The Application Security Engineer ensures the security and integrity of the organization’s software by identifying and mitigating vulnerabilities throughout the development lifecycle. This role works closely with developers, architects, and stakeholders to embed secure design principles into CI/CD pipelines, conduct security assessments, and review code. The engineer leverages SAST/DAST tools, supports Web Application Firewall (WAF) protections, and responds to application security incidents. Additionally, the role promotes security awareness, stays current on emerging threats and technologies, and partners across teams to build strong, scalable, and compliant application security controls.
· Perform application security assessments, penetration testing, and code reviews to identify vulnerabilities.
· Integrate secure design principles and security controls into CI/CD pipelines.
· Implement and manage SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools.
· Support and optimize WAF configurations to protect web applications.
· Guide development teams on secure coding practices and remediation strategies.
· Respond to and investigate application security incidents, ensuring timely resolution.
· Collaborate with architects, developers, and stakeholders to embed security into software design.
· Promote security awareness and provide training to development teams.
· Stay informed on emerging threats, technologies, and best practices in application security.
KPIs and Success Metrics
· Vulnerability Remediation Rate: Percentage of identified vulnerabilities resolved within SLA.
· Secure Development Adoption: Increase in secure coding practices across development teams.
· CI/CD Security Coverage: Number of pipelines integrated with automated security checks.
· Incident Response Time: Average time to detect and remediate application security incidents.
· WAF Effectiveness: Reduction in successful web application attacks and false positives.
· Training Impact: Improvement in developer security awareness and reduction in recurring issues.
· Continuous Improvement: Number of enhancements implemented to strengthen application security posture.
EXPERIENCE, SKILLS, KNOWLEDGE
ESSENTIAL
Experience Required
· Proven experience in application security or related cybersecurity roles.
· Strong understanding of secure software development practices and SDLC.
Pay: ₹75,000,000.00 per year
Benefits:
- Cell phone reimbursement
- Commuter assistance
- Flexible schedule
- Food provided
- Paid sick time
- Provident Fund
Work Location: In person