Company Name

HCL Technologies Ltd ( Bangalore )

Job Description

• Key Responsibilities
  • Engage in product vulnerability-related security incident response, detection, to resolution.
  • Review code routinely to find and prioritise possible weaknesses or bad patterns, or insecure design implementations.
  • Evaluate both internal/external vulnerability reports (e.g., bug bounty programmes, disclosures by customers, vulnerability scanners).
  • Work with development teams to reproduce, evaluate, and fix reported vulnerabilities.
  • Keep the PSIRT process running - monitoring CVEs, arranging vulnerability reporting, and creating advisories.
  • Lessons learned and root cause analysis of support to improve post-incident.
  • Keep abreast of the most recent vulnerability trends and strategies of attacks and defence.
  Required Skills & Experience
  • 3-4 years working in Product Security, Application Security, or PSIRT.
  • Good knowledge of C, C++, Java, Python, or Go (capable of conducting reviews).
  • Familiarity with the use of static and dynamic code analysis tools (e.g., App Scan , Klockworks ).
  • Understanding of software vulnerability types (e.g. buffer overflows, XSS, SQLi, CSRF, race conditions).
  • Practical implementation of CVSS scoring, CVE management and coordinated disclosure.
  • Knowledge in threat modelling and secure development lifecycle (SDLC).
  • Sound knowledge of network protocols, APIs and operating systems (Linux/Windows).
  • Good communication and documentation expertise to carry out connections between the engineering and product teams.

  Soft Skills

  • Critical thinking and detailing.
  • Close cooperation and interaction among cross-functional teams.
  • Effective prioritisation and handling of several incidents.
  • Love for learning and never ending product security.

Job Details

Education Summary

Contact Details