering or related field
• Technical background in Application Security Testing, Security Code Reviews, and security design reviews
• Knowledge of common application security attacks (e.g. Deserialization attacks, Injections attacks, SSRF, XSS, SQL Injection, XSRF, buffer overruns, DoS, etc)
• Prior experience with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools and using them for Application Security reviews.
• Experience in Cloud Security - AWS is an added advantage, and Kubernetes and Docker container security
• Technical familiarity with technologies like Java, Python, React, GraphQL, Javascript, JSON, REST, Docker, Terraform, etc.
• Encryption and Key Management
• Must have Experience with Java programming language.
• Strong understanding of security fundamentals and general security technologies.
• Excellent communicator, comfortable discussing with technical staff and management.
• Strong interpersonal skills as well as excellent written and verbal communication skills
  
  Good to have Skills:
  
  
• SAST/DAST integration in CI/CD pipeline - design, implementation
• Experience working with Gitlab
• Certifications like OCSP, OSWE or OSWA