Talent.com
No longer accepting applications
Immediate Start! Lead Security Engineer, Web Development

Immediate Start! Lead Security Engineer, Web Development

QualysIndia
12 days ago
Job description

Job Description :

Lead Security Engineer

Experience Level : 7-10 years

Location : Pune

Come work at a place where innovation and teamwork come together to build products that make the world safe.

Why Qualys

Qualys, Inc. is a pioneer and leading provider of cloud security and compliance solutions. Qualys helps organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications via its award winning Qualys Cloud Platform.

About Product Security at Qualys

The Product Security team operates differently. Simply put, build programs and resources to support the company exceed on goals related to the security of the customer experience on Qualys. We prevent problems from becoming incidents.

About This Role

The Qualys Security is looking for an experienced Lead Security Engineer to join the Product Security team in Pune, India. The role will act as a domain security architect for our Java Platform Products. This is an outstanding opportunity to work in the product team of a fast-growing publicly held company. This role is based in Pune, India.

Typical Duties

  • Lead web application security initiatives across multiple product lines.
  • Develop security automations for product security shift left initiatives.
  • Perform application security assessments including static / dynamic code analysis, and manual testing.
  • Conduct secure code reviews for applications developed in Java and / or Python, ensuring adherence to best practices and compliance standards.
  • Collaborate with development teams to design and implement secure coding practices and provide remediation guidance for identified vulnerabilities.
  • Build prototypes of security capabilities, collaborate with developers on improvements, help Qualys ship security in our products.
  • Drive threat modeling exercises and identify application design risks.
  • Establish and improve processes for integrating security into CI / CD pipelines.
  • Serve as a subject matter expert (SME) for web application security, mentoring engineers and raising security awareness.
  • Stay current with the latest application security trends, vulnerabilities (e.g., OWASP Top 10, SANS 25), and relevant tooling.
  • Partner with product, DevOps, and infrastructure teams to build a comprehensive secure SDLC framework.

What You’ll Bring

  • Bachelor’s degree in computer science, Information Security, or related field (or equivalent practical experience).
  • 7+ years of overall software security experience at product-led companies.
  • Minimum 3 years of hands-on experience focused on Java, Python and / or Golang development.
  • Extensive experience in event-driven architectures, multi-tenant solutions, software patterns, and mature web middleware used in SaaS applications.
  • Proven track record of driving complex security initiatives through cross-functional collaboration and influence.
  • Strong background in application security and product security.
  • Hands-on practical experience delivering enterprise level cybersecurity solutions and controls via Threat Modeling and Security Design & Architecture Reviews.
  • Proven experience in DevSecOps capabilities, test-driven development, client-side software, and microservice architecture.
  • Knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (including but not limited to Private Cloud deployment, artificial intelligence, machine learning etc.).
  • Proven hands-on experience with :
  • Application security testing (SAST, DAST, IAST, manual penetration testing).
  • Performing and leading secure code reviews.
  • Identifying and remediating common web application vulnerabilities.
  • Familiarity with OWASP Top 10, CWE / SANS Top 25, and other application security standards.
  • Experience within Product Security including but not limited to :
  • Deploying products using Cloud and containers technology (e.g. GCP, AWS, Kubernetes, Docker)
  • Securing APIs and micro-services
  • Securing Software as a Service (SaaS) tool and managing their security baseline posture
  • Software Supply Chain Security
  • Mentoring and developing security point of contacts / experts within development teams who will act as helping hands for the product security team.

    • Nice to have

  • Experience integrating security tools into CI / CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.).
  • Exposure to cloud security (AWS, Azure, GCP) in the context of web applications.
  • Certifications such as OSWE, OSCP, GWAPT, or CSSLP are a plus.
  • Prior experience mentoring or leading a small security team.

    • Soft Skills

  • Excellent communication and collaboration skills to work across engineering and product teams.
  • Ability to translate complex security issues into clear guidance for developers.
  • Strong problem-solving mindset with a balance of pragmatism and security rigor.
    • Create a job alert for this search

    Lead Engineer • India

    Related jobs
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaNagpur, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Platform Engineer

    Platform Engineer

    NTT DATA, Inc.nagpur, India
    Experience in EDR- CrowdStrike.Experience in any one Ng (NextGen) SIEM tools (Crowdstrike, Qradar, Arcsight, Splunk,etc). Hands-on Experience in Security Automation tools- SOAR Platform.Experience i...Show moreLast updated: 3 days ago
    • Promoted
    Full Stack Engineer

    Full Stack Engineer

    Korotek International Ltd.Nagpur, IN
    We suggest you enter details here.This is a contract remote role for a Full Stack Engineer.The Full Stack Engineer will be responsible for designing, developing, and maintaining both front-end and ...Show moreLast updated: 7 days ago
    • Promoted
    Lead Network & Security Engineer (Hyperscalers – OCI / GCP)

