Staff Information Security Engineer
3 weeks ago
Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler.
About Role:
Our Engineering team built the world’s largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy.
We're looking for an experienced Application Security Lead to join our Product Security team. Reporting to the Director of Vulnerability Management, you will be responsible for:
Static and Dynamic Application Security Testing (SAST/DAST): Conduct thorough static and dynamic analysis of our applications to identify and remediate security vulnerabilities early in the development process.
Software Composition Analysis (SCA): Implement SCA tools to identify and manage open-source components, ensuring that all third-party libraries and frameworks used in our codebase are secure and up-to-date.
CVE Detection and Remediation: Continuously monitor for Common Vulnerabilities and Exposures (CVEs) in our code, and work closely with development teams to remediate these vulnerabilities promptly to prevent potential exploits.
Secret Management: Detect and remediate hard-coded secrets in our codebase, ensuring that sensitive information such as API keys and passwords are securely managed and stored.
Container and Infrastructure as Code (IAC) Security: Assess and secure our containerized environments and IAC deployments, ensuring that security best practices are followed to protect our infrastructure from potential threats.
What We’re Looking for (Minimum Qualifications)
Application Security Expertise. Minimum of 6+ years of hands-on experience in application security, including implementing and managing security measures such as SAST, DAST, and SCA.
Tools. Proficiency with application security tools such as Snyk, Semgrep, Coverity, Checkmarx, Burp Suite, OWASP ZAP, and dependency management tools.
Secure Software Development Lifecycle. Strong understanding of secure coding practices, vulnerability management, and remediation techniques. Expertise with source control (Github, Bitbucket), and CI pipelines (ArgoCD, Jenkins).
CVE/CWE Lifecycle. Proven experience in detecting and remediating security issues within codebases, ensuring timely and effective vulnerability management.
What Will Make You Stand Out (Preferred Qualifications)
Advanced Degree: A master's degree in Computer Science, Information Security, or a related field is highly preferred.
Domain Expertise. Minimum of 3 years of hands-on experience in at least one of the following areas of operations:
SAST, including implementing language-specific detection rules and driving remediation of static analysis reports.
DAST, including understanding of web application architecture, common web vulnerabilities, and the ability to analyze and interpret the results of dynamic testing
Container Security, including deep understanding of containerization concepts, orchestration platforms (Kubernetes), security best practices, and supervising secure container lifecycle processes
IAC, including hands-on expertise with cloud infrastructure design, provisioning, and management, as well as best practices for writing secure and maintainable infrastructure code
Secrets, including implementing detection rules for secrets in source control, SaaS apps, infrastructure platforms and driving best practices for secrets storage and usage.
Development Experience: Previous experience as a software developer or in a DevSecOps role, with proficiency in languages such as Java, Python, JavaScript, C/C++, Golang.
Experience with Cloud Security: Demonstrated experience in securing cloud environments (e.g., AWS, Azure, Google Cloud) and familiarity with cloud-native security tools and practices.
At Zscaler, we believe that diversity drives innovation, productivity, and success. We are looking for individuals from all backgrounds and identities to join our team and contribute to our mission to make doing business seamless and secure. We are guided by these principles as we create a representative and impactful team, and a culture where everyone belongs. For more information on our commitments to Diversity, Equity, Inclusion, and Belonging, visit the Corporate Responsibility page of our website.
Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including:
Various health plans
Time off plans for vacation and sick time
Parental leave options
Retirement options
Education reimbursement
In-office perks, and more
-
Staff engineer, information security
6 days ago
Bengaluru, India LinkedIn Full timeLinked In is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our...
-
Senior Staff Information Security Specialist
4 weeks ago
Bengaluru, Karnataka, India HeadPro Consulting LLP Full timeAs a Senior Staff Information Security Specialist at HeadPro Consulting LLP, you will be responsible for assisting in the execution of the Information Security Program, Data Governance practices, and Privacy assurance. This role requires analyzing the risk of existing networks and system architectures against correlating policies and risks, and providing...
-
Staff Information Security Engineer
3 weeks ago
Bengaluru, India Zscaler Full timeAbout Zscaler:Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital...
