Talent.com
No longer accepting applications
Security Engineer III

Security Engineer III

CME GroupHyderabad, IN
4 days ago
Job description

The Application Security Engineer leads efforts to enhance application security and the secure software development lifecycle. This individual is responsible for performing manual application security assessments (application pentests) and communicating security findings to the developers and QA teams. Additionally, the individual will provide application design support and security best practice guidance, in the form of consultations, to various development teams and business stakeholders. This individual will also actively promote security through engaging interactive workshops and exercises, such as internal Capture The Flag (CTF) events.

Principal Accountabilities

  • Serve as the primary application security expert for development teams, offering security consulting and best practice guidance throughout the Software Development Life Cycle (SDLC).
  • Perform manual security assessments at key points in the SDLC.
  • Produce documentation (reports) and present findings of manual security assessments to various stakeholders, including senior leadership.
  • Participate in security architecture reviews and threat modelling.
  • Contribute to automation initiatives, including the integration of new security tools and processes (e.g., AI).
  • Demonstrate a commitment to continuous education and staying current within the application security domain, promoting collaboration and knowledge sharing.

Skills Requirements

  • 5+ years experience with industry standard penetration testing, or ability to demonstrate equivalent knowledge.
  • Expertise performing blackbox / greybox / whitebox security assessments of applications (e.g., web applications, APIs, thick clients, web sockets) which use HTTP and / or proprietary protocols.
  • Expert level skills with application security testing tools including : Burpsuite, sqlmap, nmap, etc.
  • Experience performing manual reviews of application source code for security vulnerabilities written in various languages including : Java, Javascript, .Net (C#), etc.
  • Experience with Cloud architectures, security principles and services. Google Cloud Platform (GCP) is preferred.
  • Experience with automating security testing and / or other relevant activities to streamline service delivery. Preferred scripting languages : Python, bash, Powershell, etc.
  • Experience with UNIX or Linux.
  • A self-starter who is highly motivated. Proactively seek answers, ask for help when needed, and communicate solutions.
  • Excellent Oral and Written communications skills. Ability to effectively communicate and interface with peers and stakeholders at all levels, including senior leadership.

    • Nice To Have

  • Experience in securing modern APIs, including knowledge of authentication / authorization standards like OAuth 2.0 and JWT, and understanding API-specific vulnerabilities.
  • Experience in conducting formal threat modeling using frameworks like STRIDE to identify potential security flaws in the design phase.
  • Experience with AI / ML security testing methodologies, including understanding of OWASP Top 10 for Large Language Models (LLMs) and common AI security vulnerabilities, and using AI to improve pentesting.
  • Experience with prior development work.
  • Experience with application reverse engineering and using tools such as : Java decompilers, .Net decompilers, IDAPro, etc.
  • Experience with Capture The Flag (CTF) competitions and bug bounty programs.
  • Relevant industry certifications such as OSCP, eWPTX, CCSP, GCP Professional Cloud Security Engineer, etc.
    • Create a job alert for this search

    Security Engineer • Hyderabad, IN

    Related jobs
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.aiHyderabad, IN
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer - SIEM, DevSecOps, IPS / IDS

    Senior Security Engineer - SIEM, DevSecOps, IPS / IDS

    EmburseHyderabad, Telangana, India
    Summary / Objective : Emburse software engineers contribute to the development of an engaging and interconnected set of system solutions. As an engineer, you will enhance the experiences of your cust...Show moreLast updated: 30+ days ago
    • Promoted
    Endpoint Security Engineer

    Endpoint Security Engineer

    Tata Consultancy ServicesHyderabad, Republic Of India, IN
    TCS has been a great pioneer in feeding the fire of Young Techies like you.We are a global leader in the technology arena and there's nothing that can stop us from growing together.Role • • : Endpoint...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaHyderabad, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Application Security Engineer II - SAST / DAST

    Application Security Engineer II - SAST / DAST

    PhenomHyderabad
    About the job : What Youll Do : - Research, identify and analyze and triage vulnerabilities that could affect Phenom ITX Platf...Show moreLast updated: 30+ days ago
    • Promoted
    Security Operations Center Engineer

