Application Security Senior Engineer

Role Overview: The Application Security Senior Engineer will play a crucial role in safeguarding our applications and digital assets against security threats. With a primary focus on Vulnerability Assessment and Penetration Testing (VAPT), the role involves identifying, assessing, and mitigating security vulnerabilities across our application portfolio. This position requires a proactive mindset, strong technical skills, and the ability to collaborate effectively with cross-functional teams and support the security projects.

Key Responsibilities:1. Vulnerability Assessment and Penetration Testing (VAPT):- Conduct comprehensive security assessments of applications using industry-standard tools and techniques.- Perform manual testing and automated scans to identify vulnerabilities such as OWASP Top 10, SQL injection, XSS, CSRF, etc.- Analyze and interpret assessment findings, providing clear and actionable recommendations to development teams.- Support the security gating process with timely security assessment and reporting.- Provide guidance and assistance on secure software development life cycle.- Track identified vulnerabilities through to resolution, collaborating closely with development teams to ensure timely mitigation.- Provide detailed vulnerability reports and metrics to stakeholders, including risk assessments and remediation progress.
2. Support for Security Projects:- Actively participate in security projects and initiatives, providing expertise and guidance on application security best practices.- Perform Security Architecture review for existing and new security projects and guide on security best practices.- Collaborate with architects and developers to integrate security into the SDLC (Secure Development Life Cycle) and CI/CD pipelines.
3. Incident Response and Support:- Assist in incident response activities related to application security incidents.- Contribute to root cause analysis and lessons learned sessions to improve incident handling and prevention strategies.
4. Security Awareness and Training:- Develop and deliver training sessions on secure coding practices and application security awareness.- Promote a culture of security within the organization, advocating for continuous improvement and adherence to security policies.

Requirements:

• Bachelors degree in Computer Science/Information Technology, or a related field.
• Minimum of 5 years of experience in application security, with a focus on VAPT and secure development practices.
• Proven experience with security assessment tools such as Burp Suite, Qualys, Nessus, etc.
• Strong understanding of web application architecture, including front-end, back-end, and APIs.
• Solid knowledge of OWASP guidelines and best practices for secure coding.
• Certifications such as CISSP, CEH, OSCP, or similar are preferred.
• Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, with attention to detail.

‍

Why join us?

• Impactful Work: Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry.
• Tremendous Growth Opportunities: Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development.
• Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated.
• Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com