Application security engineer

1 month ago

Delhi, India HuntingCube Recruitment Solutions Full time
Position: Application Security Engineer
Location: Hyderabad
Experience: 6-10 Years
Skills: Application Security, Source code review, Coding (Any oops)
Notice Period: Upto 30 Days
JOB DESCRIPTION:
RESPONSIBILITIES:
 Establish security best processes and practices for our mobile, on-premises and cloud-based platforms.
 Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls.
 Support and consult with product and development teams in the area of application security, including threat modeling and Application Security reviews.
 Implement, continuously develop, and maintain secure Software Security Development Lifecycle processes and software maturity model.
 Perform threat modeling, secure design, and source code review.
 Conduct security assessments, security testing and validation of vulnerability scan results.
 Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
 Incorporate security tools/tasks to automate product development and deployment.
 Develop, implement, and automate defensive controls, creating and tuning
tools and rules to detect and address malicious activity. Responsible for
integration of security controls into SDLC.
 Establish supply chain security process and ensure 3rd party software meet
the standards.
 Facilitate injection, integration, and compliance for Static Application Security
Testing (SAST), Container Security Scanning & Open-Source Security
Analysis during development phase.
 Facilitate injection, integration, and compliance for Dynamic Application Security Testing (DAST)
 Contribute to triaging, addressing security issues and tracking remediation.
 Own and manage Secure SDLC tooling.
 Develop and customize security tools used by security teams and developers.
 Work closely with development teams to build security directly into their SDLCs.
 Provide remediation guidance to programmers and management.
 Support bug bounty program
 Support the preparation of security releases
 Mentor and train development teams on secure coding standards and techniques. Develop Secure Coding Program.
 Constantly innovate at the pace of the adversary using latest techniques.
GENERAL KNOWLEDGE, SKILLS & ABILITIES:
 In-depth knowledge of web and mobile security vulnerabilities, attack vectors and mitigation techniques
 Experience with multiple programming languages (Java, Java Script, Go, Python, Ruby, Objective-C, C#, PHP) with hands on level coding experience
with at least one scripting and one objected oriented programming language.
 Fluent with security testing with SAST, SCA, DAST, IAST, Fuzz and penetration testing tools
 Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25
 Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
 Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
 Knowledge of Dev Sec Ops to maintain security in CI/CD pipeline.
 Solid experience with security tools like Semgrep, Check Marx, Vera Code, Burp Suite, Snyk, Nessus
 Familiar with tools like Git, Jenkins, Circle CI, Maven, Ant, Gradle, Nexus, Sonar Qube, Artifactory, Chef, Splunk
 Experience writing custom rules for static analysis tools.
 Experience with API Security, Ia C, Containerization, RASP, IAST
 Experience with micro services, container deployment and service orchestration
 Strong knowledge of cryptography, API security, and secret management
 Ability to clearly and effectively communicate concerns and issues to the
management and engineers.
 Experience with Cloud (AWS, Azure, GCP) Security
 Experience writing tools to automate tasks and integrate systems using
scripting languages like Go, Python and REST APIs.
 Experience in delivering and educating development groups in Secure Coding
 Expertise with common vulnerabilities and attack vectors.
 Experience integrating security tools into developer pipelines.
 Dev Ops experience managing deployment and configuration.
GENERAL SKILLS INCLUDE:
 Strong critical thinking and analytical skills
 Ability to approach problem solving in a constructive and collaborative way
that does not require absolute security.
 The ability to communicate complicated technical issues and risks to
programmers, network engineers and managers.
 Strong leadership, project, and team-building skills
 Exceptional communication skills with diverse audiences; the ability to be an
application security subject matter expert who can explain relevant topics to
general audiences.
EDUCATIONAL REQUIREMENTS:
· Bachelor’s degree in computer science, Information Systems, or equivalent
combination of education and experience
· Certifications in the field of Information Security (at least one of the following:
CISSP, CEH, GIAC, CWAPT, GWAPT, GWEB)

  • Security Engineer

    4 weeks ago

    Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks....

  • Security Engineer

    1 month ago

    Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • Security Engineer

    1 month ago

    Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • Security Engineer

    1 month ago

    Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks....

  • TAC Security

    4 weeks ago

    Delhi, India TAC Security Full time

    Job Title : Application Security Manager. Location : Aerocity, Delhi. Company Description : TAC Security is a global leader in vulnerability management, specializing in protecting Fortune 500 companies, leading enterprises, and governments worldwide. Our AI-based Vulnerability Management Platform, ESOF (Enterprise Security in One Framework), manages over 5...

