Application Security Engineer
2 days ago
About Us
We are a leading global financial technology company transforming how the securities finance industry trades, settles, and analyzes data. Our award-winning Trading, Post-Trade, Data & Analytics, RegTech, and SaaS solutions power efficiency, transparency, and innovation for over 200 of the world's top financial institutions. Every month, our platform supports over $2.4 trillion in executed transactions, a testament to our technology's impact and reliability.
With offices across North America, UK&I, and APAC, we bring together diverse teams of technologists, data experts, and business professionals who thrive on solving complex challenges at scale. We are Great Place to Work Certified in the US, UK, Ireland, and India and have been recognized for Diversity & Inclusion excellence as well as for being the Best Post-Trade Service Provider and Best Market Data Provider Globally (Securities Finance Times Industry Excellence Awards, 2023).
Founded in 2001 by ten of the world's leading financial institutions, we continue to shape the future of securities finance under the majority ownership of Welsh, Carson, Anderson & Stowe (WCAS) alongside founding shareholders and customers including Bank of America, Bank of New York, BlackRock, Goldman Sachs, Morgan Stanley, National Bank of Canada, State Street, UBS and Wells Fargo.
Join us and be part of a company where global impact, innovation, and collaboration define how we work and what we build.
About the role
We are looking for an Application Security Engineer to join us in our Bangalore office. In this role, you will directly strengthen the security posture of our global product suite by operating core AppSec platforms, validating vulnerabilities, and embedding security throughout the Software Development Lifecycle (SDLC).
You will work closely with Development, DevOps, QA, and Cloud Security teams to ensure our applications are designed, built, and deployed securely. A key part of the role involves hands-on SAST/SCA/DAST operations, manual vulnerability validation, remediation guidance, and driving secure coding practices across engineering teams.
This is an excellent opportunity to have meaningful impact in a technology-driven financial organisation, contributing directly to EquiLend's Attack Surface Management (ASM) initiatives.
What you'll do
Operate and manage Black Duck for Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including triage, validation, reporting, and developer remediation support.Configure and execute Rapid7 InsightAppSec Dynamic Application Security Testing (DAST) scans; manually validate findings, reduce false positives, and support teams through remediation.Integrate SAST, SCA, and DAST tooling into CI/CD pipelines (GitHub, Jenkins, Terraform, Kubernetes) to enable continuous and automated security testing.Perform secure code reviews, contribute to secure coding guidelines, and support application security standards.Conduct targeted penetration testing and manual validation of vulnerabilities identified by automated scanning tools.Contribute to EquiLend's Attack Surface Management (ASM) programme by identifying exposed assets and helping reduce application-layer risk.Partner with DevOps and Infrastructure teams to ensure secure configuration baselines and timely remediation of vulnerabilities.Track and report key AppSec metrics, including vulnerability trends, SLAs, and programme effectiveness.Deliver security awareness sessions and provide hands-on guidance to developers, with a focus on common vulnerabilities (e.g. OWASP Top 10 and CWE Top 25).What we're looking for
3-5 years of hands-on Application Security experience with responsibility for vulnerability triage, manual validation, and supporting remediation within engineering teams.Direct experience with Black Duck and Rapid7 InsightAppSec, or equivalent proven experience with enterprise-grade SAST/SCA/DAST tools.Strong background in secure SDLC practices, including source code review, threat modelling, and integrating security tooling into DevSecOps workflows.Solid understanding of web and cloud application architectures (Java, .NET, Python, REST APIs, microservices).Knowledge of AWS security fundamentals, IAM concepts, and container security is beneficial.Demonstrated ability to validate complex vulnerabilities (e.g. IDOR, auth bypass, SSRF, deserialisation, API flaws) beyond automated scanner output.Familiarity with ASM concepts and vulnerability management workflows in enterprise environments.Excellent communication and collaboration skills with the ability to influence developers and drive secure coding practices.Bachelor's degree in Computer Science, Information Security, or a related field.Certifications such as OSWE, GWAPT, GCSA, or equivalent are advantageous.Benefits
Variable Pay: Annual performance related variable pay award on top of your fixed CTC to reward your performance and contributions to the company's success.Hybrid Working: Our hybrid work policy requires all employees to work from the office approximately 3 days per week (50 work from home days per 6 months annually).Generous Vacation Days Per Year: Take advantage of paid vacation days annually, plus public bank holidays.Family Health Insurance Coverage: Comprehensive health insurance coverage for you and your dependents available from your first day.Personal Accidental Injury Insurance: Feel secure with personal accidental injury insurance provided from the start of your employment.Annual Team Building Retreat: Participate in an annual team-building retreat at a new and exciting location each yearRelocation Assistance: If you're relocating from more than 40 miles away, we provide hotel accommodation and travel ticket reimbursement to help ensure a smooth transition.Diversity & Inclusion
At EquiLend, we are committed to fostering an inclusive and diverse workplace where everyone is respected and valued. We believe that a variety of perspectives drives innovation and strengthens our success. If you require any reasonable accommodations during the interview process, please let us know - we're here to support you.
