Application Security Engineer

Dezerv is a house of investing solutions for high-net-worth and affluent Indians. Dezerv is co-founded by Sandeep Jethwani, Vaibhav Porwal, and Sahil Contractor. They have led successful wealth management businesses and managed over USD 7 billion in assets. The Dezerv team brings together decades of investing expertise from leading global financial institutions like JP Morgan, UBS, BNP Paribas, etc. Our team of experts monitors the performance of portfolios and rebalance them if required to ensure long-term success. We are backed by marquee firms like Premji Invest, Accel, Elevation, Matrix, etc. Since inception, our clients have trusted us with over 12000+ Crs of their assets.

Why are we building Dezerv?

Investing is stressful and emotional. Building & growing wealth is difficult and time-consuming. Most individuals struggle with managing their investments and money. Our goal is to help individuals grow their wealth without the stress, time, and costs involved in a traditional investment. At Dezerv, we are building a platform that leverages our decades of investment expertise to help individuals invest better for their future.

What are we trying to solve / mission?

We are passionate about helping Indians invest better. We manage investments with active oversight to help both sophisticated and new investors build long-term wealth across various market conditions.

About the Team

We are seeking a highly motivated and experienced Application Security to join our dynamic team in Bangalore. In this critical role, you will be the champion for product security, taking a comprehensive and proactive approach to safeguarding our applications and infrastructure. You will be responsible for the security of our web and mobile platforms.

Key Responsibilities :

• Product Security Ownership : Take end-to-end ownership of the security of our web and mobile applications, built with technologies like React and Flutter.
• Application Penetration Testing : Conduct regular and in-depth penetration testing of our web and mobile applications to identify and remediate vulnerabilities.
• Secure SDLC & DevSecOps : Champion and integrate security seamlessly into the entire DevOps deployment process. Design, implement, and manage a robust DevSecOps pipeline, automating security testing (SAST, DAST, IAST, SCA) to provide fast feedback to developers.
• Mobile Application Security : Implement and enforce security best practices for our Flutter and React-based mobile applications, including secure data storage, secure network communication, and code obfuscation.
• Threat Modeling : Conduct threat modeling exercises to identify potential security risks and design effective mitigation strategies.
• Security Champion & Advocate : Act as the go-to person for all application security matters. Mentor and train developers on secure coding practices and create a strong security-aware culture within the engineering team.
• Incident Response : Develop and maintain an incident response plan for application security incidents. Lead the response to any security breaches, conduct post-mortem analysis, and implement corrective actions.
• Vulnerability Management : Manage the lifecycle of identified vulnerabilities, from discovery to remediation, ensuring timely patching and reporting.

Required Skills and Experience :

Who You Are :

Why Join Us?