Application Security Engineer

3 weeks ago


Hyderabad, Telangana, India Foodsmart Full time
About us:

Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians. Our platform is designed to foster healthier food choices, drive lasting behavior change, and deliver long-term health outcomes. Through our highly personalized, digital platform, we guide our 2.2 million members—including those in employer-sponsored health plans, regional and national Medicaid managed care organizations, Medicare Advantage plans, and commercial insurers—on a tailored journey to eating well while saving time and money.

Foodsmart seamlessly integrates dietary assessments and nutrition counseling with online food ordering and cost-effective meal planning for the entire family, optimizing ingredients both at home and on the go. We partner with national and regional retailers across the U.S., many of whom accept SNAP/EBT, making healthier food more accessible. Additionally, we assist members with SNAP enrollment and management, providing tangible access to nutritious food.In 2024, Foodsmart secured a $200 million investment from TPG's Rise Fund, which supports entrepreneurs dedicated to achieving the United Nations' Sustainable Development Goals. This investment will help us expand our reach, particularly to low-income workers who are disproportionately affected by diet-related diseases.

At Foodsmart, our mission is to make nutritious food accessible and affordable for everyone, regardless of economic status. We are committed to a set of core values that shape our culture and work environment:

Measured: We make data-driven, truth-seeking decisions.

Impactful: We are fueled by achieving our mission and vision.

Collaborative: We help each other be better and create a positive environment.

Hungry: We maintain a healthy growth mindset, seeking to overcome challenges with courage.

Joyful: We take joy in each other, our work, and the privilege of doing this work.

Whether you're a dietitian, a commercial leader, or a technologist, working at Foodsmart means being part of a team that is passionate, supportive, and driven by a shared purpose. Join us in transforming the way people access and enjoy healthy food.

About the role:

We are seeking an Application Security Engineer who will work at the intersection of security, DevOps, and development to ensure security is embedded throughout our SDLC. This role requires deep technical expertise in secure code review, static and dynamic application security testing (SAST/DAST), and infrastructure governance, especially in the segregation of environments, separation of duties, and branch protection in source control systems.

You will:

Code & Application Security

- Conduct manual and automated code reviews to identify security vulnerabilities (e.g., XSS, SQLi, logic flaws).
- Define and implement SAST and DAST pipelines using tools such as SNYK, Checkmarx, Fortify, OWASP ZAP, or Burp Suite.
- Collaborate with development teams to remediate vulnerabilities and educate on secure coding standards (e.g., OWASP Top 10).

DevSecOps & CI/CD Pipeline Security

- Integrate security controls into CI/CD pipelines using tools like GitHub Actions, Jenkins, and GitLab CI.
- Define and enforce branch protection rules, code signing, and commit validation policies (e.g., mandatory code reviews, signed commits).
- Work closely with DevOps to ensure security-as-code is implemented across build, test, and deployment stages.

Infrastructure & Environment Segregation

- Ensure proper segregation between development, staging, and production environments, following least privilege principles.
- Collaborate with infra and cloud teams to enforce network and access segregation (e.g., VPC segmentation, IAM policies).

Governance & Policy Enforcement

- Define and monitor separation of duties policies between developers, testers, and deployers.
- Create security baselines and compliance checks (e.g., CIS Benchmarks, SOC 2/ISO 27001 readiness).
- Set up auditing and alerting for anomalous activities in source control and deployment platforms.

Tooling & Automation

- Deploy and maintain security tools (e.g., GitGuardian, Aqua, Prisma Cloud) to detect hard coded secrets, policy violations, and misconfigurations.
- Automate remediation workflows where possible (e.g., auto-patching vulnerable dependencies).

You have:

- 5-8 years in Security Architecture, AppSec, or a combined development and security engineering role.
- Strong hands-on experience in secure coding, application security testing, and source code analysis.
- Solid knowledge of CI/CD pipelines, version control (especially GitHub/GitLab), and branch control strategies.
- Familiarity with cloud platforms (AWS, Azure, GCP) and security practices for each.
- In-depth understanding of network security, access controls, and zero trust architecture.
- Practical knowledge of regulatory or compliance frameworks (e.g., ISO 27001, SOC 2, NIST).

