Role: Senior Application Security Engineer

Location: Bangalore (Remote)

Role Purpose: The Sr. Application Security Engineer will be a hands-on role responsible for delivering security engineering services to our engineering teams and for executing initiatives on improving our security program.

This role plays a vital part in our global CISO function. It enables our business and customers to have more confidence in our systems, our processes and our ability to manage the cyber threats we face.

Example Responsibilities

• Integrate security into the Software Development Life Cycle
• Perform manual penetration testing of Web applications and API
• Audit source code and perform code review for critical application changes
• Help development teams in understanding security vulnerabilities and associated risk, prioritizing remediation efforts
• Provide remediation guidance to development teams
• Manage cross-functional internal and external team collaboration and communications.
• Identify security gaps in our processes, design and own initiatives to fill these gaps
• Build custom security solutions and automation for solving security challenges
• Build, promote and scale DevSecOps across the company and enable integration of tools and practices as the teams transition to DevSecOps.

Experience and Qualifications

• 5+ years of experience in application security role
• Bachelor's degree or experience with Master's degree in Computer Science, Mathematics, Physics, or equivalent

• Hands on experience in pen testing Web application and API
• Deep understanding of OWASP Top 10 and CWE 25
• Experience in using SAST, DAST, IAST, SCA tools

• Ability to communicate well, present security threats and risks to engineering teams
• Self-motivated; ability to work independently on new initiatives.

Great to have Experience and Qualifications

• Experience in pen testing mobile applications
• Experience with scripting languages such as Python
• Knowledge on CI/CD automation tools (AWS DevOps, Github Actions, Jenkins)
• Understanding of AWS security principles, cloud security architecture and assessment
• Certifications such as CREST, OSCP, OSWE, CEPT, CMWAPT, GPEN, PentTest+

Key Characteristics and Attitudes

• Passion for product security as a subject
• Ability to learn and adapt to changing technology landscape
• Desire to enable change and continuous growth

Role: Senior Application Security Engineer

Location: Bangalore (Remote)

Role Purpose: The Sr. Application Security Engineer will be a hands-on role responsible for delivering security engineering services to our engineering teams and for executing initiatives on improving our security program.

This role plays a vital part in our global CISO function. It enables our business and customers to have more confidence in our systems, our processes and our ability to manage the cyber threats we face.

Example Responsibilities

• Integrate security into the Software Development Life Cycle
• Perform manual penetration testing of Web applications and API
• Audit source code and perform code review for critical application changes
• Help development teams in understanding security vulnerabilities and associated risk, prioritizing remediation efforts
• Provide remediation guidance to development teams
• Manage cross-functional internal and external team collaboration and communications.
• Identify security gaps in our processes, design and own initiatives to fill these gaps
• Build custom security solutions and automation for solving security challenges
• Build, promote and scale DevSecOps across the company and enable integration of tools and practices as the teams transition to DevSecOps.

Experience and Qualifications

• 5+ years of experience in application security role
• Bachelor's degree or experience with Master's degree in Computer Science, Mathematics, Physics, or equivalent

• Hands on experience in pen testing Web application and API
• Deep understanding of OWASP Top 10 and CWE 25
• Experience in using SAST, DAST, IAST, SCA tools

• Ability to communicate well, present security threats and risks to engineering teams
• Self-motivated; ability to work independently on new initiatives.

Great to have Experience and Qualifications

• Experience in pen testing mobile applications
• Experience with scripting languages such as Python
• Knowledge on CI/CD automation tools (AWS DevOps, Github Actions, Jenkins)
• Understanding of AWS security principles, cloud security architecture and assessment
• Certifications such as CREST, OSCP, OSWE, CEPT, CMWAPT, GPEN, PentTest+

Key Characteristics and Attitudes

• Passion for product security as a subject
• Ability to learn and adapt to changing technology landscape
• Desire to enable change and continuous growth