AppSec SAST
4 days ago
Date Opened
10/21/2025
Job Type
Full time
Industry
IT Services
City
Hyderabad,Bengaluru
State/Province
Karnataka
Country
India
Zip/Postal Code
560001
Job DescriptionWork you will do
You are responsible for adhering to the defined operating procedures and guidelines in operating the application security services in the Managed Services model, which includes the following:
o Understand and be compliant with the Service Level Agreements defined for the DevSecOps services;
o Understand and deep knowledge of application security engineering principles, and helping clients development team and function to follow secure development practices which includes primarily monitoring and performing the security design review, architecture review, threat modeling, security testing, secure code review, secure build processes;
o Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled during operations;
o Facilitate use of technology-based tools or methodologies to continuously improve the monitoring, management and reliability of the service;
o Perform manual and automated security assessment of the applications;
o Involved in triaging and defect tracking process with the development team and helping the team to fix issues at the code level based on the priority of the tickets;
o Be a liaison between the Application development and infrastructure team, and integrate the processes between infrastructure monitoring and operations processes with the secure development/testing and management processes;
o Identifying, researching and analyzing application security events which may include emerging and existing persistent threats to the client's environment; and
o Performing active monitoring and tracking of application related threat actors and tactics, techniques and procedures (TTPs), that could likely cause an impact to client organization
Required:
- Minimum of 5-8 years' experience in application security development, security testing, deployment and security management phases;
- Deep interest in application specific vulnerabilities, code development and infrastructure knowledge;
- Investigative and analytical problem-solving skills;
- Experience in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.)
- Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles;
- Hands-on experience in running, installing and managing DAST solutions such as web inspect and AppScan;
- Hands-on experience in performing code review of dot Net, Java and Swift and objective C code;
- Hands-on experience in running , installing and managing SAST solutions such as Checkmarx and Fortify
- Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk;
- Hands-on experience in integrating security tools in DevOps processes;
- Hands-on on at least one CI/CD tool set such as team city, Bamboo, Jenkins, Chef, Puppet, selenium;
- Knowledge of cloud environments and deployment solutions such as server less computing;
- Hands on experience in penetration testing of mobile, desktop and web applications.
- Hands on experience on application containers such as Dockers and Kubernetes;
- Possession of excellent oral and written communication skill; and
- Knowledge of one or more scripting languages for automation and complex searches
Preferred:
- Bachelors in computer science or other technical fields;
- Experience with application monitoring, Managed Services business primarily on DevOps, Threat and Vulnerability Management for Application infrastructure, source code verification, link analysis, and threat modeling;
- Solid and demonstrable comprehension of Information Security including OWASP/SANS, Security Test Case development (or mis-use case), OOAD notations, emerging threats, attacks, and vulnerability management
- Understanding of security essentials including; networking concepts, defense strategies, and current security technologies
- Ability to research and characterize security threats to include identification and classification of application related threat indicators; and
- Certification such as SANS Secure Coding, Security Engineering, Web Application Security, ISC2 CSSLP, OSCP etc. are preferred.
-
Application Security Engineers
4 days ago
Bengaluru, Karnataka, India NETSACH GLOBAL Full time ₹ 12,00,000 - ₹ 36,00,000 per yearGreetings from Netsach - A Cyber Security Company.We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based informationJob Titlle:...
-
Software Engineering, Sr Engineer
1 week ago
Bengaluru, Karnataka, India Black Duck Full time ₹ 20,00,000 - ₹ 25,00,000 per yearBlack Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and...
-
Senior Devsecops Engineer
4 days ago
Bengaluru, Karnataka, India GoKwik Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAs a Senior DevSecOps Engineer, you'll ensure every layer of our infrastructure and development lifecycle is secure, compliant, and resilient. You'll work end-to-end with engineering teams, from design and deployment to operations and optimisation, embedding security guardrails into CI/CD pipelines, automating IAM and compliance checks, and reducing human...
-
Software Engineering, Intern
2 weeks ago
Bengaluru, Karnataka, India Black Duck Software, Inc. Full time ₹ 6,00,000 - ₹ 12,00,000 per yearBlack Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and...
-
Sr Security Engineer
6 days ago
Bengaluru, Karnataka, India Motive Full time ₹ 12,00,000 - ₹ 36,00,000 per yearWho we are:Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable. For the first time ever, safety, operations and finance teams can manage their drivers, vehicles, equipment, and fleet related spend in a single system. Combined with industry leading AI, the Motive platform gives you...
-
Software Engineering, Intern
4 days ago
Bengaluru, Karnataka, India Black Duck Software, Inc. Full time ₹ 5,00,000 - ₹ 12,00,000 per yearBlack Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and...
-
Senior AppSec Engineer
3 weeks ago
Bengaluru, India Atomicwork Full timeAbout AtomicworkAtomicwork is reimagining IT and workplace operations by putting employees at the center of the experience. With a strong emphasis on automation, integration, and security, Atomicwork helps organizations streamline workflows, improve productivity, and reduce friction across employee and IT interactions.Role OverviewWe are looking for a Senior...
-
Staff Pentester
5 days ago
Bengaluru, Karnataka, India Cloudera Full timeBusiness Area: Engineering Seniority Level: Mid-Senior level Job Description: At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open...
-
Lead AppSec Engineer
3 weeks ago
Bengaluru, India InMobi Advertising Full timeAbout UsInMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content, and commerce experiences activate audiences, drive real connections, and diversify revenue for businesses everywhere.InMobi Advertising is an end-to-end...
-
(High Salary) Application Security Manager
2 weeks ago
Bengaluru, India Pearson Full timeJob Description At Pearson, we are the world's learning company with over 24,000 employees across 70 countries. Our mission is to combine world-class educational content and assessment, powered by services and technology, to enable more effective teaching and personalised learning at scale. We believe that wherever learning flourishes, so do people. In this...
-
Application Security Architect
2 weeks ago
Bengaluru, India YASH Technologies Full timeRole: Application Security Architect This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secure Software development lifecycle (SDLC) activities and identify tools to integrate into the development process to assess the security of applications. When...
-
Application Security Engineers
3 weeks ago
Bengaluru, India NETSACH GLOBAL Full timeGreetings from Netsach - A Cyber Security Company. We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information Job Titlle:...
-
Application Security Engineers
3 weeks ago
Bengaluru, India NETSACH GLOBAL Full timeGreetings from Netsach - A Cyber Security Company. We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information Job Titlle:...
-
Application Security Architect
2 weeks ago
Greater Bengaluru Area, IN YASH Technologies Full timeRole: Application Security Architect This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secure Software development lifecycle (SDLC) activities and identify tools to integrate into the development process to assess the security of applications. When...
-
Application Security Architect
2 weeks ago
Greater Bengaluru Area, India YASH Technologies Full timeRole: Application Security Architect This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secure Software development lifecycle (SDLC) activities and identify tools to integrate into the development process to assess the security of applications. When...
-
Only 24h Left: Application Security Architect
2 weeks ago
Greater Bengaluru Area, India YASH Technologies Full timeRole: Application Security Architect This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secure Software development lifecycle (SDLC) activities and identify tools to integrate into the development process to assess the security of applications. When...
