Hybrid
Full-Time
Bengaluru, Karnataka
India
Skills
Java
Spring Framework
Microservices
Core Java
Spring Boot
Systems Design
Low-Level Design
Coding Experience
Hands-on Design
Hands-on Technical Leadership
Web Servers
About the Role
Software Engineering, Senior Staff Engineer
About Black Duck Software:
Black Duck Software (Formerly known as Synopsys SIG) in Bangalore.
We are the AppSec leader.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
About Seeker Product:
Seeker is one of, if not the, best Interactive Application Security Testing, or IAST, solutions out there today.
If you aren’t familiar with IAST, in a nutshell it means that we instrument the customer’s application and rewrite the code in runtime to inject callbacks in relevant places. This allows us to very accurately track what code is being executed and follow the data flow through the application.
It’s a similar technique to what profilers or APM tools do. The main difference is that they use instrumentation to track boring things like performance and we use it to track interesting things like security vulnerabilities.
Seeker® is the industry's first interactive application security testing (IAST) software solution with active verification and sensitive-data tracking for web-based applications.
Seeker's IAST solutions help development, QA, DevOps, and security teams automate the security testing of modern web applications and services.
It saves you valuable time, resources, and costs by enabling your developers to fix critical security flaws early in the SDLC.
What will you do:
Seeker is the most pertinent and accurate application security solution today. It uses groundbreaking technology to identify security vulnerabilities in web applications and report them back to the customer in an easy-to-use fashion.
More info at https://www.blackduck.com/interactive-application-security-testing
What we’re looking for:
Masters’ or Bachelor’s or Degree in Computer Science or equivalent work experience
Excellent problem solving skills; strong logical reasoning and solution oriented thinking
Eager and capable of learning new technologies as necessary
Team player and able to work independently with minimal supervision
At least 10 - 14 years related experience in the following – Java, Spring boot, Micro services.
Solid understanding of web technologies (protocols, frameworks), e.g. http/s, JSON, JWT, etc.
Experience with architecture of web servers
Security expertise – Advantage
Experience with instrumentation - Advantage
Experience with Linux/Unix OS - Advantage
Experience in Docker – Advantage
You will join the team in charge of Seeker’s Agents – the components that use instrumentation to find security vulnerabilities. The role includes the following responsibilities:
Taking full ownership on product features.
Ensuring state-of-the-art code is being written along with proper testing suites
Taking deep dives to resolve complex technical issues
Leading tech team.
About Black Duck Software:
Black Duck Software (Formerly known as Synopsys SIG) in Bangalore.
We are the AppSec leader.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
About Seeker Product:
Seeker is one of, if not the, best Interactive Application Security Testing, or IAST, solutions out there today.
If you aren’t familiar with IAST, in a nutshell it means that we instrument the customer’s application and rewrite the code in runtime to inject callbacks in relevant places. This allows us to very accurately track what code is being executed and follow the data flow through the application.
It’s a similar technique to what profilers or APM tools do. The main difference is that they use instrumentation to track boring things like performance and we use it to track interesting things like security vulnerabilities.
Seeker® is the industry's first interactive application security testing (IAST) software solution with active verification and sensitive-data tracking for web-based applications.
Seeker's IAST solutions help development, QA, DevOps, and security teams automate the security testing of modern web applications and services.
It saves you valuable time, resources, and costs by enabling your developers to fix critical security flaws early in the SDLC.
What will you do:
Seeker is the most pertinent and accurate application security solution today. It uses groundbreaking technology to identify security vulnerabilities in web applications and report them back to the customer in an easy-to-use fashion.
More info at https://www.blackduck.com/interactive-application-security-testing
What we’re looking for:
Masters’ or Bachelor’s or Degree in Computer Science or equivalent work experience
Excellent problem solving skills; strong logical reasoning and solution oriented thinking
Eager and capable of learning new technologies as necessary
Team player and able to work independently with minimal supervision
At least 10 - 14 years related experience in the following – Java, Spring boot, Micro services.
Solid understanding of web technologies (protocols, frameworks), e.g. http/s, JSON, JWT, etc.
Experience with architecture of web servers
Security expertise – Advantage
Experience with instrumentation - Advantage
Experience with Linux/Unix OS - Advantage
Experience in Docker – Advantage
You will join the team in charge of Seeker’s Agents – the components that use instrumentation to find security vulnerabilities. The role includes the following responsibilities:
Taking full ownership on product features.
Ensuring state-of-the-art code is being written along with proper testing suites
Taking deep dives to resolve complex technical issues
Leading tech team.
Apply for this position
Application Status
Application Draft
In Progress
Submit Application
Pending
Review Process
Expected within 5-7 days
Similar Jobs