#LI-Hybrid
-
Security Engineer II
6 hours ago
Bengaluru, Karnataka, India Safe Security Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAt SAFE Security, our mission is bold and ambitious: We Will Build CyberAGI — a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn't just a vision—it's the future we're building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the...
-
Application Security Engineer
4 days ago
Bengaluru, Karnataka, India Allen Online Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Title: Staff Engineer - Application SecurityWe are seeking a highly experienced Principal Engineer in Application Security to join our team. The ideal candidate will play a critical role in ensuring our applications are secure and comply with the Indian Data Protection and Privacy (DPDP) laws. This position requires a deep understanding of application...
-
Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India ALLEN Digital Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAbout ALLEN Digital:At ALLEN Digital, we spearhead a technology-driven approach to education, leveraging top-tier tech talent from leading technology firms. Through our strategic collaboration with Bodhi Tree Systems, a prominent venture capital firm known for building & scaling tech-first brands, we are revolutionizing education with a tech-first...
-
Application Security Engineer
4 hours ago
Bengaluru, Karnataka, India smallcase Full time ₹ 8,00,000 - ₹ 20,00,000 per yearAbout smallcase smallcase is on a mission to change how India & Indians invest. We build products & tools for individuals to invest better in stocks & ETFs and platforms & infrastructure for the industry to offer better investment products. Our user community is 6,50,000+ strong & we work with the largest financial brands in India like HDFC, Kotak,...
-
Application Security Engineer
2 days ago
Bengaluru, Karnataka, India 78677dd5-c602-4129-ad99-bccfd569d49b Full time ₹ 20,00,000 - ₹ 25,00,000 per yearWe are hiring an experienced Application Security (AppSec) Engineer to strengthen secure software development across our products and platforms. You will collaborate with development teams, perform secure code reviews, lead threat modeling sessions, orchestrate security testing, and ensure our applications meet the highest security and compliance standards....
-
Application Security Engineer
5 days ago
Bengaluru, Karnataka, India Clinisys Full time ₹ 15,00,000 - ₹ 25,00,000 per yearIn this role, as an Application Security Engineer, you will work as a part of our security engineering team and you will collaborate with other IT professionals to ensure that data is protected. You will be responsible for suggesting and implementing with best security practices within software development lifecycle (SDLC). You will responsible for setting...
-
Application Security
2 days ago
Bengaluru, Karnataka, India Pearson Full time ₹ 20,00,000 - ₹ 40,00,000 per yearDescriptionAt Pearson, we are the world's learning company with over 24,000 employees across 70 countries. Our mission is to combine world-class educational content and assessment, powered by services and technology, to enable more effective teaching and personalised learning at scale. We believe that wherever learning flourishes, so do people.In this...
-
Application Security Engineer
7 hours ago
Bengaluru, Karnataka, India Exotel Techcom Pvt Ltd Full time ₹ 20,00,000 - ₹ 45,00,000 per yearAbout UsExotel is a leading provider of AI transformation solutions for enterprise customer engagement and experience. With over 20 billion annual conversations across omnichannel, voice, agents, and bots, Exotel is trusted by 7,000+ clients worldwide, spanning industries such as BFSI, Logistics, Consumer Durables, E-commerce, Healthcare, and Education....
-
Application Security Engineers
10 hours ago
Bengaluru, Karnataka, India Netsach Global Full time ₹ 12,00,000 - ₹ 24,00,000 per yearGreetings from Netsach - A Cyber Security Company.We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based informationJob Titlle:...
-
Application Security Engineer
2 weeks ago
Bengaluru, Karnataka, India BitGo Full time ₹ 8,00,000 - ₹ 12,00,000 per yearBitGo is the leading infrastructure provider of digital asset solutions, delivering custody, wallets, staking, trading, financing, and settlement services from regulated cold storage. Since our founding in 2013, we have focused on enabling our clients to securely navigate the digital asset space. With a global presence and multiple Trust companies, BitGo...
