Zinnia - Senior Security Engineer - OWASPZinnia • Noida
Zinnia - Senior Security Engineer - OWASP
Zinnia • Noida
30+ days ago
Job descriptionPartner with product engineering teams to embed security in the SDLC through threat modelling, design reviews, and secure architecture guidance. Perform secure code reviews, static / dynamic analysis, and dependency scanning, ensuring vulnerabilities are identified and remediated early. Build and maintain security automation and guardrails (CI / CD integrations, pipelines, and developer tools) to scale AppSec across teams. Lead and evolve the threat modelling program, aligning security requirements with product architecture and risk profiles. Collaborate with engineering teams to remediate vulnerabilities and implement secure coding practices. Enhance the usage of SAST, DAST, SCA, and container scanning tools, and build custom automation where needed. Conduct penetration testing of applications and APIs and track findings through remediation. Contribute to and maintain secure coding standards, playbooks, and training for developers. Stay ahead of emerging application security threats, libraries, and frameworks, and proactively recommend improvements. Mentor engineers and contribute to the growth of the Product Security program. 7+ years of experience in application / product security, software engineering, or related security engineering roles. Strong background in web application, API, and microservices security. Solid knowledge of secure coding practices (Java, Python, Go, JavaScript / TypeScript preferred). Hands-on experience with SAST, DAST, SCA, and container scanning tools (e.g , Semgrep, Checkmarx, Snyk, Burp Suite, OWASP ZAP). Experience with CI / CD security automation and integrating security into pipelines. Strong knowledge of OWASP Top 10, CWE, CAPEC, threat modelling, and secure design principles. Familiarity with identity, authentication, and authorization protocols (OAuth2, OIDC, SAML, JWT). Experience conducting manual and automated penetration testing of applications and APIs. Strong written and verbal communication skills, with the ability to influence developers and non-security stakeholders. A passion for mentoring and building developer-first security culture. Knowledge of cloud-native application security (Kubernetes, serverless, containers). Certifications such as OSWE, OSCP, GWAPT, CSSLP, or GIAC AppSec certs. Experience with bug bounty programs or contributing to open-source security projects.
Who We Are :
Zinnia is the leading technology platform for accelerating life and annuities growth.
With innovative enterprise solutions and data insights, Zinnia simplifies the experience of buying, selling, and administering insurance products.
All of which enables more people to protect their financial futures.
Our success is driven by a commitment to three core values : be bold, team up, deliver value - and that we do.
Zinnia has over $180 billion in assets under administration, serves 100+ carrier clients, 2500 distributors and partners, and over 2 million policyholders.
Who You Are :
- As a Senior Security Engineer focusing on Product and Application Security, you will play a key role in ensuring the security of Zinnia's products and customer-facing applications.
- You will work closely with product engineering teams to integrate security into every phase of the software development lifecycle (SDLC), design secure architectures, and build scalable solutions that prevent and detect vulnerabilities.
- You thrive at the intersection of engineering and security-comfortable diving into code reviews, designing security controls, building automation, and mentoring developers on secure coding practices.
- You are passionate about shifting security left, driving adoption of secure design principles, and building a program that enables developers to deliver secure products quickly and confidently.
What You'll Do :
What You'll Need :
Nice to Have (Preferred Qualifications) :
(ref : hirist.tech)
Create a job alert for this search
Senior Security Engineer • Noida
Related jobs
)
![Senior Product Security Engineer [T500-20534]](https://cdn-logos.talent.com/v1/logo/image?feedcode=disruptedcloud-in&company_name=REA%20Cyber%20City)
Senior Security Engineer
Deep Armor • Delhi, India
We’re looking for a Senior Security Engineer to lead and support product security efforts for cloud-hosted web applications.
You will be responsible for deep-tech product security design reviews, co...Show more
Last updated: 20 days ago • Promoted
Security Engineer
Infogain • Delhi, India
Title : Security Engineer (6+ Years) Job Description : Use CrowdStrike reports to evaluate all security vulnerabilities on both Windows and Linux systems.
