Application Security Lead
CME GroupBengaluru, Republic Of India, IN1 day ago
Job description5+ years experience with industry standard penetration testing, or ability to demonstrate equivalent knowledge. Expertise performing blackbox / greybox / whitebox security assessments of applications (e.G., web applications, APIs, thick clients, web sockets) which use HTTP and / or proprietary protocols. Expert level skills with application security testing tools including : Burpsuite, sqlmap, nmap, etc. Experience performing manual reviews of application source code for security vulnerabilities written in various languages including : Java, Javascript, .Net (C#), etc. Experience with Cloud architectures, security principles and services. Google Cloud Platform (GCP) is preferred. Experience with automating security testing and / or other relevant activities to streamline service delivery. Preferred scripting languages : Python, bash, Powershell, etc. Experience with UNIX or Linux. A self-starter who is highly motivated. Proactively seek answers, ask for help when needed, and communicate solutions. Excellent Oral and Written communications skills. Ability to effectively communicate and interface with peers and stakeholders at all levels, including senior leadership. Experience in securing modern APIs, including knowledge of authentication / authorization standards like OAuth 2.0 and JWT, and understanding API-specific vulnerabilities. Experience in conducting formal threat modeling using frameworks like STRIDE to identify potential security flaws in the design phase. Experience with AI / ML security testing methodologies, including understanding of OWASP Top 10 for Large Language Models (LLMs) and common AI security vulnerabilities, and using AI to improve pentesting. Experience with prior development work. Experience with application reverse engineering and using tools such as : Java decompilers, .Net decompilers, IDAPro, etc. Experience with Capture The Flag (CTF) competitions and bug bounty programs. Relevant industry certifications such as OSCP, eWPTX, CCSP, GCP Professional Cloud Security Engineer, etc.
The Application Security Engineer leads efforts to enhance application security and the secure software development lifecycle. This individual is responsible for performing manual application security assessments (application pentests) and communicating security findings to the developers and QA teams. Additionally, the individual will provide application design support and security best practice guidance, in the form of consultations, to various development teams and business stakeholders. This individual will also actively promote security through engaging interactive workshops and exercises, such as internal Capture The Flag (CTF) events.
Principal Accountabilities
- Serve as the primary application security expert for development teams, offering security consulting and best practice guidance throughout the Software Development Life Cycle (SDLC).
- Perform manual security assessments at key points in the SDLC.
- Produce documentation (reports) and present findings of manual security assessments to various stakeholders, including senior leadership.
- Participate in security architecture reviews and threat modelling.
- Contribute to automation initiatives, including the integration of new security tools and processes (e.G., AI).
- Demonstrate a commitment to continuous education and staying current within the application security domain, promoting collaboration and knowledge sharing.
Skills Requirements
Nice To Have
Create a job alert for this search
Application Security Lead • Bengaluru, Republic Of India, IN
Related jobs
- Promoted
Application Security Manager (Technical Lead)
ConfidentialBengaluru / Bangalore, India At Pearson, we are the world's learning company with over 24,000 employees across 70 countries.Our mission is to combine world-class educational content and assessment, powered by services and tech...Show moreLast updated: 20 days ago
- Promoted
Senior Application Security Engineer
AtomicworkBengaluru, Karnataka, India Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 30+ days ago
- Promoted
- New!
Senior Security Analyst (Offensive)
CloudSEKhosur, tamil nadu, in We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy!...Show moreLast updated: less than 1 hour ago
- Promoted
Principal Application Security Engineer
OktaBengaluru, Republic Of India, IN Preferred qualification and abilities : .Java, building highly reliable and mission-critical software.Work experience and excellent understanding in mitigating OWASP Top 10 attacks on applications, A...Show moreLast updated: 9 days ago
- Promoted
- New!
Application Security Analyst
ADMBengaluru, Republic Of India, IN We are one of the world’s largest nutrition companies and a global leader in human and animal nutrition.We unlock the power of nature to provide nourishing quality of life by transforming crops int...Show moreLast updated: 22 hours ago
- Promoted
Lead Application security engineer
Capillary TechnologiesBengaluru, Karnataka, India We operate in the loyalty domain where we help our customers to better engage their users to enhance their business outcomes.
To provide assurances to our customers, we comply with ISO 27001, PCI & ...Show moreLast updated: 13 days ago
- Promoted
Application Security Analyst
ConfidentialBengaluru / Bangalore We are seeking a highly skilled and motivated Product & Solution Security Professional to ensure the design, development, and deployment of secure software solutions.
The role involves close collabo...Show moreLast updated: 10 days ago
- Promoted
Lead Application Security Engineer
Capillary TechnologiesBengaluru, Republic Of India, IN We operate in the loyalty domain where we help our customers to better engage their users to enhance their business outcomes.
To provide assurances to our customers, we comply with ISO 27001, PCI & ...Show moreLast updated: 13 days ago
- Promoted
Application Security Lead
Infosys FinacleBengaluru, Republic Of India, IN Role : DevSecOps Developer – Secure Coding & Automation.Strong scripting skills in Python, Shell, or similar languages for automation and tooling.
Should be able to design, develop, test, and deploy...Show moreLast updated: 16 days ago
- Promoted
Senior Technical Lead(Application / Mobile Application Security)
ConfidentialBengaluru / Bangalore Conduct application security testing, including manual code walkthroughs and using Burp Suite.Prepare detailed testing reports with CVSS scoring and recommended remediations.Guide developers to fix...Show moreLast updated: 30+ days ago
- Promoted
- New!
Senior Application Security Specialist
RazorpayBengaluru, Republic Of India, IN Title : Senior Product Security Security Engineer.Razorpay is looking for a Senior Application Security Engineer with solid experience in AppSec fundamentals—secure code review, vulnerability discov...Show moreLast updated: 22 hours ago
- Promoted
Azure Security Centre Analyst
PwChosur, tamil nadu, in Seeking an Azure Security Centre Analyst with proven experience in cloud security operations within the Microsoft Azure ecosystem.
Key responsibilities include managing Azure security tools, vulnera...Show moreLast updated: 14 days ago
- Promoted
Application Security Engineer
ConfidentialBengaluru / Bangalore, India At Vegapay, we are revolutionizing the financial landscape by enabling banks and financial institutions to digitize their financial infrastructure.
Our innovative credit suite, equipped with a wide ...Show moreLast updated: 30+ days ago
- Promoted
Senior Application Security Engineer
SpheraBangalore, IN Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability.Our mission is to create...Show moreLast updated: 6 days ago
- Promoted
Principal Application Security Engineer
CME GroupBengaluru, Republic Of India, IN The Application Security Engineer leads efforts to enhance application security and the secure software development lifecycle.
This individual is responsible for performing manual application securi...Show moreLast updated: 1 day ago
- Promoted
Application Security Engineer
FoodsmartBangalore, IN Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 30+ days ago
- Promoted
Application Security Lead
AtomicworkBengaluru, Republic Of India, IN Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 30+ days ago
- Promoted
Application Security Technical Lead
Albertsons Companies IndiaBengaluru, Republic Of India, IN About Albertsons Companies Inc.As a leading food and drug retailer in the United States, Albertsons Companies, Inc.Our well-known banners across the United States, including Albertsons, Safeway, Vo...Show moreLast updated: 16 days ago