Position Overview:
In this role, you will support Rackspace's application security program by implementing and maintaining security testing capabilities, including static and dynamic application security testing, assisting with application penetration testing, and supporting our bug bounty program. You will work closely with development teams to identify, report, and help remediate security vulnerabilities across our application portfolio.
Work Location: 100% remote from within India
Shift: India Night Shift
Required Experience, Knowledge, Skills, and Abilities: 2-4 years in the information security fieldExperience working with application security, security testing, or DevSecOps practicesWorking knowledge of the SDLC, security concepts, and vulnerability assessment methodologiesHands-on experience with or understanding of programming and scripting languagesincluding one or more of the following: Python, Java, Node.js, Go, Ruby, PHP; databases such as SQL; and related tools such as Github, Gitlab, Jenkins, and CircleCIUnderstanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAAPassion for security and eagerness to learn about new technologies and emerging security vulnerabilitiesStrong communication skills with the ability to work collaboratively across teams Key Duties and Responsibilities: Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software componentsConfigure, maintain, and operate SAST, DAST, and other application security testing toolsAnalyze and triage security findings, documenting clear remediation guidance for development teamsSupport the vulnerability reporting process and track findings through to resolutionAssist with triage and validation of external vulnerability disclosures and bug bounty reportsContribute to the development and documentation of application security processes and standardsParticipate in security code reviews and threat modeling exercisesHelp track and report metrics for application security program healthCollaborate with development and DevOps teams to integrate security into CI/CD pipelinesStay current with application security trends, tools, and best practicesSupport time-sensitive security events as needed under guidance of senior team members Education/Certifications: Bachelor's degree (B.Tech/BE/B.Sc) in Computer Science, Information Technology, Cybersecurity, or related technical fieldAt least one security certification such as:CEH (Certified Ethical Hacker)CompTIA Security+eWPT (eLearnSecurity Web Application Penetration Tester)GIAC certifications (GWAPT, GSEC)Offensive Security certifications (OSCP, OSWE)(ISC)² certifications (SSCP, CC)EC-Council certifications (CEH, ECSA) Additional Information About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.