Preferred Qualifications

- Experience working with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation) with embedded security checks.
- Familiarity with container security (Docker, Kubernetes, image scanning).
- Certifications: OSCP, CSSLP, CEH, GSEC, or AWS Security Specialty.
- Contributions to open-source security tools or projects is a plus.

Key KPIs / Metrics of Success

- Time-to-remediate for identified vulnerabilities.
- Percentage of pipelines with integrated SAST/DAST.
- Number of policy violations prevented via branch rules and access controls.
- Coverage of secure coding training among developers.

  • Hyderabad, Telangana, India Phenom Full time

    Job DescriptionJob descriptionJob Requirements- We're looking for a full-time phenomenal Application Security Engineer III to architect and lead the implementation of the security-related aspects of our ITX platform. This will include evaluating and recommending new and emerging cloud security technologies and standards to ensure it is highly secure,...


  • Hyderabad, Telangana, India Appen Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About AppenAppen is a leader in AI enablement for critical tasks such as model improvement, supervision, and evaluation. To do this we leverage our global crowd of over one million skilled contractors, speaking over 180 languages and dialects, representing 130 countries. In addition, we utilize the industry's most advanced AI-assisted data annotation...


  • Hyderabad, Telangana, India Plume Design, Inc Full time ₹ 1,20,000 - ₹ 2,60,000 per year

    Life at PlumeAt Plume, we believe that technology isn't about moving faster, it's about making life's moments better. Which is why we've built the world's first, and only, open and hardware-independent service delivery platform for smart homes, small businesses, enterprises, and beyond. Our SaaS platform uses WiFi, advanced AI, and machine learning to create...


  • Hyderabad, Telangana, India beBeeAppSecurity Full time ₹ 15,00,000 - ₹ 25,00,000

    Technical Advisor RoleAs a Technical Advisor, you will serve as the pre-sales expert supporting our application security portfolio. You'll work closely with the Sales team to design customer-centric solutions, deliver impactful demos and PoCs, and guide organizations on best practices in application security.Key Responsibilities:Conduct technical discovery...


  • Hyderabad, Telangana, India QualiZeal Full time

    Job Overview: We are actively hiring an experienced Application Security Expert to lead our security testing, vulnerability management, and threat mitigation efforts. This role involves securing applications, mobile platforms, APIs, and cloud environments while ensuring compliance with industry standards and regulations. The ideal candidate will have strong...


  • Hyderabad, Telangana, India PURVIEW Full time

    Purview is a global leader in IT Engineering and Talent Solutions, serving Fortune 500 and mid-market clients across 21+ countries. Headquartered in Edinburgh, with multiple delivery centres in India, we have a team of 1,200+ professionals driving digital transformation at scale. As a certified Ethnic Minority Business and Premier Member of MSDUK, we blend...


  • Hyderabad, Telangana, India ServiceNow Full time US$ 1,20,000 - US$ 2,00,000 per year

    Company Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Our intelligent cloud-based...


  • Hyderabad, Telangana, India beBeeApplication Full time ₹ 15,21,694 - ₹ 30,29,699

    We are actively hiring a seasoned Application Security Specialist to spearhead our security testing, vulnerability management, and threat mitigation efforts.This role involves securing applications, mobile platforms, APIs, and cloud environments while ensuring compliance with industry standards and regulations.The ideal candidate will have strong expertise...


  • Hyderabad, Telangana, India beBeeSecurity Full time ₹ 1,50,00,000 - ₹ 2,50,00,000

    Key Application Security RolesAs a seasoned Information Security professional, you will be responsible for spearheading our organization's Application Security initiatives and ensuring the integrity of our consumer applications.Key Responsibilities:Act as a security-focused technical lead and collaborate with product teams on Application Security...


  • Hyderabad, Telangana, India Providence Global Center Full time ₹ 15,00,000 - ₹ 28,00,000 per year

    About ProvidenceProvidence, one of the US's largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, 'Health for a better world', Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and...