Talent.com
This job offer is not available in your country.
Lead Security Engineer, Web Development

Lead Security Engineer, Web Development

Qualyspune, maharashtra, in
13 days ago
Job description

Job Description :

Lead Security Engineer

Experience Level : 7-10 years

Location : Pune

Come work at a place where innovation and teamwork come together to build products that make the world safe.

Why Qualys

Qualys, Inc. is a pioneer and leading provider of cloud security and compliance solutions. Qualys helps organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications via its award winning Qualys Cloud Platform.

About Product Security at Qualys

The Product Security team operates differently. Simply put, build programs and resources to support the company exceed on goals related to the security of the customer experience on Qualys. We prevent problems from becoming incidents.

About This Role

The Qualys Security is looking for an experienced Lead Security Engineer to join the Product Security team in Pune, India. The role will act as a domain security architect for our Java Platform Products. This is an outstanding opportunity to work in the product team of a fast-growing publicly held company. This role is based in Pune, India.

Typical Duties

  • Lead web application security initiatives across multiple product lines.
  • Develop security automations for product security shift left initiatives.
  • Perform application security assessments including static / dynamic code analysis, and manual testing.
  • Conduct secure code reviews for applications developed in Java and / or Python, ensuring adherence to best practices and compliance standards.
  • Collaborate with development teams to design and implement secure coding practices and provide remediation guidance for identified vulnerabilities.
  • Build prototypes of security capabilities, collaborate with developers on improvements, help Qualys ship security in our products.
  • Drive threat modeling exercises and identify application design risks.
  • Establish and improve processes for integrating security into CI / CD pipelines.
  • Serve as a subject matter expert (SME) for web application security, mentoring engineers and raising security awareness.
  • Stay current with the latest application security trends, vulnerabilities (e.g., OWASP Top 10, SANS 25), and relevant tooling.
  • Partner with product, DevOps, and infrastructure teams to build a comprehensive secure SDLC framework.

What You’ll Bring

  • Bachelor’s degree in computer science, Information Security, or related field (or equivalent practical experience).
  • 7+ years of overall software security experience at product-led companies.
  • Minimum 3 years of hands-on experience focused on Java, Python and / or Golang development.
  • Extensive experience in event-driven architectures, multi-tenant solutions, software patterns, and mature web middleware used in SaaS applications.
  • Proven track record of driving complex security initiatives through cross-functional collaboration and influence.
  • Strong background in application security and product security.
  • Hands-on practical experience delivering enterprise level cybersecurity solutions and controls via Threat Modeling and Security Design & Architecture Reviews.
  • Proven experience in DevSecOps capabilities, test-driven development, client-side software, and microservice architecture.
  • Knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (including but not limited to Private Cloud deployment, artificial intelligence, machine learning etc.).
  • Proven hands-on experience with :
  • Application security testing (SAST, DAST, IAST, manual penetration testing).
  • Performing and leading secure code reviews.
  • Identifying and remediating common web application vulnerabilities.
  • Familiarity with OWASP Top 10, CWE / SANS Top 25, and other application security standards.
  • Experience within Product Security including but not limited to :
  • Deploying products using Cloud and containers technology (e.g. GCP, AWS, Kubernetes, Docker)
  • Securing APIs and micro-services
  • Securing Software as a Service (SaaS) tool and managing their security baseline posture
  • Software Supply Chain Security
  • Mentoring and developing security point of contacts / experts within development teams who will act as helping hands for the product security team.

    • Nice to have

  • Experience integrating security tools into CI / CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.).
  • Exposure to cloud security (AWS, Azure, GCP) in the context of web applications.
  • Certifications such as OSWE, OSCP, GWAPT, or CSSLP are a plus.
  • Prior experience mentoring or leading a small security team.

    • Soft Skills

  • Excellent communication and collaboration skills to work across engineering and product teams.
  • Ability to translate complex security issues into clear guidance for developers.
  • Strong problem-solving mindset with a balance of pragmatism and security rigor.
    • Create a job alert for this search

    Lead Security Engineer • pune, maharashtra, in

    Related jobs
    • Promoted
    Lead Security Engineer, Web Development

    Lead Security Engineer, Web Development

    QualysPune, Maharashtra, India
    Come work at a place where innovation and teamwork come together to build products that make the world safe.Qualys helps organizations simplify security operations and lower the cost of compliance ...Show moreLast updated: 12 days ago
    • Promoted
    Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L

    Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L

    CareerXperts ConsultingPune, Maharashtra, India
    Remote
    This role goes beyond traditional detection engineering : you’ll help improve and build our.AI feedback, and quantify detection efficacy at enterprise scale. Design and maintain modular, high-fideli...Show moreLast updated: 3 days ago
    • Promoted
    Emerson - Cyber Security Engineer - OT Security

