Applications Security Engineer - Vulnerability Management

Role Summary :

We are looking for an experienced and technically skilled Application Security Engineer to strengthen our cybersecurity posture. The ideal candidate should possess a solid understanding of application-level vulnerabilities, secure code practices, and vulnerability management tools.

You will be responsible for conducting in-depth assessments, secure code reviews, and supporting development teams to remediate findings in alignment with security standards.

Key Responsibilities :

- Safeguard the Confidentiality, Integrity, and Availability of the organization's application ecosystem.

- Perform Vulnerability Assessment and Penetration Testing (VAPT) for Web, Mobile, and API components using both open-source and commercial tools.

- Conduct secure code reviews to identify critical flaws and provide remediation guidance to development teams.

- Lead manual penetration testing and demonstrate proof-of-concept exploits.

- Guide developers and QA teams in interpreting security findings and applying fixes aligned with secure SDLC practices.

- Collaborate with DevOps teams to integrate security into CI/CD pipelines.

- Maintain compliance with PCI DSS and other regulatory/security standards.

- Drive continuous improvements in security test plans, test cases, and internal security frameworks.

Technical Skills Required :

- 3+ years of hands-on experience in Application Security.

- Proficient in VAPT (Static & Dynamic Analysis) for Web, API, and Mobile applications.

- Strong experience with secure code review tools like Fortify, Coverity, Checkmarx.

- Familiarity with DevSecOps and CI/CD pipeline security integration.

- Hands-on with tools like Burp Suite, Nessus, Postman, SoapUI, Metasploit.

- Understanding of WAFs, API gateways, and secure protocol practices.

- Development/scripting knowledge in Java, JavaScript, AngularJS, or Python.

- Experience using JIRA for issue tracking and defect logging.

Certifications Preferred : OSCP, OSWE, CEH, GWEB or similar security certifications.

Soft Skills :

- Strong communication and documentation skills.

- Ability to work independently and collaboratively.

- Must be proactive, with an ownership mindset and attention to detail.

Location : Andheri (W), Mumbai, Maharashtra

Kindly Note :

- Candidates who are Immediate Joiners or have 30 Days' Notice Period will be considered.