Sr Security Engineer (Application Security)

Job Title: Sr Security Engineer - Application Security

Location: Bangalore

Department: Information Security

Job Summary:

We are seeking a skilled and experienced Sr Security Engineer - Application Security to join our Information Security team. The ideal candidate will have a strong background in application security, penetration testing, and secure software development. The candidate should also be proficient with tools like Burp Suite and have relevant penetration testing certifications. A deep understanding of the OWASP Top 10 is essential.

Key Responsibilities:

Lead application security initiatives, including penetration testing using Burp Suite.

Develop and enforce security policies and procedures and collaborate with development teams to integrate security into the SSDLC.

Perform code reviews and security assessments to identify and mitigate vulnerabilities.

Secure cloud-based applications and infrastructure using AWS.

Stay current with application security trends and threats and provide technical support for security-related issues.

Contribute to security training programs and prepare and present security reports to management.

Must Have Qualifications:

Educational Background: Bachelor s degree in computer science, Information Technology, or a related discipline.

Professional Experience: A minimum of 6 years of proven experience in application security or a closely related field.

Technical Expertise:

• Extensive experience in application and network penetration testing.
• Strong hands-on expertise with tools like Burp Suite for application security testing.
• Former development experience with a deep understanding of secure coding practices.

Certifications: Industry-recognized certifications such as OSCP, CEH, or equivalent credentials demonstrating advanced security knowledge.

Knowledge Base:

• Comprehensive understanding of the OWASP Top 10 vulnerabilities and their mitigation strategies.
• Familiarity with secure software development lifecycle (SDLC) processes.

Soft Skills: Exceptional communication and interpersonal abilities, enabling effective collaboration with cross-functional teams and clear articulation of security risks and solutions.

Good to Have Qualifications:

Work Ethic: Demonstrated capability to work both independently and collaboratively in a team-oriented environment.

Excellent problem-solving and analytical skills.

Master s degree in a related field.

Proficiency in AWS cloud security

Experience in an application security role within a security operations team.

Knowledge of DevSecOps practices and tools.

Proficiency in .NET and C# (priority), with Java as a secondary skill.