Company Details
Who we are?
Finvasia is a global fintech company offering technology-driven financial services across trading,
investing, and wealth management.
What we do?
With a strong presence in multiple countries, Finvasia focuses on innovation, zero-cost trading
solutions, and empowering users through advanced platforms and tools.
Know more about us:
Website Finvasia - https://finvasia.com/
o https://shoonya.com/
o https://jumpp.finance/
- Follow us on LinkedIn Page - https://www.linkedin.com/company/finvasia/
o https://www.linkedin.com/company/shoonyadotcom/
o https://www.linkedin.com/company/jumpp-finance/
Mandatory Skills & Experience
1. Extensive hands-on experience in security testing of Mobile Applications, APIs, and Web
Applications.
2. Strong understanding of AWS Cloud Security architecture, controls, and security services.
3. Hands-on experience with security testing and assessment tools such as Burp Suite, MobiSF,
and related security utilities.
4. Strong understanding of Mobile, Web, and API Security frameworks and industry best
practices.
5. Deep knowledge of OWASP Top 10 vulnerabilities, attack vectors, and remediation strategies.
6. Experience in leading and executing VAPT, DAST, and SAST assessments.
FINVASIA CENTRE D 179, Phase 8 B (Sector 74) ,Industrial Area, Mohali, Punjab, India 160055 Phone: +91 172 6670000|
7. Possession of at least one recognized Cyber Security or Mobile Security certification (e.g.,
CEH, OSCP, eMAPT, eWPT, CISSP, CCSP, AWS Security Specialty).
8. Strong understanding of authentication and authorization mechanisms such as OAuth 2.0,
OIDC, SSO, CAS, SAML, and JWT.
9. Good understanding of Mobile Application Security frameworks, secure coding practices, and
mobile threat landscapes.
10. Experience in cloud security reviews, security architecture assessments, and security
consulting for development and infrastructure teams.
11. Ability to perform threat modeling, security risk assessments, and remediation planning.
12. Experience in mentoring junior security engineers and driving security best practices across
projects.
Technical Expertise
Strong experience in Enterprise Application Security.- Hands-on expertise in Mobile Application Security (Android/iOS).
- Strong knowledge of OWASP Top 10 & OWASP MASVS.
- Hands-on experience with Burp Suite, Frida, MobSF, Jadx, Ghidra, OWASP ZAP, SQLMap,
Nessus, and Nmap.
- Experience in Web, API, and Mobile Penetration Testing.
- Understanding of Secure SDLC and DevSecOps practices.
- Cloud Security knowledge (AWS/Azure/GCP) is preferred.
- Scripting knowledge in Python or Bash preferred.
Qualifications & Years of Experience
Bachelor’s or master’s degree in computer science, Cyber Security, Engineering, or related
field.
- 12–15 years of experience in Application Security, VAPT, or Product Security roles.
- Prior experience in FinTech, Product-Based Companies, BFSI, or Enterprise Security
environments preferred.
- Certifications such as CEH, OSCP, CAPen, CAPT, or CISSP are preferred