Talent.com
This job offer is not available in your country.
▷ [15h Left] Senior Application Security Engineer

▷ [15h Left] Senior Application Security Engineer

NopalCyberIndia
3 hours ago
Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

  • Run Static Application Security Testing (SAST) using tools such as SonarQube, Fortify, Checkmarx, Veracode, etc., to identify source-code vulnerabilities across multiple languages and frameworks (Java, .NET, Python, JavaScript, etc.).
  • Configure and execute SAST scans, fine-tune rules, manage false positives, and integrate scans into CI / CD pipelines.
  • Perform Dynamic Application Security Testing (DAST) (authenticated and unauthenticated) on web apps, APIs, and services; analyse results and validate findings.
  • Combine SAST and DAST outputs to provide holistic vulnerability coverage and support secure SDLC initiatives.
  • Plan and conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, APIs, and backend services to identify business logic, configuration, and runtime flaws.
  • Map VAPT findings back to code-level issues discovered in SAST to close the loop with development teams.
  • Work with developers and DevSecOps engineers to remediate vulnerabilities and embed security testing into build pipelines.
  • Use Software Composition Analysis (SCA) tools such as Snyk, White Source, Nexus Lifecycle, Black Duck to identify open-source and third-party risks (vulnerabilities, license issues, outdated components).
  • Generate, validate, and manage Software Bills of Materials (SBOMs) in formats like CycloneDX and SPDX to strengthen software supply chain security.
  • Monitor transitive dependencies and unverified sources to prevent supply-chain compromise.
  • Apply secure coding principles aligned with OWASP Top 10, CWE, and language-specific security pitfalls.

Required Skills & Experience

  • 8–12 years of experience in Application Security with direct, hands-on expertise in SAST, DAST, SCA, and VAPT.
  • Strong knowledge of secure software development practices and common vulnerability classes (OWASP Top 10, CWE, ASVS, language-specific security pitfalls).
  • Hands-on experience integrating security testing into CI / CD pipelines (Jenkins, Azure DevOps, GitLab CI, GitHub Actions).
  • Practical expertise with SAST tools (SonarQube, Fortify, Checkmarx, Veracode) and SCA tools (Snyk, White Source, Nexus Lifecycle, Black Duck).
  • Working knowledge of security architecture frameworks (e.g., SABSA) and threat modeling methodologies (e.g., STRIDE, attack trees) to support risk-based application security design and assessment.
  • Ability to validate and triage false positives, priorities vulnerabilities, and provide actionable remediation guidance to developers.
  • Ability to develop and present detailed application security assessment reports, code-level remediation plans, and secure coding guidance aligned with industry standards and compliance requirements.
  • Strong communication skills to convey technical findings to technical and executive stakeholders.

    • Educational Qualifications

  • Bachelor’s degree in engineering, Computer Science, or related discipline.
  • CEH Certification (Mandatory) plus one or more advanced certifications :
  • EC-Council Certified Application Security Engineer (CASE – Java / .NET)
  • GIAC Secure Software Programmer (GSSP – Java / .NET)
  • Programming language-neutral certifications like CSSLP.

    • Personal attributes

  • Self-starter and quick learner requiring minimal ramp-up
  • Excellent written, oral, and interpersonal communication skills
  • Highly self-motivated, self-directed, and attentive to detail
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
    • Create a job alert for this search

    Senior Application Security Engineer • India

    Related jobs
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaNagpur, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    AquanowNagpur, IN
    Aquanow, a leading infrastructure and liquidity provider that provides institutional and enterprise application platforms for digital assets, is looking for a Cloud Security Engineer to join our te...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    YASH Technologiesnagpur, maharashtra, in
    The AppSec Engineer is a specialized cybersecurity role focused on DevOps engineering principles.While the expectation of their sibling role – SAE – is to have practical working security knowledge,...Show moreLast updated: 27 days ago
    • Promoted
    • New!
    (Urgent) Senior Application Security Engineer

