Application Security Engineer

3 months ago

Bengaluru, India Credit Karma Full time
Intuit Credit Karma is a mission-driven company, focused on championing financial progress for our more than 130 million members globally. While we're best known for pioneering free credit scores, our members turn to us for everything related to their financial goals, including identity monitoring, applying for credit cards, shopping for insurance and loans (car, home and personal) and savings accounts and checking accounts* -- all for free. Credit Karma has grown significantly through the years: we now have more than 1,700 employees across our offices in Oakland, Charlotte, Culver City, San Diego, London and New York City.
*Banking services provided by MVB Bank, Inc., Member FDIC

As an Application Security Engineer, you will primarily focus on offensive security and closely work with architects and engineering teams to guide the implementation of secure practices across different areas like cloud, API, applications and mobile devices. You will identify trends and risks across multiple platforms, and engage with senior leadership to provide action plans and strategy.

What You'll Do:

  • Provide security expertise for cloud, web and mobile projects, helping teams meet the enterprise and IT security policies, industry regulations, and best practices.
  • Participate in developing runtime analysis capabilities to identify security vulnerabilities with high confidence.
  • Ensure the quality of our applications and products by guiding them through the Secure Development Lifecycle (SDL) process.
  • Advocate, research, develop new tools to support our security patterns and standards.
  • Monitor our exposure to, and assess the impact of, new security threats , vulnerabilities and risks.
  • Work with security and engineering teams to maintain a security architecture that provides security controls throughout all platforms to mitigate risk, and to meet goals and regulatory requirements.
  • Report to the Director of Application Security

Minimum Requirements:

  • 3+ years' experience in the application security industry, solving security problems in large-scale systems.
  • Experience with integrating security scanning tools with CI/CD, Web Application pentesting, fuzzing and DAST.
  • Expertise in verifying and measuring common security vulnerabilities, and demonstrated ability in communicating these concepts to your partners in engineering. From the OWASP Top Ten to more advanced concepts, you've seen it before, and can describe it with ease.
  • Familiarity with the responsibilities and workflow of software developers. The Application Security team works with engineering to meet both business needs and security requirements. You can speak their language, and sympathize with their challenges.

Even Better:

  • Exposure to most of the following technologies: Google Cloud, iOS, IAM, Snyk, Android, CircleCI, Consul, Kubernetes, PKI, React, GraphQL, Splunk, and InfluxDB.
  • Experience defining security architecture patterns and standards in a large enterprise organization.
  • Knowledge of cryptography including algorithms, standards, and their practical applications such as x.509 certificates.

Equal Employment Opportunity:

Credit Karma is proud to be an Equal Employment Opportunity Employer. We welcome all candidates without regard to race, color, religion, age, marital status, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity or gender expression, national origin, veteran or military status, disability (physical or mental), genetic information or other protected characteristic. We prohibit discrimination of any kind and operate in compliance with applicable fair chance laws. 

Credit Karma is also  committed to a diverse and inclusive work environment because it is the right thing to do. We believe that such an environment advances long-term professional growth, creates a robust business, and supports our mission of championing financial progress for everyone. We offer generous benefits and perks with a single eye to nourishing an inclusive environment that recognizes the contributions of all and fosters diversity by supporting our internal Employee Resource Groups. We’ve worked hard to build an intensely collaborative and creative environment, a diverse and inclusive employee culture, and the opportunity for professional growth. As part of the Credit Karma team, your voice will be heard, your contributions will matter, and your unique background and experiences will be celebrated.

Please contact if you are interested in e mployment with Credit Karma and need special as sistance or an accommodation to either apply or interview for a specific role.

Privacy Policies:

Credit Karma is strongly committed to protecting personal data. Please take a look below to review our privacy policies:

  • RSA Security Engineer

    2 weeks ago

    Bengaluru, Karnataka, India RSA Security Full time

    Job Title: RSA Security Engineer - Application Security ExpertJob Summary: We are seeking a highly skilled Application Security Engineer to join our team at RSA Security. As an Application Security Engineer, you will be responsible for designing and implementing secure software development lifecycle (SDLC) processes, identifying and mitigating security...

  • RSA - Application Security Engineer

    2 months ago

    Bengaluru, India RSA Security Full time

    RSA - Application Security Engineer (Location: Hybrid/ Remote India) RSA offers mission-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced...

  • Application Security Specialist

    3 weeks ago

    Bengaluru, Karnataka, India RSA Security Full time

    Job Title: RSA - Application Security EngineerJob Summary:RSA is seeking an experienced Application Security Engineer to join our team. As a key member of our security team, you will be responsible for designing and implementing secure software development practices, identifying and mitigating security risks, and collaborating with cross-functional teams to...

  • Application Security Specialist

    3 weeks ago

    Bengaluru, Karnataka, India RSA Security Full time

    Job Title: Application Security SpecialistRSA Security is seeking an experienced Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for ensuring the security of our applications and services.Key Responsibilities:Perform security assessments on web applications and servicesHelp application teams...

  • RSA Security Application Security Specialist

    3 weeks ago

    Bengaluru, Karnataka, India RSA Security Full time

    Job Title: Application Security SpecialistRSA Security is seeking an experienced Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for assessing the security of our web applications and services, identifying vulnerabilities, and implementing security measures to protect our systems.Key...

  • Principal Security Engineer

    2 weeks ago

    Bengaluru, Karnataka, India RSA Security Full time

    Job Title: Principal Security EngineerRSA Security is looking for a highly skilled Principal Security Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for designing, developing, and maintaining our flagship product, NetWitness, in the SIEM domain.ResponsibilitiesDesign, develop, and maintain features for a...

