Senior Application Security Engineer
2 weeks ago
Who we are
We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.
Job summary
As a Senior Application Security Engineer specializing in application security and DevSecOps within our cybersecurity team, you will play a crucial role in safeguarding our company's web applications by integrating security practices into the Software Development Life Cycle (SDLC). You will be responsible for the proactive identification, assessment, and mitigation of security vulnerabilities, developing and driving the adoption of DevSecOps practices, and ensuring that security is embedded in all phases of software development.
What you will do
Lead the integration of security measures into the SDLC, ensuring that all aspects of web application development are secure by design.Conduct thorough security assessments and penetration testing for web applications to identify vulnerabilities and security gaps.Play an advisory role with software engineering teams in the architectural design of new applications, emphasizing secure architectural patterns and best practices.Perform and coordinate manual and automated code reviews.Lead threat modeling exercises across engineering teams.Collaborate with software development teams to implement DevSecOps practices, providing guidance on secure coding, automated security testing, and continuous monitoring.Contribute to internal security tooling development or integration.Develop and maintain a secure framework for code deployment, automating security processes where possible to streamline the development workflow.Work cross-functionally with various teams, including IT, engineering, operations, and business units, to communicate security policies and procedures effectively.Establish and maintain strong relationships with stakeholders, presenting complex security concepts in an accessible manner.Stay abreast of the latest security threats, trends, and technologies in web application security and incorporate this knowledge into company practices.Assist in the development and enforcement of security policies and procedures, ensuring compliance with industry standards and regulations.Assist with managing bug bounty program.Develop program documentation to promote operational stability and scalability.Support Leadership in defining and executing the roadmap for DevSecOps maturity and secure SDLC initiatives.Support governance and compliance teams on secure engineering practices for aligning security policies related to SDLCDrive and support security identified remediation efforts.Foster and promote a security-forward culture.Mentor junior team members.Other duties and responsibilities, as assigned.What you will have
5+ years of experience in cybersecurity, with a focus on web application security and secure SDLC.Proficiency with programming/scripting languages such as JavaScript, Python, Java, Bash, PowerShell.Experience in penetration testing.Bachelor's or master's degree in computer science, cybersecurity, or a related field.Proven track record of working with DevSecOps tools (such as SAST/DAST/SCA) and methodologies.Strong understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities.Excellent communication skills with the ability to engage technical and non-technical stakeholders.Strong analytical and problem-solving abilities, with a meticulous attention to detail.Advanced level of knowledge of Information Security design concepts and principles.Nice to have
Master's degree in a technical disciplineProfessional security certifications such as CISSP, OSCP, CEH, or equivalent are highly desirable.Experience working in highly regulated environments.Advanced level of knowledge of IT frameworks and standards (NIST, OWASP Top Ten, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust, FedRAMP)Certified Information Systems Auditor (CISA)AWS Solutions ArchitectBenefits
Generous time off policiesTop shelf benefitsEducation, wellness and lifestyle support#LI-GA1
-
Senior Application Security Engineer
5 days ago
Bengaluru, Karnataka, India Twilio Full timeWho we areAt Twilio, we're shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences.Our dedication to remote-first work, and strong culture of connection and global inclusion means that...
-
Senior Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India, Karnataka Mobileum Full timeRole: Senior Security ExpertDepartment: Engineering / Development / R&DReports To: DevSecOps Lead (Techno-Managerial)Experience: 10-12 yearsAbout the Job: We are looking for a Senior Security Expert to drive AppSec practices, secure SDLC processes, and ISO 27001–aligned security controls across Engineering. The role focuses on implementing secure coding...
-
Application Security Engineer
5 days ago
Bengaluru, Karnataka, India ALLEN Digital Full timeAbout ALLEN Digital:At ALLEN Digital, we spearhead a technology-driven approach to education, leveraging top-tier tech talent from leading technology firms. Through our strategic collaboration with Bodhi Tree Systems, a prominent venture capital firm known for building & scaling tech-first brands, we are revolutionizing education with a tech-first...
-
Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India DigiCert Full time ₹ 8,00,000 - ₹ 12,00,000 per yearWho we areWe're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies...
-
Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India DigiCert Full time ₹ 48,00,000 - ₹ 1,44,00,000 per yearWho we areWe're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies...
-
Application Security Engineers
2 weeks ago
Bengaluru, Karnataka, India NETSACH GLOBAL Full time ₹ 12,00,000 - ₹ 36,00,000 per yearGreetings from Netsach - A Cyber Security Company.We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based informationJob Titlle:...
-
Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India Procallisto Solutions Full time ₹ 1,00,00,000 - ₹ 2,00,00,000 per yearCompany Name is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly...
-
Application Security Engineer
1 week ago
Bengaluru, Karnataka, India Step One Step Ahead Llp Full time ₹ 2,16,000 - ₹ 7,20,000 per yearWere hiring a Application Security Test Engineer with 2-3 years of experience in Application Security, SAST, and SCA tools like Snyk, SonarQube, or Checkmarx. Integrate security into CI/CD, manage vulnerabilities, and support teams in secure coding.
-
Senior Application Security Consultant
1 week ago
Bengaluru, Karnataka, India Black Duck Software Full time ₹ 9,00,000 - ₹ 12,00,000 per yearBlack Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and...
-
Senior Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India Sphera Full time ₹ 12,00,000 - ₹ 24,00,000 per yearSphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability. Our mission is to create a safer, more sustainable and productive world.Sphera is a portfolio company of Blackstone, a U.S.-based alternative asset investment company that focuses on...