    Security Operations Center Engineer

    YO IT CONSULTINGHyderabad
    Title : Security Operations Center (SOC) Experience : 2 to 4 years Location : Hyderabad Show moreLast updated: 20 days ago
    • Promoted
    Signiminds - Staff Security Engineer - SOAR / SIEM

    Signiminds - Staff Security Engineer - SOAR / SIEM

    SIGNIMINDS TECHNOLOGIES PRIVATE LIMITEDHyderabad
    Description : We are seeking a skilled and versatile Staff Security Engineer to lead the advancement of our detection and automation initiatives.Re...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer - OSCP Certified

    Security Engineer - OSCP Certified

    HashiraHyderabad, Telangana, India
    Hashira is an R&D studio focused on solving complex infrastructure challenges in blockchain and AI.Our work supports projects like Ren, KeeperDAO (Rook), Catalog, and Garden, which have collectivel...Show moreLast updated: 17 days ago
    • Promoted
    Security Operations Engineer

    Security Operations Engineer

    ITPeopleNetworkhyderabad, telangana, in
    We are looking for a junior to mid-level.Saviynt Identity Access Management (IAM / IGA).CyberArk Endpoint Privilege Manager (EPM). The ideal candidate will assist in user access governance, email thre...Show moreLast updated: 1 day ago
    • Promoted
    Senior Security Engineer - Siem, Devsecops, Ips / Ids

    Senior Security Engineer - Siem, Devsecops, Ips / Ids

    EmburseHyderabad, Republic Of India, IN
    Emburse software engineers contribute to the development of an engaging and interconnected set of system solutions.As an engineer, you will enhance the experiences of your customers, solve interest...Show moreLast updated: 30+ days ago
    • Promoted
    WSO2 Security Engineer

    WSO2 Security Engineer

    Marktine Technology Solutions Pvt LtdHyderabad
    Description : About the Role : We are seeking a highly skilled WSO2 Identity & Access Management (IAM) Expert to...Show moreLast updated: 1 day ago
    • Promoted
    YASH Technologies - Application Security Engineer - SIEM

    YASH Technologies - Application Security Engineer - SIEM

    YASH TechnologiesHyderabad
    Description : We are looking forward to hire Application Security Professionals in the following areas : <...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer - Oscp Certified

    Security Engineer - Oscp Certified

    HashiraHyderabad, Republic Of India, IN
    Hashira is an R&D studio focused on solving complex infrastructure challenges in blockchain and AI.Our work supports projects like Ren, KeeperDAO (Rook), Catalog, and Garden, which have collectivel...Show moreLast updated: 17 days ago
    • Promoted
    Medtronic - Product Security Engineer II - Vulnerability Assessment

    Medtronic - Product Security Engineer II - Vulnerability Assessment

    Medtronic (Medtronic)(279)Hyderabad
    Description : At Medtronic you can begin a life-long career of exploration and innovation, while helping champion health...Show moreLast updated: 17 days ago
    • Promoted
    Application Security Engineer II - SAST / DAST

    Application Security Engineer II - SAST / DAST

    Phenompeople Private LimitedHyderabad
    Job Requirements : What Youll Do : - Resear...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer T500-20922

    Senior Security Engineer T500-20922

    Deutsche Börse GroupHyderabad, Republic Of India, IN
    Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and com...Show moreLast updated: 10 days ago
    • Promoted
    Product Security Engineer II

    Product Security Engineer II

    ConfidentialHyderabad / Secunderabad, Telangana, India
    At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovati...Show moreLast updated: 20 days ago
    • Promoted
    Fanatics - Senior Software Engineer - Security Operations Center

    Fanatics - Senior Software Engineer - Security Operations Center

    FanaticsHyderabad
    Job Title : SOC SR Software Engineer Location : Hyderabad, India Department : Perimeter Security Operations...Show moreLast updated: 10 days ago