Security Analyst VAPT

About Juspay

Juspay is a leading multinational payments technology company that powers superior conversion rates, seamless customer experiences, cost optimization, and fraud reduction at scale for 500+ top global enterprises and banks. Founded in 2012, the company processes over 300 million daily transactions with an annualized total payment volume exceeding $1 trillion at 99.999% reliability. Headquartered in Bangalore, India, Juspay has a global network of over 1200 payment experts operating across San Francisco, Dublin, São Paulo, and Singapore.

Job Description

Juspay is looking for a dedicated Security Analyst VAPT who is passionate about identifying system weaknesses and designing security and privacy controls. You will contribute to various security domains including governance, compliance, incident detection and response, infrastructure, and IT security.

• Conduct Vulnerability Assessment and Penetration Testing (VAPT).
• Implement and review secure coding practices.
• Perform threat modeling and risk mitigation.
• Integrate security into CI/CD pipelines (DevSecOps).
• Collaborate with product development and cloud teams.

Skill & Experience Requirements

• 1-2 years of software development with information security overlap.
• Strong understanding of OWASP Top 10 vulnerabilities and remediation strategies.
• Experience with VAPT tools and threat modeling techniques.
• Exposure to DevSecOps and security integration in CI/CD pipeline.
• Proficiency in programming languages such as Java, C++, C#, JavaScript, or HTML; additional languages like Haskell or scripting languages are a plus.
• Familiarity with Amazon Web Services (EC2, IAM, S3, Lambda, VPC) or equivalent cloud technologies.
• Good grasp of network and web protocols (HTTP, HTTPS, TCP/IP, SAML 2.0, OAuth 2.0, REST APIs).
• Experience in Agile development environments.
• Independent, self-motivated, and effective in a fast-paced setting.
• Contributions to the security community are highly valued.

Core Responsibilities

• Define secure software development practices to mitigate application risks.
• Regularly conduct VAPT on web applications, networks, and cloud resources.
• Provide technical coding expertise to evaluate and secure applications.
• Collaborate with product and cloud teams to build resilient systems.
• Recommend and implement security controls for cloud services and information assets.
• Conduct security design and code reviews to identify vulnerabilities.
• Interpret compliance requirements and develop technical security solutions.
• Participate in product security incident response and resolution processes.

Key skills/competency

VAPT, OWASP, Threat Modeling, DevSecOps, Secure Coding, Cloud Security, Agile, Penetration Testing, IT Security, Compliance