This job offer is not available in your country.
Application Security Engineer II
ConfidentialHyderabad / Secunderabad, Telangana, India9 days ago
Job descriptionGuide the technology organization's security and privacy initiatives by participating in design reviews and threat modeling. The applications are developed by the developers and product managers, and you will make sure the applications are secured and hardened. You will define the scope and ensure continuous adherence to the scope of projects at each phase (initiation to sustenance / maintenance phase). You will be responsible for creating visibility, and adoption of the projects meant for internal customers. Act as a security engineering expert and technical champion within Zeta. Assess gaps, and tools to improve application security Liasioning with all external and internal stakeholders for the team. Mentoring developers and QA. Evaluate bugs reported through the Bug Bounty program. Run security posture of various applications across BU's. Continuous improvement of web / mobile application security Quarterly VA / PT (internal / external, authenticate / non-authenticated) for mobile / web. Secure configuration of Web / Mobile application, DB, Data etc. Hands on VA / PT experience in Web, Mobile, API & Network Thorough understanding of OWASP Top 10, their attack & defence mechanisms Exposure to Secure SDLC Activities, Threat Modelling & Secure Coding Experience on both commercial and open source tools like Burpsuite, AppScan, OWASP ZAP, BEEF, MetaSploit, Qualys, Nessus, Synk etc. Identifying & exploiting business logic-related vulnerabilities. Solid understanding of Cryptography, knowledge of PKI-based systems, TLS Understanding of different AuthN / AuthZ frameworks (OIDC, oAuth, SAML) able to read / write / understand java code Performed Static Analysis, Code reviews using tools like Snyk, Veracode, Checkmarx, Sonarqube etc. Hands on Reversing mobile applications, class / small files, data obfuscators, or ciphers (Dex2jar, adb, Drozer, Clang, iMAS) and Dynamic Instrumentation tools like Frida / Objection Execute penetration tests and security assessments on internal and external networks, Windows and Linux environments, cloud (AWS) Infrastructure. Identify and exploit incorrect configurations and security vulnerabilities on Windows and Linux servers. Safely utilize tools, tactics, and procedures used in penetration testing engagements. Shell scripting or automation of simple tasks using Python, or Ruby Knowledge of PA-DSS, PCI SSF (S3, SSLC) etc. Knowledge of security standards like PCI DSS, UIDAI, GDPR, NIST etc. Understanding of Java Frameworks like Springboot, CI / CD, Jenkins. In-depth understanding of production operations on public cloud infrastructure. Excellent written and oral communication and a penchant for technical documentation. Must have participated in various bug bounty programs (HackerOne, Bug Crowd, Private etc) Experience in conducting hackathons and CTF's Knowledge of AWS / Azure (VPC / Vnet, S3 buckets, blob stores, LoadBalancers etc.), Dockers & Containers, Kubernetes Good understanding of agile development practices. Certifications like OSCP(Preferred), GWAPT, Advanced Web Attacks and Exploitation (AWAE), Comptia Security+ Knowledge of Databases - Postgresql, Redshift, My SQL etc. and other data stores like Elasticsearch and S3 buckets. 2+ years of experience in developing large scale internet or SaaS applications. 2 to 3 years of overall experience as Web / Mobile Application Security engineer or Developer in medium to large-sized product companies. . Bachelor of Technology (BE / ), or ME in Computer Science or equivalent from a Tier-1 engineering college / university
About Zeta
Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by and Ramki Gaddipati in 2015.
Our flagship processing platform - Zeta Tachyon - is the industry's first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 20M+ cards have been issued on our platform globally.
Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios.
Zeta has over 1700+ employees - with over 70% roles in R&D - across locations in the US , EMEA , and Asia . We raised $280 million at a $1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.
Learn more @, , ,
About the Role
- This role is part of the RIsk & Compliance Team, Engineering division of Zeta. The Application Security Engineer is responsible to secure all mobile & web applications along with API's by breaking and hacking them and educating Developers as well as DevOps teams on how to fix them. The objective is to make zeta applications and platforms secure. As Application Security Engineer of the Product Security sub-division, you will be responsible for securing all the Zeta's Products. You will be working as an individual contributor reporting to a manager.
- Perform regular VA / PT for Web & Mobile applications, API & Infrastructure
- Guide developers in fixing security issues.
- Regular code reviews
- Involve in application design discussions.
- Perform Threat Modelling of Web / Mobile applications.
