Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Engaged Employer

Zeta

Compare

3.3

based on 250 Reviews

Video summary

109 Zeta Jobs

Manager - Application & Product Security

Zeta Inc.

3.3

based on 250 Reviews

12-18 years

Hyderabad / Secunderabad, Bangalore / Bengaluru

1 vacancy

Manager - Application & Product Security

Zeta

posted 3d ago

Job Role Insights

Flexible timing

Key skills for the job

Python Linux Administration Windows System Administration Information Security MySQL Application Development

+ 4 more

Job Description

The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI/CD pipeline to enhance continuous security integration.

Responsibilities

Guide Security and Privacy Initiatives : Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development.
Ensure Secure Application Development : Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices.
Project Scope Management : Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance/maintenance.
Drive Internal Adoption and Visibility : Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization.
Security Engineering Expertise : Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization.
Team Leadership and Development
Make decisions on hiring and lead the hiring process to build a skilled security team.
Define and drive improvements in the hiring process to attract top security talent.
Mentor and guide developers and QA teams on secure coding practices and security awareness.
Security Tool and Gap Assessment : Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities.
Stakeholder Liaison : Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team.
Bug Bounty Program Management : Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively.
Own Security Posture : Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained.

Skills

Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) across web, mobile, API, and network/Infra environments.
Deep understanding of the OWASP Top 10 and their respective attack and defense mechanisms.
Strong exposure to Secure SDLC activities, Threat Modeling , and Secure Coding practices.
Experience with both commercial and open-source security tools, including Burp Suite , AppScan , OWASP ZAP , BEEF , Metasploit , Qualys , Nipper , Nessus andSnyk .
Expertise in identifying and exploiting business logic vulnerabilities .
Solid understanding of cryptography , PKI-based systems, and TLS protocols.
Proficiency in various AuthN/AuthZ frameworks (OIDC, OAuth, SAML) and the ability to read, write, and understand Java code.
Experience with Static Analysis and Code Reviews using tools like Snyk , Fortify , Veracode , Checkmarx , and SonarQube .
Hands-on experience in reverse engineering mobile apps and using tools like Dex2jar , ADB , Drozer , Clang , iMAS , and Frida/Objection for dynamic instrumentation.
Experience conducting penetration tests and security assessments on internal/external networks, Windows/Linux environments, and cloud infrastructure (primarily AWS).
Ability to identify and exploit security vulnerabilities and misconfigurations in Windows and Linux servers .
Proficiency in shell scripting and automating tasks with tools such as Python or Ruby .
Familiarity with PA-DSS , PCI SSF (S3, SSLC), and other security standards like PCI DSS , DPSC, ASVS and NIST .
Understanding of Java frameworks like Spring Boot , CI/CD processes, and tools like Jenkins & Bitrise.
In-depth knowledge of cloud infrastructure (AWS, Azure), including VPC/VNet, S3 buckets, IAM,Security Groups, blob stores, Load Balancers, Docker containers, and Kubernetes .
Solid understanding of agile development practices.
Active participation in bug bounty programs (HackerOne, Bug Crowd, etc.) and experience with hackathons and Capture the Flag (CTF) competitions.
Knowledge of AWS/Azure services , including network configuration and security management.
Experience with databases (PostgreSQL, Redshift, MySQL) and other data storage solutions like Elasticsearch and S3 buckets .
Preferred Certifications: OSCP, OSWE, GWAPT, AWAE, AWS Certified Security Specialist, CompTIA Security+

Experience and Qualifications

12 to 18 years of overall experience in application security, with a strong background in identifying and mitigating vulnerabilities in software applications.
A background in development and experience in the fintech sector is a plus.
Bachelor of Technology (BE/ B.Tech ), M.Tech , or ME in Computer Science or an equivalent degree from an Engineering college/University .

Employment Type: Full Time, Permanent

Read full job description

Prepare for Security roles with real interview advice

What people at Zeta are saying

What Zeta employees are saying about work life

based on 250 employees

79%

86%

73%

92%

Flexible timing

Monday to Friday

No travel

Day Shift

View more insights

Compare Zeta with

Paytm

3.3

Compare

PhonePe

4.0

Compare

Mobikwik

4.1

Compare

Payed

2.7

Compare

Razorpay

3.6

Compare

BillDesk

3.2

Compare

PayPal

3.9

Compare

CCAvenue

2.5

Compare

Instamojo

3.7

Compare

Ola Money

3.1

Compare

Fractal Analytics

4.0

Compare

Watchyourhealth.com

4.8

Compare

Subex

3.5

Compare

Kiya.ai

3.5

Compare

MathCo

3.0

Compare

Innovatiview India Ltd

3.9

Compare

Sedemac Mechatronics

4.1

Compare

Hughes Systique Corporation

3.9

Compare

Konica Minolta Business Solutions India Pvt. Ltd.

3.5

Compare

Exponentia.ai

4.6

Compare

Similar Jobs for you

Product Security Engineer at Atlassian

Remote

10-15 Yrs

₹ 40-47.5 LPA

Security at Replicon Software (India) Pvt Ltd

Remote

11-21 Yrs

₹ 40-47.5 LPA

Cyber Security at RSM DELIVERY CENTER (INDIA) PRIVATE LIMITED

Hyderabad / Secunderabad, Gurgaon / Gurugram + 1

8-13 Yrs

₹ 25-40 LPA

Engineering Manager at Zeta Inc.

Bangalore / Bengaluru

8-13 Yrs

₹ 50-80 LPA

Senior Software Engineer at MasterCard

Pune

8-13 Yrs

₹ 40-45 LPA

Security at Winning Edge

Bangalore / Bengaluru

10-15 Yrs

₹ 35-50 LPA

Senior Engineer II at American Express Company

Bangalore / Bengaluru

8-13 Yrs

₹ 20-60 LPA

Senior System Software Engineer at NVIDIA

Bangalore / Bengaluru

4-12 Yrs

₹ 37.5-42.5 LPA

Software Engineer at Goldman Sachs

Hyderabad / Secunderabad

10-15 Yrs

₹ 40-45 LPA

Software Engineer IV at Juniper Networks India Pvt Ltd

Bangalore / Bengaluru

7-14 Yrs

₹ 35-40 LPA

Zeta Bangalore / Bengaluru Office Location

View all

Bangalore / Bengaluru (1)

Bengaluru Office

Headquarter

Ground Floor, Tower C, Diamond district, Old Airport Rd, Domlur Bengaluru
560008