Talent.com
No longer accepting applications
Lead Security Engineer, Web Development

Lead Security Engineer, Web Development

QualysBengaluru, IN
21 days ago
Job description

Job Description :

Lead Security Engineer

Experience Level : 7-10 years

Location : Pune

Come work at a place where innovation and teamwork come together to build products that make the world safe.

Why Qualys

Qualys, Inc. is a pioneer and leading provider of cloud security and compliance solutions. Qualys helps organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications via its award winning Qualys Cloud Platform.

About Product Security at Qualys

The Product Security team operates differently. Simply put, build programs and resources to support the company exceed on goals related to the security of the customer experience on Qualys. We prevent problems from becoming incidents.

About This Role

The Qualys Security is looking for an experienced Lead Security Engineer to join the Product Security team in Pune, India. The role will act as a domain security architect for our Java Platform Products. This is an outstanding opportunity to work in the product team of a fast-growing publicly held company. This role is based in Pune, India.

Typical Duties

  • Lead web application security initiatives across multiple product lines.
  • Develop security automations for product security shift left initiatives.
  • Perform application security assessments including static / dynamic code analysis, and manual testing.
  • Conduct secure code reviews for applications developed in Java and / or Python, ensuring adherence to best practices and compliance standards.
  • Collaborate with development teams to design and implement secure coding practices and provide remediation guidance for identified vulnerabilities.
  • Build prototypes of security capabilities, collaborate with developers on improvements, help Qualys ship security in our products.
  • Drive threat modeling exercises and identify application design risks.
  • Establish and improve processes for integrating security into CI / CD pipelines.
  • Serve as a subject matter expert (SME) for web application security, mentoring engineers and raising security awareness.
  • Stay current with the latest application security trends, vulnerabilities (e.g., OWASP Top 10, SANS 25), and relevant tooling.
  • Partner with product, DevOps, and infrastructure teams to build a comprehensive secure SDLC framework.

What You’ll Bring

  • Bachelor’s degree in computer science, Information Security, or related field (or equivalent practical experience).
  • 7+ years of overall software security experience at product-led companies.
  • Minimum 3 years of hands-on experience focused on Java, Python and / or Golang development.
  • Extensive experience in event-driven architectures, multi-tenant solutions, software patterns, and mature web middleware used in SaaS applications.
  • Proven track record of driving complex security initiatives through cross-functional collaboration and influence.
  • Strong background in application security and product security.
  • Hands-on practical experience delivering enterprise level cybersecurity solutions and controls via Threat Modeling and Security Design & Architecture Reviews.
  • Proven experience in DevSecOps capabilities, test-driven development, client-side software, and microservice architecture.
  • Knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (including but not limited to Private Cloud deployment, artificial intelligence, machine learning etc.).
  • Proven hands-on experience with :
  • Application security testing (SAST, DAST, IAST, manual penetration testing).
  • Performing and leading secure code reviews.
  • Identifying and remediating common web application vulnerabilities.
  • Familiarity with OWASP Top 10, CWE / SANS Top 25, and other application security standards.
  • Experience within Product Security including but not limited to :
  • Deploying products using Cloud and containers technology (e.g. GCP, AWS, Kubernetes, Docker)
  • Securing APIs and micro-services
  • Securing Software as a Service (SaaS) tool and managing their security baseline posture
  • Software Supply Chain Security
  • Mentoring and developing security point of contacts / experts within development teams who will act as helping hands for the product security team.

    • Nice to have

  • Experience integrating security tools into CI / CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.).
  • Exposure to cloud security (AWS, Azure, GCP) in the context of web applications.
  • Certifications such as OSWE, OSCP, GWAPT, or CSSLP are a plus.
  • Prior experience mentoring or leading a small security team.

    • Soft Skills

  • Excellent communication and collaboration skills to work across engineering and product teams.
  • Ability to translate complex security issues into clear guidance for developers.
  • Strong problem-solving mindset with a balance of pragmatism and security rigor.
    • Create a job alert for this search

    Lead Security Engineer • Bengaluru, IN

    Related jobs
    • Promoted
    Senior Lead Product Security Engineer

    Senior Lead Product Security Engineer

    ConfidentialBengaluru / Bangalore
    As a Senior Lead Product Security Engineer, you will be responsible for : .Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing secur...Show moreLast updated: 30+ days ago
    • Promoted
    Loop Health - Security Engineer

    Loop Health - Security Engineer

    Loop healthBangalore
    About Us : Were a fast-growing fintech company transforming how people access insurance and healthcare services.With a team of 50+ engineers split across multiple pr...Show moreLast updated: 30+ days ago
    • Promoted
    Development Engineer-Security