- Develop secure code practices and educate dev and QA engineers by building security standards, policies for secure coding, secure data handling, secure networking, secure crypto implementation, etc.
- Evaluate & Integrate security testing tools (SAST, DAST,SCA) in to CI / CD pipelines.
Responsibilities
Skills
Experience and Qualifications
Create a job alert for this search
Application Engineer • Hyderabad / Secunderabad, Telangana, India
Related jobs
)
- Promoted
Lead Security Engineer
interface.aiHyderabad, IN Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 26 days ago
- Promoted
Senior Information Security Engineer
QualiZealhyderabad, telangana, in We are looking for an experienced Security Information Engineer to strengthen our cloud and infrastructure security posture.
The ideal candidate will be certified in Microsoft Azure Security (AZ-500...Show moreLast updated: 13 days ago
- Promoted
NetEnrich - Security Implementation Engineer - SIEM Solutions
NetEnrichHyderabad About company : Netenrich boosts the effectiveness of organizations security and digital operations so they can avoid disruption and manag...Show moreLast updated: 11 days ago
- Promoted
Principal Security Engineer - SIEM
Cornerstone OnDemand Services India Pvt LtdHyderabad Principal Security Engineer India Cybersecurity Engineering : The Principal Security Engineer is a hands-on role that blends cloud security engineering with securit...Show moreLast updated: 25 days ago
- Promoted
Senior Application Security Engineer
QualiZealhyderabad, telangana, in Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA).Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) fo...Show moreLast updated: 30+ days ago
- Promoted
Senior Application Security Engineer
NopalCyberhyderabad, telangana, in NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant.
Through Managed Extended Detection and Response (MXDR), Attack Su...Show moreLast updated: 7 days ago
- Promoted
Security Engineer (Detection and Response)
Foodsmarthyderabad, telangana, in Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 26 days ago
- Promoted
SquareShift - Security Engineer - DevSecOps
SQUARESHIFT TECHNOLOGIES PRIVATE LIMITEDHyderabad We are seeking a talented Security Engineer to join our team.The ideal candidate should have a strong background in production security, DevSecOps, and extensive experience with SDLC practices and ...Show moreLast updated: 18 days ago
- Promoted
Lead Security Engineer
ArcanaHyderabad, IN As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
- Promoted
Principal Application Security Consultant - Vulnerability Assessment
PRUDENT GLOBALTECH SOLUTIONS PRIVATE LIMITEDHyderabad Job Description : Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expandi...Show moreLast updated: 25 days ago
- Promoted
Senior Infrastructure Security Engineer I
Anzy Global.Hyderabad Job Description : Function : IT Operations and Support / DevOps / Cloud, IT Security Vulnerability Security < / p&...Show moreLast updated: 30+ days ago
- Promoted
DevSecOps / AppSecOps Staff Engineer
First American (India)secunderabad, telangana, in Our people-first culture empowers bold thinkers and passionate technologists to solve real-world challenges through scalable architecture and innovative design.
If you're driven by impact, thrive in...Show moreLast updated: 7 days ago
- Promoted
Appen - Staff Engineer - Application Security
AppenHyderabad About Appen : Appen is a leader in AI enablement for critical tasks such as model improvement, supervision, and evaluation.To do this we l...Show moreLast updated: 4 days ago
- Promoted
Application Security Engineer III
ConfidentialHyderabad / Secunderabad, Telangana We're looking for a full-time phenomenal Application Security Engineer III to architect and lead the implementation of the security-related aspects of our ITX platform.
This will include evaluating ...Show moreLast updated: 12 days ago
- Promoted
Application Security Engineer
Foodsmarthyderabad, telangana, in Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 26 days ago
- Promoted
Senior Application Security Engineer
ZORTECH SOLUTIONS PRIVATE LIMITEDHyderabad Application Security Engineer Experience : 7+ Years Location : Ahmedabad / Hyderabad (Hybrid Work mode) <...Show moreLast updated: 26 days ago
- Promoted
Security Engineer
NexionProHyderabad Key Responsibilities : - Perform vulnerability assessments across cloud platforms and workloads using Wiz, Tenable, and SonarQube.
Classify vulnerabilities by severity...Show moreLast updated: 11 days ago
- Promoted
Cyber Security Engineer III - SIEM System
PhenomHyderabad Job Requirements : We're looking for a full-time phenomenal Cyber Security Engineer to apply their expert knowledge and passion to help deploy the Phenom Cyber S...Show moreLast updated: 30+ days ago