Talent.com
This job offer is not available in your country.
▷ [Immediate Start] Senior Application Security Engineer

▷ [Immediate Start] Senior Application Security Engineer

NopalCyberIndia
11 hours ago
Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

  • Run Static Application Security Testing (SAST) using tools such as SonarQube, Fortify, Checkmarx, Veracode, etc., to identify source-code vulnerabilities across multiple languages and frameworks (Java, .NET, Python, JavaScript, etc.).
  • Configure and execute SAST scans, fine-tune rules, manage false positives, and integrate scans into CI / CD pipelines.
  • Perform Dynamic Application Security Testing (DAST) (authenticated and unauthenticated) on web apps, APIs, and services; analyse results and validate findings.
  • Combine SAST and DAST outputs to provide holistic vulnerability coverage and support secure SDLC initiatives.
  • Plan and conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, APIs, and backend services to identify business logic, configuration, and runtime flaws.
  • Map VAPT findings back to code-level issues discovered in SAST to close the loop with development teams.
  • Work with developers and DevSecOps engineers to remediate vulnerabilities and embed security testing into build pipelines.
  • Use Software Composition Analysis (SCA) tools such as Snyk, White Source, Nexus Lifecycle, Black Duck to identify open-source and third-party risks (vulnerabilities, license issues, outdated components).
  • Generate, validate, and manage Software Bills of Materials (SBOMs) in formats like CycloneDX and SPDX to strengthen software supply chain security.
  • Monitor transitive dependencies and unverified sources to prevent supply-chain compromise.
  • Apply secure coding principles aligned with OWASP Top 10, CWE, and language-specific security pitfalls.

Required Skills & Experience

  • 8–12 years of experience in Application Security with direct, hands-on expertise in SAST, DAST, SCA, and VAPT.
  • Strong knowledge of secure software development practices and common vulnerability classes (OWASP Top 10, CWE, ASVS, language-specific security pitfalls).
  • Hands-on experience integrating security testing into CI / CD pipelines (Jenkins, Azure DevOps, GitLab CI, GitHub Actions).
  • Practical expertise with SAST tools (SonarQube, Fortify, Checkmarx, Veracode) and SCA tools (Snyk, White Source, Nexus Lifecycle, Black Duck).
  • Working knowledge of security architecture frameworks (e.g., SABSA) and threat modeling methodologies (e.g., STRIDE, attack trees) to support risk-based application security design and assessment.
  • Ability to validate and triage false positives, priorities vulnerabilities, and provide actionable remediation guidance to developers.
  • Ability to develop and present detailed application security assessment reports, code-level remediation plans, and secure coding guidance aligned with industry standards and compliance requirements.
  • Strong communication skills to convey technical findings to technical and executive stakeholders.

    • Educational Qualifications

  • Bachelor’s degree in engineering, Computer Science, or related discipline.
  • CEH Certification (Mandatory) plus one or more advanced certifications :
  • EC-Council Certified Application Security Engineer (CASE – Java / .NET)
  • GIAC Secure Software Programmer (GSSP – Java / .NET)
  • Programming language-neutral certifications like CSSLP.

    • Personal attributes

  • Self-starter and quick learner requiring minimal ramp-up
  • Excellent written, oral, and interpersonal communication skills
  • Highly self-motivated, self-directed, and attentive to detail
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
    • Create a job alert for this search

    Application Security Engineer • India

    Related jobs
    • Promoted
    Security Engineer (Red Team)

    Security Engineer (Red Team)

    Crossing HurdlesIndia, India
    Your focus will be to uncover vulnerabilities, prompt-injection pathways, and data-exfiltration risks before adversaries do. Design and automate multi-turn attacks involving browser, terminal, and A...Show moreLast updated: 9 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    TAC SecurityIndia
    Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strateg...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    ▷ 15h Left! Senior Application Security Engineer

    ▷ 15h Left! Senior Application Security Engineer

    AtomicworkIndia
    Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 3 hours ago
    • Promoted
    Senior Cloud Engineer