  • Application Security Engineer

    4 days ago

    Bengaluru, India 7-Eleven Global Solution Center – India Full time

    About the CompanyWhy Join 7-Eleven Global Solution Center? When you join us, you will Take Ownership – Within a product area, the teams will own the end-to-end delivery of solutions. The teams will be entrusted with responsibility and ownership for the delivery of products. They will also support the local teams in each country in integrating new digital...

  • Application Security Engineer

    5 days ago

    Bengaluru, India Wenger & Watson Full time

    Application Security EngineerWork experience - 2 to 4 yearsLocation - BangaloreSkills - API Security, API security and penetration testing.• Proven experience working with multiple customers to define scope and execute API pen testing.• Strong background in mentoring and leading teams.• In-depth knowledge of OWASP Top 10 and OWASP API Top 10 security...

  • Application Security Engineer

    1 week ago

    Bengaluru, India 7-Eleven Global Solution Center – India Full time

    About the CompanyWhy Join 7-Eleven Global Solution Center? When you join us, you will Take Ownership – Within a product area, the teams will own the end-to-end delivery of solutions. The teams will be entrusted with responsibility and ownership for the delivery of products. They will also support the local teams in each country in integrating new digital...

  • Application Security Engineer

    5 days ago

    Bengaluru, India Wenger & Watson Full time

    Application Security EngineerWork experience - 2 to 4 yearsLocation - BangaloreSkills - API Security, API security and penetration testing.• Proven experience working with multiple customers to define scope and execute API pen testing.• Strong background in mentoring and leading teams.• In-depth knowledge of OWASP Top 10 and OWASP API Top 10 security...

  • Application Security Engineer

    5 days ago

    Bengaluru, India Wenger & Watson Full time

    Application Security EngineerWork experience - 2 to 4 yearsLocation - BangaloreSkills - API Security, API security and penetration testing.• Proven experience working with multiple customers to define scope and execute API pen testing.• Strong background in mentoring and leading teams.• In-depth knowledge of OWASP Top 10 and OWASP API Top 10 security...

  • Application Security Engineer

    5 days ago

    Bengaluru, India Wenger & Watson Full time

    Application Security Engineer Work experience - 2 to 4 years Location - Bangalore Skills - API Security, API security and penetration testing. • Proven experience working with multiple customers to define scope and execute API pen testing. • Strong background in mentoring and leading teams. • In-depth knowledge of OWASP Top 10 and OWASP API Top 10...

  • Application Security Engineer

    2 weeks ago

    Bengaluru, India 7-Eleven Global Solution Center – India Full time

    About the Company Why Join 7-Eleven Global Solution Center? When you join us, you will Take Ownership – Within a product area, the teams will own the end-to-end delivery of solutions. The teams will be entrusted with responsibility and ownership for the delivery of products. They will also support the local teams in each country in integrating new digital...

  • Application Security Engineer

    2 weeks ago

    Bengaluru, India 7-Eleven Global Solution Center – India Full time

    About the Company Why Join 7-Eleven Global Solution Center? When you join us, you will Take Ownership – Within a product area, the teams will own the end-to-end delivery of solutions. The teams will be entrusted with responsibility and ownership for the delivery of products. They will also support the local teams in each country in integrating new digital...

  • Application Security Engineer

    2 weeks ago

    Bengaluru, India 7-Eleven Global Solution Center – India Full time

    About the Company Why Join 7-Eleven Global Solution Center? When you join us, you will Take Ownership – Within a product area, the teams will own the end-to-end delivery of solutions. The teams will be entrusted with responsibility and ownership for the delivery of products. They will also support the local teams in each country in integrating new...

  • Security Engineer

    4 weeks ago

    Bengaluru, India NetApp Full time

    Title: Security Engineer (Application Security, DevSecOps) Location: Bangalore, Karnataka, IN, 560071 Requisition ID: 127561 Job SummaryThis role involves collaborating with different teams to develop and maintain secure cloud architectures in line with best practices. It includes setting up continuous asset monitoring, administering security controls...

  • Security Engineer

    3 days ago

    Bengaluru, India NetApp Full time

    Title: Security Engineer (Application Security, DevSecOps) Location: Bangalore, Karnataka, IN, 560071 Requisition ID: 127561 Job SummaryThis role involves collaborating with different teams to develop and maintain secure cloud architectures in line with best practices. It includes setting up continuous asset monitoring, administering security controls...

  • Application Security

    2 months ago

    Bengaluru, India Condé Nast Technology Lab Full time

    JOB DESCRIPTION Condé Nast is a global media company, home to iconic brands including Vogue, The New Yorker, GQ, Glamour, AD, Vanity Fair and Wired, among many others. The company's award-winning content reaches 84 million consumers in print, 367 million in digital and 379 million across social platforms, and generates more than 1 billion video views each...

  • Application Security

    2 months ago

    Bengaluru, India Condé Nast Technology Lab Full time

    JOB DESCRIPTION Condé Nast is a global media company, home to iconic brands including Vogue, The New Yorker, GQ, Glamour, AD, Vanity Fair and Wired, among many others. The company's award-winning content reaches 84 million consumers in print, 367 million in digital and 379 million across social platforms, and generates more than 1 billion video views each...

  • Security Engineer, Application Security

    4 months ago

    Bengaluru, India ADCI - Karnataka Full time

    In Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe’s largest AWS deployment.As an AppSec engineer, you will collaborate with...