This job offer is not available in your country.

▷ [15 / 10 / 2025] Senior Application Security Engineer

NopalCyberHyderabad, Telangana, India

4 hours ago

Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

Run Static Application Security Testing (SAST) using tools such as SonarQube, Fortify, Checkmarx, Veracode, etc., to identify source-code vulnerabilities across multiple languages and frameworks (Java, .NET, Python, JavaScript, etc.).
Configure and execute SAST scans, fine-tune rules, manage false positives, and integrate scans into CI / CD pipelines.
Perform Dynamic Application Security Testing (DAST) (authenticated and unauthenticated) on web apps, APIs, and services; analyse results and validate findings.
Combine SAST and DAST outputs to provide holistic vulnerability coverage and support secure SDLC initiatives.
Plan and conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, APIs, and backend services to identify business logic, configuration, and runtime flaws.
Map VAPT findings back to code-level issues discovered in SAST to close the loop with development teams.
Work with developers and DevSecOps engineers to remediate vulnerabilities and embed security testing into build pipelines.
Use Software Composition Analysis (SCA) tools such as Snyk, White Source, Nexus Lifecycle, Black Duck to identify open-source and third-party risks (vulnerabilities, license issues, outdated components).
Generate, validate, and manage Software Bills of Materials (SBOMs) in formats like CycloneDX and SPDX to strengthen software supply chain security.
Monitor transitive dependencies and unverified sources to prevent supply-chain compromise.
Apply secure coding principles aligned with OWASP Top 10, CWE, and language-specific security pitfalls.

Required Skills & Experience

8–12 years of experience in Application Security with direct, hands-on expertise in SAST, DAST, SCA, and VAPT.

Strong knowledge of secure software development practices and common vulnerability classes (OWASP Top 10, CWE, ASVS, language-specific security pitfalls).

Hands-on experience integrating security testing into CI / CD pipelines (Jenkins, Azure DevOps, GitLab CI, GitHub Actions).

Practical expertise with SAST tools (SonarQube, Fortify, Checkmarx, Veracode) and SCA tools (Snyk, White Source, Nexus Lifecycle, Black Duck).

Working knowledge of security architecture frameworks (e.g., SABSA) and threat modeling methodologies (e.g., STRIDE, attack trees) to support risk-based application security design and assessment.

Ability to validate and triage false positives, priorities vulnerabilities, and provide actionable remediation guidance to developers.

Ability to develop and present detailed application security assessment reports, code-level remediation plans, and secure coding guidance aligned with industry standards and compliance requirements.

Strong communication skills to convey technical findings to technical and executive stakeholders.

Educational Qualifications

Bachelor’s degree in engineering, Computer Science, or related discipline.

CEH Certification (Mandatory) plus one or more advanced certifications :

EC-Council Certified Application Security Engineer (CASE – Java / .NET)

GIAC Secure Software Programmer (GSSP – Java / .NET)

Programming language-neutral certifications like CSSLP.

Personal attributes

Self-starter and quick learner requiring minimal ramp-up

Excellent written, oral, and interpersonal communication skills

Highly self-motivated, self-directed, and attentive to detail

Ability to effectively prioritize and execute tasks in a high-pressure environment

Create a job alert for this search

Senior Application Engineer • Hyderabad, Telangana, India

Related jobs

Promoted

Kshema - Principal Security Architect

Kshema General Insurance LimitedHyderabad

POSITION OVERVIEW : Kshema General Insurance is seeking a Principal Security Architect to join our security organization.This role reports to the ...Show moreLast updated: 12 days ago

Senior Application Security Engineer

Practical DevSecOpsHyderabad, India, India

Remote

Quick Apply

Permanent(Full Time / Full-Time).We are seeking an Application Security Engineer to join our team and help maintain, enhance, and develop security training exercises for our renowned DevSecOps, API S...Show moreLast updated: 30+ days ago

Promoted
New!