    Senior Cloud Engineer

    AptonetNagpur, IN
    Senior Cloud Developer – Offshore (India | Remote).Contract Role | Multi-Cloud Security Projects | Cutting-Edge AI & Automation. This role offers the opportunity to work on.Python preferred; also Ja...Show moreLast updated: 9 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.ainagpur, maharashtra, in
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    AtomicworkIndia
    About Atomicwork Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience. With a strong emphasis on automation, integration, and security, Atomicwo...Show moreLast updated: 8 days ago
    • Promoted
    Senior Application Security Engineer (AI)

    Senior Application Security Engineer (AI)

    BackbaseIndia
    Backbase has ushered in a new era of digital banking with the global launch of its AI-powered Banking Platform, recently lighting up Times Square. This milestone marks a bold step in reshaping the d...Show moreLast updated: 8 days ago
    • Promoted
    Senior Information Security Engineer

    Senior Information Security Engineer

    QualiZealIndia
    We are looking for an experienced Security Information Engineer to strengthen our cloud and infrastructure security posture. The ideal candidate will be certified in Microsoft Azure Security (AZ-500...Show moreLast updated: 26 days ago
    • Promoted
    Senior Engineer - OT Security

    Senior Engineer - OT Security

    Network IntelligenceIndia
    Experience with ICS systems and ICS security industry practices with exposure to Operational technologies.Minimum 3 years with supporting PLC, DCS, SIS, HMI or SCADA systems.Experience supporting a...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer [T500-20670]

    Security Engineer [T500-20670]

    Delta Air LinesIndia
    Delta Air Lines (NYSE : DAL) is the U.Powered by our employees around the world, Delta has for a decade led the airline industry in operational excellence while maintaining our reputation for award-...Show moreLast updated: 8 days ago
    • Promoted
    Lead Application Security Engineer

    Lead Application Security Engineer

    InMobi AdvertisingIndia
    InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content,...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Paramount Computer SystemsNagpur, IN
    Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 9 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    MOURI TechIndia
    We are seeking a highly skilled DevSecOps Engineer with a strong background in application security, penetration testing, and secure development practices. The ideal candidate will bring hands-on ex...Show moreLast updated: 30+ days ago
    • Promoted
    DevSecOps / AppSecOps Staff Engineer

    DevSecOps / AppSecOps Staff Engineer

    First American (India)nagpur, maharashtra, in
    Our people-first culture empowers bold thinkers and passionate technologists to solve real-world challenges through scalable architecture and innovative design. If you're driven by impact, thrive in...Show moreLast updated: 21 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    NopalCyberIndia
    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Su...Show moreLast updated: 20 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    QualiZealIndia
    Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA) - Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Application Security Specialist

    Senior Application Security Specialist

    YASH TechnologiesIndia
    Must to Have Responsibilities : Communication : Should be able to understand and articulate technical aspects clearly Cloud Security Expertise : Understand cloud development processes and provide se...Show moreLast updated: 20 days ago
    • Promoted
    Senior Security Engineer - SIEM, DevSecOps, IPS / IDS

    Senior Security Engineer - SIEM, DevSecOps, IPS / IDS

    EmburseIndia
    Emburse software engineers contribute to the development of an engaging and interconnected set of system solutions.As an engineer, you will enhance the experiences of your customers, solve interest...Show moreLast updated: 8 days ago
    • Promoted
    Senior Application Security Consultant

    Senior Application Security Consultant

    YASH TechnologiesIndia
    Communication : Should be able to understand and articulate technical aspects clearly - Cloud Security Expertise : Understand cloud development processes and provide security support throughout, - Vu...Show moreLast updated: 21 days ago
    • Promoted
    Senior Security Engineer, SOC

    Senior Security Engineer, SOC

    PoshmarkIndia
    Monitor and analyze security event logs and alerts to detect potential incidents, and lead investigations for containment, eradication, and recovery. Lead security incident investigation, containmen...Show moreLast updated: 18 days ago