    Emerson - Cyber Security Engineer - OT Security

    Emerson (Emerson)(2252)Pune
    Job Summary : - During job orientation program, you will undergo Comprehensive Training Program (includes E-learning, Classroom & On-Job) that support Emerson bus...Show moreLast updated: 30+ days ago
    • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    NPG ConsultantsPune
    We are seeking a skilled Cloud Security Engineer to lead service certification and policy-as-code (PaC) initiatives within our GCP environments. This role combines hands-on engineering with governan...Show moreLast updated: 30+ days ago
    • Promoted
    Emerson - Cyber Security Engineer - SAST / DAST

    Emerson - Cyber Security Engineer - SAST / DAST

    Emerson (Emerson)(2252)Pune
    Job Description : In This Role, Your Responsibilities Will Be : - Analysis of UML diagrams and DFDs / Threat ...Show moreLast updated: 30+ days ago
    • Promoted
    Devsecops Lead Engineer

    Devsecops Lead Engineer

    Zensar TechnologiesPune, Maharashtra, India
    The role of an Application Security Engineer is integral to integrating security practices within our DevOps methodology, effectively bridging any gaps between IT and security while ensuring the sw...Show moreLast updated: 1 day ago
    • Promoted
    Qualys - Web Applications Security Engineer

    Qualys - Web Applications Security Engineer

    QUALYS SECURITY TECHSERVICES PRIVATE LIMITEDPune
    Responsibilities : In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest we...Show moreLast updated: 30+ days ago
    • Promoted
    Emerson - Lead Product Security Engineer - VAPT

    Emerson - Lead Product Security Engineer - VAPT

    Emerson (Emerson)(2252)Pune
    Job Description : In This Role, Your Responsibilities Will Be : - Review and govern the overall security architecture of t...Show moreLast updated: 30+ days ago
    • Promoted
    Cloud Security Engineer - AWS

    Cloud Security Engineer - AWS

    NPG ConsultantsPune
    We are hiring two Cloud Security Engineers to join our expanding security team.In this role, you will secure cloud-native environments, automate security controls, and integrate security into DevOp...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Information Security Engineer

    Lead Information Security Engineer

    MastercardPune, Maharashtra, India
    The Business Security Enablement (BSE) team is looking for a Lead Security Engineer to join our team in support of the Transfer Solutions program and working out of our Pune office in India.The ide...Show moreLast updated: 12 days ago
    • Promoted
    • New!
    ▷ 15h Left! Devsecops Lead Engineer

    ▷ 15h Left! Devsecops Lead Engineer

    Zensar TechnologiesPune, Maharashtra, India
    Summary : The role of an Application Security Engineer is integral to integrating security practices within our DevOps methodology, effectively bridging any gaps between IT and security while ensur...Show moreLast updated: 7 hours ago
    • Promoted
    Security Engineer

    Security Engineer

    NexionProPune
    Key Responsibilities : - Perform vulnerability assessments across cloud platforms and workloads using Wiz, Tenable, and SonarQube. Classify vulnerabilities by severity...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Paramount Computer SystemsPune, IN
    Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 15 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaPune, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.aipune, maharashtra, in
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Nexoria Techworks Inc.pune, maharashtra, in
    Job Description : Cybersecurity Engineer.Cybersecurity, Information Security, Threat Management.Your core responsibilities will include : . Implement security measures to proactively identify and mitig...Show moreLast updated: 4 days ago
    • Promoted
    Senior Lead Product Security Engineer

    Senior Lead Product Security Engineer

    ConfidentialPune
    As a Senior Lead Product Security Engineer, you will be responsible for : .Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing secur...Show moreLast updated: 30+ days ago
    • Promoted
    Metron Security - Principal Engineer - Full Stack Development

    Metron Security - Principal Engineer - Full Stack Development

    Metron Security Private LimitedPune
    About Us : At Metron Security, we help top cybersecurity companies supercharge their tools through automation and integrations. Our engineers connect and extend platf...Show moreLast updated: 16 days ago
    • Promoted
    Cyber Security - AWS Cloud

    Cyber Security - AWS Cloud

    eInfochips (An Arrow Company)Pune, Maharashtra, India
    We are seeking a highly skilled and experienced Information Security Engineer with 10+ years of experience to join our team. The ideal candidate will have a strong background in AWS, cloud security,...Show moreLast updated: 4 days ago
    • Promoted
    Azure Cloud Security Engineer - Active Directory

    Azure Cloud Security Engineer - Active Directory

    ETENICO RECRUITSPune
    Job Summary : We are seeking a highly skilled Azure Cloud Security Engineer with 10+ years of experience in design, implementation, and management of Enterprise-grad...Show moreLast updated: 30+ days ago