    Lead Network & Security Engineer (Hyperscalers – OCI / GCP)

    Cloud4C Servicesnagpur, India
    Gartner’s Magic Quadrant (2021), is a leading automation-driven Cloud Managed Services Provider (MSP).We specialize in multi-cloud migration, management, and disaster recovery with zero data loss g...Show moreLast updated: 9 days ago
    • Promoted
    DevSecOps / AppSecOps Staff Engineer

    DevSecOps / AppSecOps Staff Engineer

    First American (India)Nagpur, IN
    Our people-first culture empowers bold thinkers and passionate technologists to solve real-world challenges through scalable architecture and innovative design. If you're driven by impact, thrive in...Show moreLast updated: 30+ days ago
    • Promoted
    Contractor Security Engineer Level 3 - GRC Tech Solutions

    Contractor Security Engineer Level 3 - GRC Tech Solutions

    MindlanceIndia, India, India
    Remote Role | Contractor Security Engineer Level 3 – GRC Tech Solutions.This position focuses on enabling process clarity, automation, and efficiency while creating insights that empower our busine...Show moreLast updated: 2 days ago
    • Promoted
    • New!
    ▷ (Apply Now) Security Lead

    ▷ (Apply Now) Security Lead

    BDx Data CentersNagpur, Maharashtra, India
    COMPANY OVERVIEW Big Data Exchange (BDX), A leading Pan Asian hybrid, hyperscale and edge solutions provider with assets located in Hong Kong, Singapore, Guangzhou, Nanjing and expanding footprint...Show moreLast updated: 2 hours ago
    • Promoted
    Web App SDK Engineer

    Web App SDK Engineer

    HuxleyNagpur, IN
    Language requirements : English only.Extensive experience (5+ years) in JavaScript and TypeScript development, with a strong focus on SDK development for Web applications. Proven track record in lead...Show moreLast updated: 16 days ago
    Lead Information Security Engineer

    Lead Information Security Engineer

    MasterCardIN
    Mastercard powers economies and empowers people in 200+ countries and territories worldwide.Together with our customers, we’re helping build a sustainable economy where everyone can prosper.We supp...Show moreLast updated: 2 days ago
    • Promoted
    Software Engineer

    Software Engineer

    Seceon Inc.Nagpur, IN
    Seceon delivers a unified cybersecurity platform that enables enterprises, MSPs, and MSSPs to detect, respond, and remediate threats in real-time. With AI-powered threat detection and auto-response,...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    CBTSnagpur, maharashtra, in
    Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst, Cyber-Intelligence Analyst. Certifications, Accreditations, Licenses.One or more of th...Show moreLast updated: 8 days ago
    Software Engineer - DevOps Security

    Software Engineer - DevOps Security

    Branch InternationalIN
    Quick Apply
    Branch Overview Branch delivers world-class financial services to the mobile generation.With offices in the United States, Nigeria, Kenya, and India, Branch is a for-profit socially conscious compa...Show moreLast updated: 30+ days ago
    • Promoted
    AI Security & Cloud Engineer (Cybersecurity + Full-Stack)

    AI Security & Cloud Engineer (Cybersecurity + Full-Stack)

    CloudMatosIndia, India
    In order to proceed further, you have to take the test.M2nO77GO-BogYEl0NY4ceD60TtSJ2hFPnlW0lhizqDE / edit?tab=t.CloudMatos is a next-generation cloud-security and AI-security platform designed for mo...Show moreLast updated: 6 days ago
    • Promoted
    Sr Threat Detection Engineer

    Sr Threat Detection Engineer

    Insight GlobalNagpur, IN
    Exact compensation may vary based on several factors, including skills, experience, and education.Benefit packages for this role will start on the 31st day of employment and include medical, dental...Show moreLast updated: 8 days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Nagpur, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    • Promoted
    Software Engineer

    Software Engineer

    capeironNagpur, IN
    We’re Hiring : Software Engineer [Remote].Month Contract Role at Capeiron Technology.Fixed Compensation for contract : INR 5,00,000. As a Software Engineer, you’ll be responsible for developing and ma...Show moreLast updated: 30+ days ago
    • Promoted
    Contractor Security Engineer Level 3 – GRC Tech Solutions

    Contractor Security Engineer Level 3 – GRC Tech Solutions

    MindlanceNagpur, IN
    Remote Role | Contractor Security Engineer Level 3 – GRC Tech Solutions.This position focuses on enabling process clarity, automation, and efficiency while creating insights that empower our busine...Show moreLast updated: 8 days ago
    • Promoted
    Security Engineer (Detection and Response)

    Security Engineer (Detection and Response)

    FoodsmartNagpur, IN
    Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 14 days ago