Cyber Sec Archt/Engr II

About the Role

Sparta Systems is seeking a proactive and skilled Cyber Security Architect/Engineer II to join our esteemed Product Security Assurance Team in Pune. This pivotal role involves the comprehensive assessment and evaluation of the security posture of our diverse product portfolio and partner technologies. You will be instrumental in delivering critical security services, utilizing a suite of advanced security toolsets, to pinpoint and facilitate the remediation of security vulnerabilities. Your efforts will directly contribute to the continuous enhancement of our product development lifecycle, ensuring robust and secure software delivery.

Key Responsibilities

• Function as an individual contributor within the Product Security Assurance Team, with emergent minor team leadership responsibilities.
• Provide expert guidance, mentorship, and direction to junior team members, actively contributing to internal team training initiatives.
• Spearhead strategic Product Security initiatives and ensure the timely delivery of client-focused objectives.
• Proactively identify, anticipate, and effectively manage escalations pertaining to product security.
• Lead the development and engineering of more efficient and effective security solutions, alongside establishing robust security testing methodologies.
• Define precise scoping requirements and execute comprehensive Security Testing across a broad spectrum of product domains.
• Contribute to the creation of modular, repeatable, and highly effective Security Testing processes.
• Collaborate closely with the Tools and Technology Team to strategically select, implement, develop, and automate testing procedures using appropriate tools.
• Engage with cross-functional teams to formulate practical and actionable remediation recommendations for identified vulnerabilities.
• Document and report security observations using standardized reporting structures and contribute to the embedding of secure-by-design principles throughout the development process.

Required Skills and Qualifications

• Proven experience in penetration testing across a wide array of domains, including Web, Network, Mobile Applications, Thick Clients, APIs, Web Services, Cloud environments, and Containers.
• Solid understanding of application protocols, software development principles, and common attack vectors.
• Exceptional cybersecurity capabilities complemented by strong software engineering acumen.
• Proficiency with industry-standard penetration testing tools and frameworks such as Burp Suite, IDA Pro, GHidra, Kali Linux, OWASP Top 10, Metasploit, Nessus, Nmap, MobSF, Genymotion, Frida, and APK Tool.
• Experience with scripting languages like Python, Powershell, and Bash is highly desirable.
• Familiarity and experience with other programming languages including C, C++, Java, .NET, or JavaScript.
• In-depth knowledge of security by design principles and architecture-level security concepts.
• Current understanding of emerging security threats and techniques employed for exploiting vulnerabilities.
• Excellent verbal and written communication skills, coupled with strong interpersonal abilities.
• Demonstrated project management capabilities.
• Relevant security certifications such as CEH, OSCP, or GPEN are a significant advantage.
• Experience with reverse engineering tools, debuggers, and dynamic analysis techniques.
• Experience integrating penetration testing tools into CI/CD pipelines for automated security checks.

Education

• Bachelor's degree in Computer Science, Software Engineering, Electrical Engineering, or equivalent practical experience.