    Development Engineer-Security

    ConfidentialBengaluru / Bangalore
    Hands on experience in classic AUTOSAR architecture, AUTOSAR methodologies & Tools.Software development experience for AUTOSAR based automotive ECUs. Working experience in using AUTOSAR configuratio...Show moreLast updated: 30+ days ago
    • Promoted
    Application Security Engineer - OWASP

    Application Security Engineer - OWASP

    RAPLBangalore
    About the job : Exp : 3-6 Yrs Location : Bangalore / Chennai Notice...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Associate Security Engineer( Web, Secure Code Review & Red Teaming)

    Senior Associate Security Engineer( Web, Secure Code Review & Red Teaming)

    ConfidentialBengaluru / Bangalore, India
    Conduct offensive security assessments including web, mobile, API, and network penetration testing.Perform secure code reviews to identify and remediate application vulnerabilities.Lead or support ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer - Applications Security

    Security Engineer - Applications Security

    theSocialsBangalore
    Job Description : We are seeking an experienced Security Engineer with strong expertise in Application Security, Cloud Security, and VAPT to join our client's en...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    redBusBengaluru, Karnataka, India
    We are looking for a Security Engineer to join our cybersecurity team and strengthen redBus.This role involves monitoring, analysing, and responding. Security Operations, with deep expertise in Endp...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    InfogainBengaluru, Karnataka, India
    Title : Security Engineer (6+ Years).Use CrowdStrike reports to evaluate all security vulnerabilities on both Windows and Linux systems. Analyze the requirements to remediate the security vulnerabili...Show moreLast updated: 4 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Sennovate Inc.Bangalore, IN
    Sennovate is an Information Security managed Security Service provider (MSSP) that specializes in Identity and Access Management (IAM) and Security Operations Center (SOC) powered by AI.For more in...Show moreLast updated: 12 days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    AnumanaBengaluru, Karnataka, India
    Position : Cyber Security Engineer Experience Range : 3 to 5 yrs Job Location : Bangalore Work Mode : Hybrid (3 days in the office, 2 days remote) Job Summary Anumana is seeking a skilled and moti...Show moreLast updated: 30+ days ago
    • Promoted
    Pluralsight - Product Security Engineer - SAST / DAST

    Pluralsight - Product Security Engineer - SAST / DAST

    PluralsightBangalore
    Job Description : The Product Security Engineers work closely with engineering teams to secure our Pluralsight platform.They will work on various Secure SDL programs ...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaBangalore, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Product Security Engineer II

    Product Security Engineer II

    FICOBengaluru, Karnataka, India
    Join our world-class team today and fulfill your career potential!.As a Product Security Engineer II in Cyber Security, you will be supporting security governance for a wide set of customer-facing ...Show moreLast updated: 30+ days ago
    • Promoted
    Contractor Security Engineer Level 3 – GRC Tech Solutions

    Contractor Security Engineer Level 3 – GRC Tech Solutions

    MindlanceHosur, Tamil Nadu, India
    Remote Role | Contractor Security Engineer Level 3 – GRC Tech Solutions We’re looking for a Security Engineer with a tech-first mindset to help grow and enhance our Cybersecurity.This positio...Show moreLast updated: 4 days ago
    • Promoted
    Application Security Architect

    Application Security Architect

    YASH TechnologiesGreater Bengaluru Area, India
    Role : Application Security Architect.This role is responsible for architecting, designing security controls for applications. The successful candidate will lead efforts to establish and improve secu...Show moreLast updated: 13 days ago
    • Promoted
    Security Engineer I

    Security Engineer I

    ConfidentialBengaluru / Bangalore
    Candidates with an overall of 4-6 years of product security experience.What will you be required to do.We value an open culture appreciate people from varied security backgrounds and hence we are m...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Lead Security Engineer (Urgent)

    Lead Security Engineer (Urgent)

    interface.aiBengaluru, Karnataka, India
    Get To Know Us First! Who We Are At interface.Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across v...Show moreLast updated: 4 hours ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    ENTER RecruitmentBangalore
    Job Description : We are seeking a skilled and passionate Cybersecurity Engineer to play a pivotal role in designing and implementing robus...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Cyber Security Engineer

    Senior Cyber Security Engineer

    ConfidentialBengaluru / Bangalore
    The Senior Cyber Security Engineer is responsible for designing, coding / configuring, and administering Cyber Security systems. This person is expected to champion processes and technology as a subje...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.aiBengaluru, Karnataka, India
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago