Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 1K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Employer? Claim Account for FREE

Transco - A Marmon Rail Company

Compare

No reviews yet

6 Transco - A Marmon Rail Company Jobs

Lead Engineer Application Security

Transco A Marmon Rail Company

6-8 years

Hubli, Mangaluru, Mysuru / Mysore + 2 more

1 vacancy

Transco - A Marmon Rail Company

posted 1mon ago

Job Role Insights

Key skills for the job

Medical Coding Python Linux Administration Javascript PHP Information Security

+ 3 more

Job Description

We are seeking a highly skilled and experienced Senior Application Security Engineer to lead our security efforts with a focus on integrating security practices seamlessly into our development processes. The ideal candidate will have extensive experience in both security and software development, with a deep understanding of secure coding practices, vulnerability assessments, and mitigating techniques.

Responsibilities:

1. Lead Security Integration: Drive the implementation of security measures throughout the software development lifecycle, ensuring that security is prioritized at every stage.

2. SecOps Implementation: Collaborate with development and operations teams to integrate security practices into CI/CD pipelines, automating security testing and deployment processes.

3. Vulnerability Management: Conduct regular vulnerability assessments using SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools, and coordinate remediation efforts with development teams.

4. Secure Code Review: Ensure all software code, including third-party components, undergo regular code reviews and static analysis to identify and remediate security vulnerabilities. Follow secure coding practices.

5. Security Architecture: Design and implement secure architecture patterns for applications and systems, considering factors such as encryption, authentication, and access controls.

6. Threat Modeling: Perform threat modeling exercises to identify potential security risks and develop strategies to mitigate them effectively.

7. Security Awareness: Educate development teams on secure coding practices, OWASP top 10 vulnerabilities, and emerging security threats to foster a security-conscious culture.

8. Incident Response: Develop and maintain incident response plans and lead investigations and post-incident reviews in the event of security breaches or incidents.

9. Compliance and Standards: Stay updated on industry regulations and compliance requirements related to application security, ensuring that our systems adhere to relevant standards.

10. Security Standards Documentation: Documentation of security practice and process during the development lifecycle.

11. Cloud Security: Implement and manage security controls for cloud-based applications and services, ensuring compliance with cloud security best practices.

Skills and Qualifications:

Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other relevant certifications preferred.
Proficiency in programming languages such as Java, PHP, .net, C#, ASP.net, Python, or JavaScript
Professional Certified of Cloud, AWS, Azure.
Experience in (WAF, IAM - Okta, Auth 0, KMS - encryption, OpenSSL, key vault)
Knowledge PEN testing, Burp Suite or Metasploit, Kali Linux, Wireshark network packet analysing.
Aware of regulatory requirements GDPR, HIPAA
Awareness of AI, copilot, codewhisper, vulnerability scanning - How to use AI to do code review, and vulnerability scanning
Bachelor s degree in computer science, Information Security, or a related field.
6 - 8 years of experience in application security, software development, or a related field.
Proficiency in security testing tools such as SAST, DAST, and vulnerability scanners.
In-depth knowledge of secure coding practices, cryptographic protocols, and authentication mechanisms.
Familiarity with OWASP top 10 vulnerabilities and best practices for mitigating them.
Experience with DevOps, SecOps practices and tools, including CI/CD pipelines and infrastructure as code.
Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
Knowledge to have database and mobile app security.

We are looking for a proactive and passionate individual who is dedicated to staying ahead of emerging security threats and driving a culture of security excellence within our organization. If you are ready to take on the challenge of leading our application security efforts, we want to hear from you.

Following receipt of a conditional offer of employment, candidates will be required to complete additional job-related screening processes as permitted or required by applicable law .

Employment Type: Full Time, Permanent

Read full job description