Senior Application Security Engineer
3 days ago
Role Overview
We are seeking a highly skilled Senior Application Security Engineer with deep expertise in application security, threat modeling, and secure design, particularly within the ServiceNow ecosystem. The ideal candidate will combine strong technical security knowledge with practical experience in enterprise application development and cloud environments.
This role requires hands-on work with threat modeling, secure architecture reviews, security testing, and automation, alongside close collaboration with engineering and leadership teams to strengthen security posture, reduce risk, and protect sensitive customer data.
Key Responsibilities
- Perform threat modeling, architecture reviews, and security design reviews for ServiceNow applications, APIs, and integrations.
- Conduct security assessments and penetration testing using SAST/DAST tools (e.g., Checkmarx, Veracode, Burp Suite, OWASP ZAP).
- Implement and maintain security testing automation within CI/CD pipelines.
- Analyze and remediate vulnerabilities, ensuring secure coding practices and compliance with security standards.
- Work hands-on with ServiceNow platform security architecture, configuration, and application development.
- Collaborate with developers, architects, and stakeholders to ensure secure integration and data protection across distributed systems.
- Provide technical guidance and mentorship to engineering teams on secure design principles and best practices.
- Communicate technical risk and mitigation strategies clearly to both technical and non-technical stakeholders.
- Support governance initiatives by aligning with industry security frameworks and compliance standards.
Required Qualifications
Experience & Expertise
- 6+ years of experience in application or cloud security engineering.
- Demonstrable expertise in threat modeling frameworks (STRIDE, PASTA, attack trees, etc.).
- Hands-on experience with SAST & DAST tools – setup, configuration, analysis, and remediation.
- Mandatory: Extensive, production-level ServiceNow platform experience – security architecture, administration, and application ecosystem.
- Strong troubleshooting & analytical skills in distributed systems security.
- Proficiency in JavaScript, Python, or scripting languages used in ServiceNow/web development.
- Deep understanding of:
- Authentication & Authorization protocols (OAuth, SAML, SSO)
- Secure API design & access controls
- Modern web application architecture & attack vectors
- Industry standards (OWASP, NIST, etc.)
- Exposure to secure CI/CD pipelines and integration of security tools into DevSecOps workflows.
Preferred Qualifications (Nice to Have)
- Industry certifications: CISSP, CEH, OSCP, CSSLP, or ServiceNow Certified Implementation Specialist.
- Experience conducting code and architecture reviews for SaaS or enterprise-scale systems.
- Familiarity with security governance & compliance frameworks (ISO 27001/2, SOC2, GDPR).
- Knowledge of cloud security (AWS, Azure, GCP) and hybrid architectures.
- Experience in incident response, forensics, or penetration testing.
- Knowledge of security monitoring, alerting, and SIEM integrations.
Job Type: Full-time
Work Location: Remote
-
Senior Application Security Engineer
5 days ago
Remote - India Twilio Full time ₹ 15,00,000 - ₹ 20,00,000 per yearSee yourself at Twilio Join the team as Twilio's next Senior Application Security Engineer(L3). About the job The Cloud and Application Security team enables delivery of secure by default products to reduce our attack surface against an evolving threat landscape. This position is needed to enhance Twilio's Application Security capabilities to improve...
-
Security Engineer
5 days ago
Remote, India NotDisclosed Full time ₹ 10,00,000 per yearKey Responsibilities:Design, implement, and maintain security architecture across applications, infrastructure, and networks.Ensure data security (TLS 1.3, AES-256) and strong identity/access management (SAML, OAuth, RBAC).Lead threat modeling, risk assessments, and vulnerability management.Oversee secure SDLC practices: code reviews, SAST/DAST, CI/CD...
-
Senior Engineer, Cloud Security
5 days ago
Remote - India Twilio Full time ₹ 9,00,000 - ₹ 12,00,000 per yearSee yourself at TwilioJoin the team as Twilio's next Senior Cloud Security Engineer (L3). About the job The Cloud and Application Security team enables delivery of secure by default products to reduce our attack surface against an evolving threat landscape. This position is needed to enhance Twilio's Cloud Security capabilities to improve visibility,...
-
Remote, India Ocrolus Full time ₹ 7,00,000 - ₹ 12,00,000 per yearCome build at the intersection of AI and fintech. At Ocrolus, we're on a mission to help lenders automate workflows with confidence—streamlining how financial institutions evaluate borrowers and enabling faster, more accurate lending decisions.Our AI-powered data and analytics platform is trusted at scale, processing nearly one million credit applications...
-
Product Security Engineer
2 days ago
Remote, India Sun King Full time US$ 70,000 - US$ 1,20,000 per yearDescriptionJob location: Remote in India About the role:In this role, your principal mission will be to drive security-related engineering engagement and technical remediation across Sun King's product lines. You will work across application security, architecture reviews, and cloud security to scale security engagement across Engineering. As a Product...
-
Software Security Architect
6 days ago
Remote, India beBeeSeniorSecurityEngineer Full time ₹ 15,00,000 - ₹ 20,00,000About This RoleThis position involves working as a senior security engineer on the Tide platform.Our team's mission is to protect our products, covering all aspects from secure design reviews to threat modelling and penetration testing.We're proactive in our defence, constantly improving our security posture and staying ahead of emerging threats.Your Key...
-
Senior Business Security Professional
2 days ago
Remote, India beBeeInformationSecurity Full time ₹ 1,04,000 - ₹ 1,30,878Senior Business Security ProfessionalThe Senior Business Security Professional serves as a trusted advisor to business units for all information security issues. This role is a senior member of the global information security team that collaborates with other information security leaders and business teams to develop a strong understanding of business needs...
-
L1 Security Analyst
5 days ago
Remote, India Kobalt Security Inc. Full time ₹ 8,00,000 - ₹ 12,00,000 per yearAbout Us: At , our mission is to solve cybersecurity for SMBs at scale. We believe small businesses are the engine behind innovation and growth. Understanding the challenges that our customers have enables us to design and refine scalable cybersecurity services that support a secure path to growth. This is reflected in everything we do from the programs we...
-
Senior Cloud Security Engineer
5 days ago
Remote - India Turing Full time US$ 90,000 - US$ 1,20,000 per yearOverview We are seeking a highly skilled Cloud Security Engineer to join our Security team in India. This role is critical in enhancing and maintaining the security posture of our cloud infrastructure and services. You will work closely with engineering, DevOps, and fulfillment teams to embed best security practices into our cloud-native environments. Your...
-
L1 Security Analyst
7 hours ago
India, Remote (Remote) Kobalt Security Inc. Full time ₹ 9,00,000 - ₹ 12,00,000 per yearAbout Us: At , our mission is to solve cybersecurity for SMBs at scale. We believe small businesses are the engine behind innovation and growth. Understanding the challenges that our customers have enables us to design and refine scalable cybersecurity services that support a secure path to growth. This is reflected in everything we do from the programs we...