-
Staff Information Security Engineer
3 weeks ago
Bengaluru, India Zscaler Full timeAbout Zscaler:Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital...
-
Staff Information Security Engineer
3 weeks ago
Bengaluru, India Zscaler Full timeAbout Zscaler: Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital...
-
Senior Staff Information Security Engineer
1 month ago
Bengaluru, India Head pro Full timeDuties & Responsibilities :- Assists in the execution of he Information Security Program, Data Governance practices, and Privacy assurance- Analyzes risk of existing network and system architectures against correlating policies and risks, and provides technical input for appropriate remediation or action plans- Participates in the following and enforcement...
-
Senior Information Security Engineer
1 month ago
Bengaluru, Karnataka, India Head pro Full timeJob Summary :Head pro is seeking a skilled Senior Staff Information Security Engineer to join our team. As a key member of our Information Security team, you will be responsible for executing the Information Security Program, Data Governance practices, and Privacy assurance. This role requires a strong understanding of security concepts, technical controls,...
-
Staff Security Engineer
6 months ago
Bengaluru, India Guidewire Full timeResponsibilities:Proactively partner with teams across the organization (infrastructure, application engineering, data analytics, etc.) to define, promote and implement security best practices that improve the security posture of our infrastructure. Working closely with business units, product teams, DevOps engineers and/or SRE's to embed security...
-
Senior Staff Information Security Engineer
2 months ago
Bengaluru, India HeadPro Consulting LLP Full timeLooking Candidates only from Bangalore with 30 Days notice period and Relevant experience of Information Security with 5 years in OT/IOT (SCADA).Network Segmentation experience in Information Security is MandatoryDuties & Responsibilities :- Assists in the execution of the Information Security Program, Data Governance practices, and Privacy assurance-...
-
Information security engineer
6 days ago
Bengaluru, India LinkedIn Full timeLinked In is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day.We’re also committed to providing transformational opportunities for our own...
-
Staff Engineer, Security Sustainment
3 weeks ago
Bengaluru, India Procore Technologies Full timeJob DescriptionWe're looking for a Staff Engineer, Security Sustainment to join Procore's Cybersecurity department. In this role, you'll be responsible for ensuring Procore's security infrastructure is maintained at the highest level of protection and efficiency. The primary goal of this role is to support the security sustainment engineering team to...
-
Lead Engineer
6 months ago
Bengaluru, India Arcesium Full timeCompany Overview Arcesium is a global financial technology firm that solves complex data-driven challenges faced by some of the world’s most sophisticated financial institutions. We constantly innovate our platform and capabilities to meet tomorrow’s challenges, anticipate the risks our clients encounter, and design advanced solutions to help our clients...
-
Information Security Architect
4 months ago
Bengaluru, Karnataka, India RamSoft Full time**About us** RamSoft, Inc., headquartered in Toronto, Canada, is a global leader in Web based Radiology Solution. Our teams are present in USA, India, South Africa and Vietnam. Through 30 years of innovation in web radiology, we have provided several award-winning solutions to healthcare providers around the world. With the state-of-art software and...
-
Cybersecurity Threat Hunter
7 days ago
Bengaluru, Karnataka, India LinkedIn Full timeAbout LinkedInAt LinkedIn, we're on a mission to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day.Job SummaryWe're seeking an experienced Cybersecurity Threat Hunter to join our Information...
-
Staff Software Engineer
4 months ago
Bengaluru, India Ambient Security Full timeAmbient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...
-
Staff software engineer
3 weeks ago
Bengaluru, India Ambient Security Full timeAmbient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...
-
Staff Security Researcher
6 months ago
Bengaluru, Karnataka, India Menlo Security Full timeMenlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. Menlo is well-funded for growth and our investors...
-
Staff Software Engineer
4 months ago
Bengaluru, India Ambient Security Full timeAmbient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...
-
Staff Software Engineer
4 months ago
Bengaluru, India Ambient Security Full timeAmbient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...
-
Staff Software Engineer
4 months ago
Bengaluru, India Ambient Security Full timeAmbient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits. Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...
