Enterprise Applications Security Engineer

WHO WE ARE:For enterprises struggling to secure cloud workloads, Aviatrix offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime security and enforcement within the cloud application infrastructure itself – closing gaps between existing solutions and helping organizations regain visibility and control. Aviatrix ensures security, cloud, and networking teams are empowering developer velocity, AI, serverless, and what’s next. For more information, visit www.aviatrix.com.ABOUT THE ROLE:We are seeking a highly motivated and skilled Sr. MTS - Enterprise Applications Security to join our Security team in Bangalore. This role is focused on strengthening the security of Aviatrix’s internal and customer-facing applications, development pipelines, and automation workflows. You will work independently on defined projects, collaborating closely with product, engineering, and IT teams to embed security into the software development lifecycle and ensure robust protection across cloud-native environments.Position Responsibilities:- Application Security: Conduct security assessments of web and cloud-native applications - perform threat modeling, secure code reviews, dependency scanning, and penetration testing. - DevSecOps Enablement: Integrate security into CI/CD pipelines using tools like Trivy and TruffleHog. Automate infrastructure and application security checks using Terraform, CloudFormation, and GitHub Actions. Collaborate with developers to build reusable security modules, templates, and documentation that support secure cloud-native application delivery. - Cloud-Native Security: Implement and manage security controls for applications deployed in AWS, Azure, and GCP, leveraging platform-native services and infrastructure-as-code. - AI/ML Security Review: Contribute to risk evaluations of AI/ML deployments using platforms like TensorFlow, PyTorch, and Gemini, ensuring model integrity and data privacy. - Platform & Tool Operations: Support configuration and day-to-day management of application-focused security platforms including SSO, IAM, secrets management, and runtime protection tools. - Developer Enablement & Training: Partner with engineering teams to promote secure coding practices, deliver targeted training, and share guidance on secure design patterns. - API Security & Design Review: Collaborate with developers to review API designs, ensuring secure implementation of RESTful endpoints and exception handling for diagnostic tools.Requirements:- 3+ years of experience in application or product security engineering, with exposure to web, cloud-native, or microservices architectures. - Hands-on expertise in Python, Go, and JavaScript for secure development and automation. - Familiarity with container security, API protection, and runtime security tools. - Experience integrating security into CI/CD pipelines and using infrastructure-as-code for secure deployments. - Strong understanding of cloud platforms (AWS, Azure, GCP) and their native security services. - Experience performing penetration testing of cloud-hosted applications, including use of tools like Burp Suite. - Experience partnering with developers to improve code security and design patterns. - Strong written and verbal communication skills for effective collaboration across teams. - Experience with policy-as-code tools like OPA is a plus. - Relevant certifications, such as CSSLP, OSWE, AWS Certified Security – Specialty, or equivalent, are a plus but not required.