Security Architect

Tata Consultancy Serviceshyderabad, telangana, in

Experience in datacentre, cloud and network.Hands-on experience in AWS and GCP cloud.Experience in Containers, Kubernetes and micro services. Experience in advance networking in public cloud.Terrafo...Show moreLast updated: 13 hours ago

Promoted

Enterprise Security Architect

beBeesecurityHyderabad, Telangana, India

We are seeking an experienced Enterprise Security Architect to join our team.As a key member of our organization, you will be responsible for designing and implementing secure solutions that meet t...Show moreLast updated: 1 day ago

Promoted

Senior Application Security Engineer

MOURI TechHyderabad, Telangana, India

We are seeking a highly skilled.The ideal candidate will bring hands-on experience in.You will work closely with engineering, DevOps, and security teams to build, automate, and secure systems acros...Show moreLast updated: 30+ days ago

Promoted

Senior Application Security Engineer (AI)

BackbaseHyderabad, Telangana, India

Backbase has ushered in a new era of digital banking with the global launch of its AI-powered Banking Platform, recently lighting up Times Square. This milestone marks a bold step in reshaping the d...Show moreLast updated: 10 days ago

Promoted
New!

Application Security Engineer II - SAST / DAST

PhenomHyderabad

About the job : What Youll Do : - Research, identify and analyze and triage vulnerabilities that could affect Phenom ITX Platf...Show moreLast updated: 7 hours ago

Promoted

Application Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana

Research, identify and analyze and triage vulnerabilities that could affect Phenom ITX Platform and its supporting infrastructure, and determine its severity, exploitability and corrective action r...Show moreLast updated: 27 days ago

Promoted

Senior Application Security Engineer

QualiZealHyderabad, Telangana, India

Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA).Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) fo...Show moreLast updated: 30+ days ago

Promoted
New!

Cyber Security Architect

ValueLabsHyderabad, Telangana, India

As a Security Architect, you will play a key role in designing, securing, and advancing our enterprise security posture across cloud infrastructure, application development, and DevSecOps pipelines...Show moreLast updated: less than 1 hour ago

Promoted

Zensar Technologies - Application Security Risk Architect - SAST / DAST

Zensar TechnologiesHyderabad

Job Title : Application Security Risk Architect Experience : 7 - 9 Job Description <...Show moreLast updated: 25 days ago

Promoted

Application Security Engineer

FoodsmartHyderabad, Telangana, India

Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 30+ days ago

Promoted

YASH Technologies - Application Security Engineer - SIEM

YASH TechnologiesHyderabad

Description : We are looking forward to hire Application Security Professionals in the following areas : <...Show moreLast updated: 1 day ago

Promoted
New!

Application Security Engineer

Castellum LabsHyderabad, Telangana, India

Castellum Labs is a Next Gen Cyber Security Technology Venture that started in 2018, from Hyderabad, India with global ambitions, to change the cybersecurity service model.The company's vision is t...Show moreLast updated: 12 hours ago

Promoted

Application Security Engineer II - SAST / DAST

Phenompeople Private LimitedHyderabad

Job Requirements : What Youll Do : - Resear...Show moreLast updated: 11 days ago

Promoted

Application Security Engineer III

ConfidentialHyderabad / Secunderabad, Telangana

We're looking for a full-time phenomenal Application Security Engineer III to architect and lead the implementation of the security-related aspects of our ITX platform. This will include evaluating ...Show moreLast updated: 27 days ago

Promoted

Senior Application Security Engineer

NopalCyberHyderabad, Telangana, India

Promoted

Senior Application Security Engineer

ZORTECH SOLUTIONS PRIVATE LIMITEDHyderabad

Application Security Engineer Experience : 7+ Years Location : Ahmedabad / Hyderabad (Hybrid Work mode) <...Show moreLast updated: 30+ days ago

Promoted

Security Architect - SailPoint

Placewell HRD ConsultantsHyderabad

Job Description : As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business re...Show moreLast updated: 30+ days ago

Promoted

Application Security Testing Engineer

ConfidentialHyderabad / Secunderabad, Telangana

ENGINEERJob Profile Details : Execute complex Application Security Code Review projects for different types of applications including mobile, web services, web apps and thick-client.Execute Applicat...Show moreLast updated: 20 days ago