Daraz Online Jobs – Head of Training And Development


About Daraz:

Founded in 2015, Daraz is South Asiaƒ??s leading e-commerce platform in Pakistan, Bangladesh, Sri Lanka, Nepal and Myanmar. It empowers more than 100,000 active sellers with world-class marketplace technology to reach the fast-growing consumer class in a region of 500 million people. Through Daraz Express and Daraz Pay, it operates the most efficient and digitalised logistics and payments infrastructure in its markets. Darazƒ?? vision is to be a champion of South Asia serving 100 million customers and businesses by 2030.

For more information, please visit www.daraz.com

Job Description

Your role is to:

  • Analyse system services, perform line-by-line and automated source code review of networks and applications.
  • Perform dynamic application security testing (DAST) and static analysis (SAST), Interactive Application Security Testing (IAST) of the micro-services and Mobile applications/Website codebases.
  • Integrate security into the software development lifecycle (SDLC) including threat modeling; establishing development standards, standardising processes, roadmapping security enhancements, and performing source code reviews.
  • Provide remediation guidance and oversight to discover vulnerabilities.
  • Program and write scripts to automate tasks.
  • Perform product security design .
  • Designing technical solutions to address security weaknesses.
  • Research new threats, attack techniques, and methods
  • Design and implement security solutions to automate the detection and remediation of infrastructure security issues.
  • Perform vulnerability assessment and penetration testing on mobile apps, website, API, and databases.
  • Design and perform Red team simulation drills to measure the readiness of the Blue team.
  • Assist Blue team in identifying security gaps.
  • Perform threat hunting exercises and detect security flaws in applications and networks proactively.
  • Writing an exploit to leverage a vulnerability.
  • Develop/Test/Deploy tools to conduct security review operations in an automated fashion.
  • Participate in architectural and design discussions
  • Perform black/gray/white box testing on applications/websites/API.

A bit about you:

  • 4+ years of Application Security experience after graduation.
  • Hands-on security experience with a passion for everything security related with a proven record of delivering a security impact.
  • Understanding of reverse connection & MITM. Hands-on expertise on Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark etc.
  • Experience deploying/integrating with CI/CD and configuring SAST/DAST tooling.
  • Deep understanding of web security, TLS/SSL, web authentication and web-related protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
  • Capacity to handle and manage multiple projects.
  • Communicate with stakeholders and guide them on secure coding practices.
  • Knowledge about cryptography and its functionality.
  • Knowledge of OWASP standards and methodologies, understanding of HTTP and web programming, Web Application Firewalls.
  • Hands on experience with application vulnerability assessment tools like(Qualys/Nexpose, Burp Suite, Nessus, etc)
  • Proven proficiency in scripting and/or software development (Python, Javascript, SQL is a must).
  • Strong analytical and problem-solving capabilities.
  • Certifications like OSCP/CEH are a plus.
  • Working knowledge of technologies involving CI/CD, Docker containers, and Databases.
  • Good presentation, communication and team player skills to persuasively guide developers and upper management on application security topics.

What we offer:

  • International working environment in a start-up setting, and a unique opportunity to learn from the best in e-commerce (Alibaba Group) and business growth.
  • A platform to learn from Alibabaƒ??s world-leading ecosystem
  • Rigorous training and exposure in team management, leadership, business analytics, and operations.
  • An opportunity to train the next generation of business leaders in the ƒ??techƒ?? industry.
  • Competitive salary and incentive package
  • Health & life insurance

Leave a Comment