Talent.com
No longer accepting applications
▷ [Immediate Start] Senior Application Security Engineer

▷ [Immediate Start] Senior Application Security Engineer

MOURI TechIndia
5 days ago
Job description

We are seeking a highly skilled DevSecOps Engineer with a strong background in application security, penetration testing, and secure development practices. The ideal candidate will bring hands-on experience in SAST, DAST, Kubernetes, CI / CD pipelines, and a solid understanding of DevSecOps principles. You will work closely with engineering, DevOps, and security teams to build, automate, and secure systems across the development lifecycle.

Key Responsibilities :

  • Conduct backend and infrastructure penetration testing to identify and mitigate security vulnerabilities.
  • Integrate and manage SAST and DAST tools within CI / CD pipelines.
  • Collaborate on secure architecture design, threat modeling, and security code reviews.
  • Drive secure coding practices and security automation across development teams.
  • Assess and enhance the security of cloud-native applications, containerized workloads, and Kubernetes clusters.
  • Implement security controls and monitoring for applications and infrastructure.
  • Contribute to SDL (Secure Development Lifecycle) activities including threat / attack modeling and secure design reviews.
  • Stay current with emerging threats, vulnerabilities, and regulatory frameworks.

Required Skills and Qualifications :

  • 6+ years of experience in DevSecOps, application security, or related roles.
  • Proven experience in penetration testing (application and infrastructure).
  • Prior experience in software development, DevOps, or security architecture.
  • Expertise in application security and common vulnerability classes (OWASP Top 10).
  • Experience integrating and using SAST / DAST tools (e.g., Veracode, SonarQube, Burp Suite).
  • Strong understanding of CI / CD pipelines (Jenkins, GitLab, GitHub Actions, etc.).
  • Hands-on with Kubernetes, Docker, and container security.
  • Familiarity with cloud platforms (AWS, Azure, GCP) and securing cloud-native environments.
  • Deep knowledge of security mechanisms across operating systems, networks, virtualization, and databases.
  • Familiar with information security frameworks and standards (e.g., NIST, ISO 27001, CIS).
  • Experience with threat modeling and design reviews.
  • Excellent problem-solving, collaboration, and communication skills.
  • Create a job alert for this search

    Application Security Engineer • India