Are you interested in automating the build and deployment process of the application with ensuring the application security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you.
Who we are?
Payatu is a GPTW certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual.
What we look for outside work parameters?
Publicly known contributions.
Research papers written, presented, and published.
Tools Developed.
Published exploits, CTF scores and hall of fame as testimonies to your work.
Learning from the community and enthusiastically contributing back.
You Have All Our Desired Qualities, if:
You have 3+ years of experience in cloud application and cloud service security assessment.
You have the knack of finding security bugs in everything you touch.
You like automating stuff.
You have excellent written and verbal communication skills and ability to express your thoughts clearly.
You have the skill to articulate and present technical things in business language.
You can work independently as well as within a team and meet project schedule and deadlines.
You have strong problem solving, troubleshooting and analysis skills.
You are comfortable working in a dynamic and fast paced work environment.
You are working on something on your own in your field apart from official work.
You are a perfect technical fit if:
You have strong knowledge of cloud (IAAS, PAAS and SAAS) with AWS.
You have good knowledge of various AWS cloud security frameworks and CSPM tools.
You have knowledge of best practices for hardening and configuration review.
You have experience with certificate managers and key management systems like Vault and AWS, KMS and basic understanding of infrastructure cloud security and related tools like WAF, AWS Inspector, AWS Guard duty, etc.
You have experience of working on architecture, monitoring and securely deploying enterprise applications on AWS Cloud Platform.
You have experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and process (Application Security, data protection, cryptography, identity, and access management (IAM), network security).
You have cloud automation.
Scripting knowledge.
You should be comfortable with scripting in Shell, Python, Ruby, or any preferred scripting language.
You have familiarity with security of cloud container services (AWS EKS).
You understand infrastructure as a code and concepts.
You have strong experience in AWS Security (Cloudwatch, GuardDuty, Elastic Block Storage, Macie, KMS, IAM or Security Hub).
You should have good hands-on various AWS cloud networking services (VPC, Gateway, Direct Connect, Transit Gateway).
Familiarity with Threat modeling is a plus.
You have AWS specific relevant certifications are an added advantage.
Your everyday work will look like:
Assess the Environment and conduct security testing for Cloud [AWS].
AWS Environment Security Risk Assessment, Governance and Monitoring.
Define Cloud security standards and implement them (based on CIS, STIG, etc).
Reviewing application hardening baselines and implement best practices for security on AWS.
Back your findings with Proof-of-concept exploits.
Collect evidence and maintain a detailed write up of the findings.
Understand and explain the results with impact on business and compliance status.
Explain and demonstrate vulnerabilities to application/system owners.
Provide appropriate remediation and mitigations of the identified vulnerabilities.
Deliver results within stipulated timelines.
Develop security guidance documentation.
Sharpen your saw with continuous research, learning.
At Payatu we believe in following one’s passion and with that thought, we have created a world class team of researchers and executors who are bending the rules to provide state of the art security services. Recognized by Great Place to Work (India) as an amazing workplace. We are a passionate bunch of folks working on the latest and leading edge security technology.
OUR SERVICES
At Payatu, we offer a host of security testing and assessment services. For us, your security is our priority. Through our expertise and research methodologies, we ensure the security of our client’s assets.
-INTERNET OF THINGS (IOT) SECURITY TESTING
-PRODUCT SECURITY ASSESSMENT
-PAYATU RED TEAM ASSESSMENT
-BLOCK CHAIN SECURITY AUDIT
-CLOUD SECURITY ASSESSMENT
-CRITICAL INFRASTRUCTURE SECURITY
TRAINING
Payatu’s deep technical training provides in-depth knowledge of the subject at hand with the prime focus on hands-on labs that enable attendees to understand the concepts thoroughly.
Our trainers are highly qualified, internationally acclaimed and certified professionals who provide detailed case studies of their real-life experience with security issues and new vulnerabilities.
ADVISORY
Providing the best advisory services for your security assessment through sharp, technical and insightful analysis.
RESEARCH
Undertaking detailed research and study in the area of security testing. Through our expertise and research methodologies, we ensure our client’s assets.
With the state of the art in-house fuzzing infrastructure and dedicated team to fuzz popular software, Payatu team regularly report the vulnerability in various software.
More information please drop an email on info@payatu.com