  • Security Engineer

    1 month ago

    New Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • TAC Security | Security Engineer | delhi

    1 month ago

    delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • TAC Security | Security Engineer | delhi

    1 month ago

    delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • TAC Security

    3 months ago

    Delhi Division, India TAC Security Full time

    Job Title : Application Security Manager. Location : Aerocity, Delhi. Company Description : TAC Security is a global leader in vulnerability management, specializing in protecting Fortune 500 companies, leading enterprises, and governments worldwide. Our AI-based Vulnerability Management Platform, ESOF (Enterprise Security in One Framework), manages over 5...

  • High Salary: Security Engineer

    4 weeks ago

    Delhi, India TAC Security Full time

    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This...

  • Application Security Engineer

    2 weeks ago

    Delhi, India KMM Technologies, Inc. Full time

    Senior Application Security Engineer JDWork Hours: M-F 9am-1pm US EST(7:30PM to 12AM IST)Remaining hours can be worked during India daytime, but 40 hours/week had to be put in.Some of the tools used:Microsoft Security Tool SuiteExabeamAWS GuardDutyApplications:OnBase LogsMuleSoft - SASSSalesforce - SASSWorkday - SASSPeopleSoft Hosted on AWS

  • Application Security Engineer

    2 weeks ago

    Delhi, India KMM Technologies, Inc. Full time

    Senior Application Security Engineer JDWork Hours: M-F 9am-1pm US EST(7:30PM to 12AM IST)Remaining hours can be worked during India daytime, but 40 hours/week had to be put in.Some of the tools used:- Microsoft Security Tool Suite- Exabeam- AWS GuardDutyApplications:- OnBase Logs- MuleSoft - SASS- Salesforce - SASS- Workday - SASS- PeopleSoft Hosted on AWS

  • RSI Security | Network Engineer Consultant

    3 weeks ago

    delhi, India RSI Security Full time

    Location: 100% RemoteType: Contractor - Part Time, Project basedPay: Based on experience, education, geographic location, and market rates.Travel: None*** Please ensure you read through the entire job posting and you also understand the work model, expectations, requirements, location, and qualification requirements for this role. ***About Us:RSI Security is...

  • TAC Security | Senior FullStack Engineer

    2 days ago

    delhi, India TAC Security Full time

    As a Full Stack Developer specializing in security products, you will play a key role in the development and enhancement of our cybersecurity solutions. Based in Aerocity Delhi, India, you will work closely with cross-functional teams to design, develop, and maintain secure and scalable software applications. Your expertise in full stack development,...

  • TAC Security | Full Stack Engineer

    2 weeks ago

    delhi, India TAC Security Full time

    As a Full Stack Developer specializing in security products, you will play a key role in the development and enhancement of our cybersecurity solutions. Based in Aerocity Delhi, India, you will work closely with cross-functional teams to design, develop, and maintain secure and scalable software applications. Your expertise in full stack development,...

  • IT Security Strategist

    5 days ago

    Delhi, Delhi, India TAC Security Full time

    Job Title: IT Security StrategistLocation: DelhiAbout TAC Security:TAC Security is a global leader in vulnerability management, protecting Fortune 500 companies, leading enterprises, and governments worldwide.We have developed the AI-based Vulnerability Management Platform, ESOF (Enterprise Security in One Framework), which manages over 5 million...

  • Application Security Engineer

    4 weeks ago

    Delhi, Delhi, India Vimeo Full time

    Job DescriptionVimeo is seeking a highly skilled Application Security Engineer to join our team. As a key member of our security team, you will play a critical role in ensuring the security and integrity of our applications.About the RoleThis is an exceptional opportunity for a talented security professional to make a significant impact on the security...

  • Senior Application Security Engineer

    2 months ago

    Delhi, India Vimeo Full time

    As aSr. Application Security Engineerat Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.You’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from...

  • Chief Security Architect

    4 weeks ago

    Delhi, Delhi, India TAC Security Full time

    Job Title: Chief Security ArchitectWe are seeking an experienced Cybersecurity Solutions Manager to lead our application security initiatives at TAC Security.About the RoleThe ideal candidate will have a strong background in application security, with experience in implementing security measures across the software development lifecycle. This role requires...

  • Senior Application Security Engineer

    2 months ago

    Delhi, India Vimeo Full time

    As a Sr. Application Security Engineer at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.You’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from...