Application Security Engineer II

3 days ago


Hyderabad, Telangana, India Phenom Full time ₹ 12,00,000 - ₹ 36,00,000 per year

Job Requirements
What You'll Do

  • Research, identify and analyze and triage vulnerabilities that could affect Phenom ITX Platform and its supporting infrastructure, and determine its severity, exploitability and corrective action recommendations, summarizing and reporting results.
  • Collaborate with engineering/development teams to evolve software assurance processes to address security risks, and help teams learn and adopt shift-security-to-left practices.
  • Work on implementing the required fixes to remediate the vulnerabilities in collaboration with the engineering team
  • Deploy, improve and utilize SAST/DAST/SCA and other cybersecurity solutions to identify and communicate security vulnerabilities to Phenom production teams
  • Maintain and report progress on the state of application vulnerabilities and escalate as necessary to ensure vulnerability issues are closed and handled in a manner consistent with Phenom standards
  • Work closely with the business, support and production teams to provide input and guidance on development of planned remediation plans and strategies to solve identified vulnerabilities
  • Use technical writing and effective communications to prepare and deliver vulnerability assessment result reports to all levels of audiences (peers and or leadership).
  • Drive compliance support and improvements over time through the management, analysis and tracking of vulnerabilities discovered through audits, products or collaborations.
  • Perform research and analytics and stay apprised on new security vulnerability, threats, risks, attack tools and techniques to contribute and improve Phenom's Threat model and collaborate with senior engineering and product management staff to incorporate effective security standards and controls into product design.
  • Help in the deployment of Phenom Secure Architecture & Software Development program to support the best cybersecurity development practice, and ensure Phenom ITX Platform is highly secure, resilient and aligned with business and product development strategy.
  • Continuously review and identify security improvement opportunities in existing processes, services, and workflows to ensure Phenom ITX platform is robust against current and future cybersecurity threats.
  • Support cybersecurity process activities including security requirements definition, threat modelling, code reviews and cyber risk assessment.
  • Support on development and maintenance of a "security by default" standard to be used in the development, infrastructure, or any other technology project.
  • Deliver training on Security Development Lifecycle to engineering/development teams
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
  • Drive continuous improvement activities to define, measure, visualize and improve key cyber security metrics related to Application Security.
  • Provide analytic support to answer questions about vulnerabilities, and general threat intelligence trends

Work Experience

  • Experience with Amazon Web Services cloud environments and its security controls and their corresponding challenges.
  • Experience with microservices architectures & distributed Platforms especially in the SaaS businesses
  • Experience using Agile software development
  • Coding Experience in Scripting & programming languages (such as Terraform, Java, Python, Ruby, etc.)
  • Knowledge of information security principles (Confidentiality, Integrity, Availability Authentication & Public Key Infrastructure (PKI), Data Security or Cryptography), and understanding of common exploitation techniques and mitigation.
  • Experience implementing, managing, and supporting a vulnerability management program (process and technology).
  • Experience and well-known understanding of Dynamic and Static Application Security Testing (DAST & SAST) and infrastructure automation/development utilizing APIs.
  • Understanding of the main cybersecurity tools (SIEM, IPS, XDR, etc.) and how they help to protect an application.
  • Experience working with Threat modeling (e.g., STRIDE, PASTA, FAIR, Security Cards) and vulnerability frameworks standards (e.g., OWASP, CVSS, CWE) with a good understanding of the Cyber Kill Chain and pervasive threat attack methods and remediation.
  • Thought leadership, critical thinking, strong organizational skills, report writing skills to senior level, ability to prioritize and multitask

  • Security Engineer II

    4 weeks ago


    Hyderabad, Telangana, India JP Morgan Chase & Co. Full time

    Job DescriptionYou're at the forefront of delivering secure software solutions. Join us a valued member of a top-performing teamAs a Security Engineer II at JPMorgan Chase within the Cybersecurity & Technology Controls team, you will be part of an agile team dedicated to delivering software solutions that meet pre-defined functional and user requirements,...

  • Security Engineer II

    4 weeks ago


    Hyderabad, Telangana, India JP Morgan Chase & Co. Full time

    Job DescriptionYou're at the forefront of delivering secure software solutions. Join us a valued member of a top-performing team.As a Security Engineer II at JPMorgan Chase within the Cybersecurity & tech Controls team, youare part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the...


  • Hyderabad, Telangana, India JPMorganChase Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    JOB DESCRIPTIONYou're at the forefront of delivering secure software solutions. Join us a valued member of a top-performing teamAs a Security Engineer II at JPMorgan Chase within the Cybersecurity & Technology Controls team, you will be part of an agile team dedicated to delivering software solutions that meet pre-defined functional and user requirements,...


  • Hyderabad, Telangana, India JPMorganChase Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    JOB DESCRIPTIONYou're at the forefront of delivering secure software solutions. Join us a valued member of a top-performing teamAs a Security Engineer II at JPMorgan Chase within the Cybersecurity & Technology Controls team, you will be part of an agile team dedicated to delivering software solutions that meet pre-defined functional and user requirements,...


  • Hyderabad, Telangana, India McDonalds Full time

    About McDonalds in IndiaOne of the worlds largest employers with locations in more than 100 countries McDonalds Corporation has corporate opportunities in Hyderabad Our global offices serve as dynamic innovation and operations hubs designed to expand McDonald s global talent base and in-house expertise Our new office in Hyderabad will bring together...


  • Hyderabad, Telangana, India Microsoft Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    With the Microsoft Cloud Security team, we take immense pride in developing a diverse set of security products and services that are leaders in their respective market segments. Our innovative solutions have set new industry standards, earning global recognition safeguarding critical infrastructure at the highest scale. Microsoft Defender for Cloud is a...


  • Hyderabad, Telangana, India JPMorganChase Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    JOB DESCRIPTIONYou're ready to gain the skills and experience needed to grow within your role and advance your career — and we have the perfect software engineering opportunity for you.As a Software Engineer II at JPMorgan Chase within the Infrastructure Platforms team, you will be part of an agile team dedicated to enhancing, designing, and delivering the...


  • Hyderabad, Telangana, India ICE Data Services Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Job PurposeAn ICE Application Security Engineer is part of a team responsible for ensuring that ICE produces and maintains secure applications. This team member influences secure design, performs code analysis, identifies vulnerabilities through hands-on penetration testing, assists developers in remediation efforts, and communicates findings to developers,...


  • Hyderabad, Telangana, India ICE Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Job DescriptionJob PurposeAn ICE Application Security Engineer is part of a team responsible for ensuring that ICE produces and maintains secure applications. This team member influences secure design, performs code analysis, identifies vulnerabilities through hands-on penetration testing, assists developers in remediation efforts, and communicates findings...


  • Hyderabad, Telangana, India Evnek Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    **Job Title: Application Security EngineerExperience Required: 5+ YearsLocation: HyderabadShifts: General Shift & UK Shift (Rotational)Notice Period: Immediate Joiners OnlyCab Facility: AvailableJob OverviewWe are looking for a skilled and passionateApplication Security Engineer**to join our Cybersecurity team in Hyderabad. This role is ideal for...