Analyze the requirements to remediate the sec...Show more
Last updated: 30+ days ago • Promoted
Lead Security Engineer
interface.ai • Ghaziabad, IN
Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show more
Last updated: 30+ days ago • Promoted
Cyber Security Engineer
CareerUS Solutions • Ghaziabad, IN
Cyber Security Engineer – Job Description.The Cyber Security Engineer is responsible for designing, implementing, and maintaining security systems to protect the organization’s computer networks, a...Show more
Last updated: 13 days ago • Promoted
Cyber Security Engineer with Splunk
IntraEdge • Delhi, Delhi, India
Position : Cyber Security Engineer (L3) Location : Remote Experience Level : 5+ Years Job Type : Full-time Job Summary : This role will lead the development and implementation of intelligent securi...Show more
Last updated: 30+ days ago • Promoted
Senior Security Engineer
Razorpay • Delhi, India
Title : Senior Product Security Security Engineer The Role : .Razorpay is looking for a Senior Application Security Engineer with solid experience in AppSec fundamentals—secure code review, vulnerabil...Show more
Last updated: 8 days ago • Promoted
Security Engineer
Elucidata • Delhi, India
We are looking for a Security Engineer to strengthen Elucidata’s security posture across our cloud and on-prem environments.
This role will be responsible for safeguarding our AWS infrastructure, dr...Show more
Last updated: 22 days ago • Promoted
Senior Security Engineer
apna • Delhi, India
Job Title : Senior Security Engineer (Sr.AI platforms, microservices, data pipelines and mobile / web products.You will design, build and automate scalable security controls that integrate seamlessly ...Show more
Last updated: 16 days ago • Promoted
Senior Security Engineer
First American (India) • Delhi, India
The Senior Security Engineer will be responsible for designing and implementing the Database Activity Monitoring (DAM) function to ensure the security, integrity, and compliance of enterprise data ...Show more
Last updated: 8 days ago • Promoted
Senior Security Engineer - SIEM, DevSecOps, IPS / IDS
Emburse • Delhi, India
Emburse software engineers contribute to the development of an engaging and interconnected set of system solutions.As an engineer, you will enhance the experiences of your customers, solve interest...Show more
Last updated: 30+ days ago • Promoted
Senior Product Security Engineer [T500-20534]
REA Cyber City • Delhi, India
About REA Group : In 1995, in a garage in Melbourne, Australia, REA Group was born from a simple question : “Can we change the way the world experiences property?” Could we? Yes.Fast forward 30 years...Show more
Last updated: 23 days ago • Promoted
Cyber Security Engineer-I (Mandatory 2-4 years experience with Sailpoint and AWS IAM)
FICO • Delhi, India
Hybrid mode (Mandatory 3days WFO).The Security Engineer is a highly visible and critical role, collaborating on complex cloud and corporate service edge protection technologies and oversight.With y...Show more
Last updated: 13 days ago • Promoted
Senior Product Security Engineer
EdgeVerve • Delhi, India
Job Title : Senior Product Security Engineer.Perform security assessment, vulnerability assessments and penetration tests on a wide variety of high critical web applications.Perform DAST, analyze se...Show more
Last updated: 6 hours ago • Promoted • New!
Senior Application Security Engineer
Sphera • Ghaziabad, IN
Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability.Our mission is to create...Show more
Last updated: 13 days ago • Promoted
Lead Security Engineer
Arcana • Ghaziabad, IN
As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show more
Last updated: 30+ days ago • Promoted
Senior Application Security Engineer
Mobileum • Delhi, India
Role : Senior Security Expert Department : .Engineering / Development / R&D Reports To : .DevSecOps Lead (Techno-Managerial) Experience.
About the Job : We are looking for a Senior Security Expert to driv...Show more
Last updated: 2 days ago • Promoted
Senior Application Security Engineer
Bahwan CyberTek • Delhi, India
Proficiency in Application Security, API, AI- Vulnerability Assessment / Penetration Testing, red teaming.Highly skilled and proficient in manual and automated testing using OWASP Top 10 for Web, API...Show more
Last updated: 2 days ago • Promoted
Senior Security Engineer
CBTS • Delhi, India
Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst, Cyber-Intelligence Analyst.
Certifications, Accreditations, Licenses One or more of th...Show more
Last updated: 30+ days ago • Promoted