Senior Application Security Engineer
1 week ago
Role Overview
We are seeking a highly skilled Senior Application Security Engineer with deep expertise in application security, threat modeling, and secure design, particularly within the ServiceNow ecosystem. The ideal candidate will combine strong technical security knowledge with practical experience in enterprise application development and cloud environments.
This role requires hands-on work with threat modeling, secure architecture reviews, security testing, and automation, alongside close collaboration with engineering and leadership teams to strengthen security posture, reduce risk, and protect sensitive customer data.
Key Responsibilities
- Perform threat modeling, architecture reviews, and security design reviews for ServiceNow applications, APIs, and integrations.
- Conduct security assessments and penetration testing using SAST/DAST tools (e.g., Checkmarx, Veracode, Burp Suite, OWASP ZAP).
- Implement and maintain security testing automation within CI/CD pipelines.
- Analyze and remediate vulnerabilities, ensuring secure coding practices and compliance with security standards.
- Work hands-on with ServiceNow platform security architecture, configuration, and application development.
- Collaborate with developers, architects, and stakeholders to ensure secure integration and data protection across distributed systems.
- Provide technical guidance and mentorship to engineering teams on secure design principles and best practices.
- Communicate technical risk and mitigation strategies clearly to both technical and non-technical stakeholders.
- Support governance initiatives by aligning with industry security frameworks and compliance standards.
Required Qualifications
Experience & Expertise
- 6+ years of experience in application or cloud security engineering.
- Demonstrable expertise in threat modeling frameworks (STRIDE, PASTA, attack trees, etc.).
- Hands-on experience with SAST & DAST tools – setup, configuration, analysis, and remediation.
- Mandatory: Extensive, production-level ServiceNow platform experience – security architecture, administration, and application ecosystem.
- Strong troubleshooting & analytical skills in distributed systems security.
- Proficiency in JavaScript, Python, or scripting languages used in ServiceNow/web development.
- Deep understanding of:
- Authentication & Authorization protocols (OAuth, SAML, SSO)
- Secure API design & access controls
- Modern web application architecture & attack vectors
- Industry standards (OWASP, NIST, etc.)
- Exposure to secure CI/CD pipelines and integration of security tools into DevSecOps workflows.
Preferred Qualifications (Nice to Have)
- Industry certifications: CISSP, CEH, OSCP, CSSLP, or ServiceNow Certified Implementation Specialist.
- Experience conducting code and architecture reviews for SaaS or enterprise-scale systems.
- Familiarity with security governance & compliance frameworks (ISO 27001/2, SOC2, GDPR).
- Knowledge of cloud security (AWS, Azure, GCP) and hybrid architectures.
- Experience in incident response, forensics, or penetration testing.
- Knowledge of security monitoring, alerting, and SIEM integrations.
Job Type: Full-time
Work Location: Remote
-
Senior Application Security Engineer
3 weeks ago
Pacific Remote Islands Marine National Monument, India Nexsofture Private Limited Full timeRole Overview We are seeking a highly skilled Senior Application Security Engineer with deep expertise in application security, threat modeling, and secure design, particularly within the ServiceNow ecosystem. The ideal candidate will combine strong technical security knowledge with practical experience in enterprise application development and cloud...
-
Remote, India Ocrolus Full time ₹ 7,00,000 - ₹ 12,00,000 per yearCome build at the intersection of AI and fintech. At Ocrolus, we're on a mission to help lenders automate workflows with confidence—streamlining how financial institutions evaluate borrowers and enabling faster, more accurate lending decisions.Our AI-powered data and analytics platform is trusted at scale, processing nearly one million credit applications...
-
Security Engineer
1 week ago
Remote, India NotDisclosed Full time ₹ 10,00,000 per yearKey Responsibilities:Design, implement, and maintain security architecture across applications, infrastructure, and networks.Ensure data security (TLS 1.3, AES-256) and strong identity/access management (SAML, OAuth, RBAC).Lead threat modeling, risk assessments, and vulnerability management.Oversee secure SDLC practices: code reviews, SAST/DAST, CI/CD...
-
Remote, India Cloud Software Group Full time ₹ 1,50,00,000 - ₹ 2,50,00,000 per yearThe Senior Director of Engineering will be accountable for the following strategic and organizational outcomes:Engineering Vision & Strategy: Define and relentlessly communicate a multi-year, strategic engineering roadmap for the Integration Team that aligns directly with the company's long-term business goals. Accountable for technology choices,...
-
L1 Security Analyst
2 weeks ago
Remote, India Kobalt Security Inc. Full time ₹ 9,00,000 - ₹ 12,00,000 per yearAbout Us: At , our mission is to solve cybersecurity for SMBs at scale. We believe small businesses are the engine behind innovation and growth. Understanding the challenges that our customers have enables us to design and refine scalable cybersecurity services that support a secure path to growth. This is reflected in everything we do from the programs we...
-
Senior Cloud Engineer
4 days ago
Remote, India Jobbycart technologies private limited Full time ₹ 9,00,000 - ₹ 12,00,000 per yearJob Summary:The Senior Cloud Engineer will lead the design, implementation, and management of advanced cloud infrastructure. This role focuses on building scalable, secure, and cost-effective cloud solutions for financial services applications. The ideal candidate will be an expert in cloud services and have a proven track record of leading cloud engineering...
-
Product Security Engineer
1 week ago
Remote, India Sun King Full time ₹ 12,00,000 - ₹ 36,00,000 per yearDescriptionJob location: Remote in India About the role:In this role, your principal mission will be to drive security-related engineering engagement and technical remediation across Sun King's product lines. You will work across application security, architecture reviews, and cloud security to scale security engagement across Engineering. As a Product...
-
Senior Solutions Engineer
1 week ago
Remote, India Saviynt Full time ₹ 15,00,000 - ₹ 30,00,000 per yearSaviynt's AI-powered identity platform manages and governs human and non-human access to all of an organization's applications, data, and business processes. Customers trust Saviynt to safeguard their digital assets, drive operational efficiency, and reduce compliance costs. Built for the AI age, Saviynt is today helping organizations safely accelerate their...
-
Application Development Engineer
4 days ago
Remote, India Inspiredge IT Solutions Full time ₹ 10,00,000 - ₹ 25,00,000 per yearRole Objective:We are seeking a skilled Application Development Engineer with expertise in software development, scripting, and telecommunications or data network maintenance. The role will focus on developing, testing, and maintaining applications in large-scale environments, ensuring high performance, reliability, and security. This position requires...
-
Cyber Security Engineer
1 week ago
Remote, India Codash Solutions Full time ₹ 80,000 - ₹ 90,000 per yearKey Responsibilities:Implement and manage IAM solutions using ForgeRock and/or SailPoint.Work directly with clients to gather requirements, propose solutions, and manage expectations.Configure identity workflows, access policies, and provisioning processes.Troubleshoot and resolve IAM issues and integration challenges.Collaborate with internal security and...
