Staff Application Security Engineer - Vulnerability Management

Role : Staff Application Security Engineer

Location : New Delhi, India

As a Staff Application Security Engineer , you will shape how security integrates into our product lifecycle, development pipelines, and developer onboarding. We are seeking a curious, collaborative, and strategic security professional to define, lead, and evolve our application security practices alongside product and infrastructure engineering teams.

What You will Do :

- Perform secure design and code reviews, identifying and prioritizing risks, attack surfaces, vulnerabilities, and providing mitigation strategies.

- Drive the remediation of critical vulnerabilities and clearly communicate risks and solutions to stakeholders.

- Proactively eliminate entire vulnerability classes through security architecture improvements and secure coding practices.

- Continuously improve company's security posture with software and service platforms including Hacker one, Cobalt.io, and Wiz.io.

- Mentor and guide junior security engineers and cross-functional teams on secure software development best practices.

What You will Bring :

- 7+ years of experience in application security, secure software development, and cloud infrastructure security.

- Experience securing APIs, microservices architectures, and addressing modern infrastructure security challenges.

- Deep understanding of authentication and authorization protocols such as OAuth, OIDC, SAML, and JWT.

- Hands-on experience with static application security testing (SAST) and software composition analysis (SCA) tools.

- Developer-level proficiency in at least one programming language preferably Python, Java, JavaScript, or Golang.

- Familiarity with front-end and back-end technologies such as React, Next.js, TypeScript, Node.js, GraphQL, and/or Java.

- Creative, resourceful, and adaptive problem-solving capabilities.

- Excellent communication skills, both written and oral, with the ability to effectively engage with stakeholders at all levels.

- Strong ability to work independently and collaboratively across various teams, linking tactical initiatives to long-term strategic outcomes.

- A genuine passion for security and continuous learning.

Stand-Out Qualifications :

- Proven track record mentoring and developing junior team members.

- Relevant experience in offensive security, penetration testing, or red teaming.

- Expertise of cloud-native (AWS) technologies including containers, Kubernetes, and infrastructure-as-code (Terraform).

- Experience with Gitlab CI/CD.

- Contributions to the security community through open-source projects, research papers, or conference presentations.