    (Urgent) Senior Application Security Engineer

    QualiZealIndia
    Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA) - Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) ...Show moreLast updated: 3 hours ago
    • Promoted
    • New!
    Sr. Security Engineer I

    Sr. Security Engineer I

    NextGen HealthcareIndia
    Develop and maintain security tooling, guidelines, and standards for the Security Engineering team.Participate in threat intelligence and forensic analysis exercises, with guidance from more senior...Show moreLast updated: 15 hours ago
    • Promoted
    Lead Application Security Engineer

    Lead Application Security Engineer

    InMobi AdvertisingIndia
    InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content,...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Application Security Engineer (Vulnerability Management)- Level 3

    Application Security Engineer (Vulnerability Management)- Level 3

    QuEST Global Services Pte. Ltdindia, null, India
    Quest Global is an organization at the forefront of innovation and one of the world’s fastest growing engineering services firms with deep domain knowledge and recognized expertise in the top OEMs ...Show moreLast updated: 15 hours ago
    • Promoted
    DevSecOps / AppSecOps Staff Engineer

    DevSecOps / AppSecOps Staff Engineer

    First American (India)nagpur, maharashtra, in
    Our people-first culture empowers bold thinkers and passionate technologists to solve real-world challenges through scalable architecture and innovative design. If you're driven by impact, thrive in...Show moreLast updated: 11 days ago
    • Promoted
    • New!
    Senior Security Engineer

    Senior Security Engineer

    OracleIndia
    As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations.You will drive the p...Show moreLast updated: 15 hours ago
    • Promoted
    • New!
    Senior Security Engineer

    Senior Security Engineer

    CFA InstituteIndia
    CFA Institute is seeking a hands-on Senior Security Engineer to design, build, and harden the systems that protect our global enterprise. In this role, you’ll partner with Site Reliability Engineeri...Show moreLast updated: 15 hours ago
    • Promoted
    • New!
    Application Security Engineer (Automation) - Level 3

    Application Security Engineer (Automation) - Level 3

    QuEST Global Services Pte. Ltdindia, null, India
    Quest Global is an organization at the forefront of innovation and one of the world’s fastest growing engineering services firms with deep domain knowledge and recognized expertise in the top OEMs ...Show moreLast updated: 15 hours ago
    • Promoted
    Senior DevOps Security Engineer

    Senior DevOps Security Engineer

    JRD SystemsIndia, India
    We are seeking a highly skilled Senior DevOps / Platform Engineer to join our dynamic team.The ideal candidate will have extensive experience in managing and automating infrastructure, improving depl...Show moreLast updated: 8 days ago
    • Promoted
    Security Engineer (Remote)

    Security Engineer (Remote)

    DigiHelic Solutions Pvt. Ltd.Nagpur, IN
    Remote
    We are looking for a proactive and experienced.In this role, you will design, implement, and maintain.The ideal candidate will have deep. Monitor cloud environments for.AWS-native and third-party to...Show moreLast updated: 3 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    NopalCyberIndia
    About NopalCyber NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response ...Show moreLast updated: 10 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    QualiZealIndia
    Security Testing Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA) Perform Dynamic Application Security Testing (DAST) and Interactive Application Security ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Application Security Specialist

    Senior Application Security Specialist

    YASH TechnologiesIndia
    Must to Have Responsibilities : Communication : Should be able to understand and articulate technical aspects clearly Cloud Security Expertise : Understand cloud development processes and provide se...Show moreLast updated: 10 days ago
    • Promoted
    • New!
    Senior Security Engineer Bangalore

    Senior Security Engineer Bangalore

    Chronos Consultingindia, null, India
    Our client is a world-renowned US startup in the field of automation.This California unicorn is still a private enterprise experiencing hypergrowth. They are looking for an exceptional Senior Securi...Show moreLast updated: 15 hours ago
    • Promoted
    • New!
    Senior Security Engineer

    Senior Security Engineer

    UplightIndia
    The PositionDo you dream about creating a more sustainable future? At Uplight, we are motivating energy users and providers to accelerate the clean energy ecosystem. Working with over 80 of the worl...Show moreLast updated: 15 hours ago