Information Security Engineer (Application Security)

Barracuda Networks

Risk Management & Compliance

93+ Applicants

Posted: 1 week ago

2-4 years

Bengaluru / Bangalore, Karnataka

work from office

Posted: 1 week ago

Applicants: 93+

Job Description

About Company

Similar Jobs

Please verify your account first! Send OTP

Job Description

Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data and applications with innovative solutions that grow and adapt with our customers journey. More than 200,000 organizations worldwide trust Barracuda to protect them - in ways they may not even know they are at risk - so they can focus on taking their business to the next level.

We know a diverse workforce adds to our collective value and strength as an organization.Barracuda Networks is proud to be an employer that complies with all applicable national, state and local laws pertaining to nondiscrimination and equal opportunity regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.

Envision yourself at Barracuda

We are seeking a highly motivated and detail-oriented Information Security Engineer to join

our team. The successful candidate will have a strong background in information security, with

at least 2 years of experience in the field. They will be responsible for supporting the

organizations security posture by performing the work of an information security engineer,

including conducting vulnerability assessments and penetration testing, developing and

implementing security policies and procedures, and collaborating with cross-functional teams

to ensure the organizations security is robust and effective. The ideal candidate will have a

deep understanding of security principles, technologies, and industry best practices, as well

as experience working with public cloud infrastructure such as AWS and Azure Cloud.

Additionally, they will be responsible for onboarding and implementation of GRC tools, responding to security events and incidents, and participating in threat hunting activities. This is a security generalist role with opportunities to branch into more specialized disciplines within Information Security and Cybersecurity.

What youll be working on

Support application security activities across the SDLC, including design, development, testing, release, and post-release review.
Work with Engineering and Security teams to identify, document, and track application security risks, including issues related to insecure design, weak access control, exposed secrets, vulnerable components, misconfigurations, and other common software risks.
Assist with reviewing application security findings, understanding risk context, coordinating with owners, and tracking remediation or accepted exceptions through closure.
Support basic threat modeling activities by helping identify application assets, data flows, trust boundaries, misuse scenarios, and potential security requirements.
Help promote awareness of common application security vulnerabilities, including OWASP Top 10 risks, secure coding principles, authentication and authorization concerns, input validation, data protection, and secure configuration.
Maintain clear documentation for application risks, remediation status, ownership, exceptions, timelines, and follow-up actions.
Support secure design and security review discussions for new features, product changes, integrations, and higher-risk application workflows.
Collaborate with Engineering, Product, IT, and Security teams to improve secure-by-design practices and reduce software risk over time.
Provide limited support to SOC/security operations when application-related alerts, incidents, or evidence require AppSec input, context, or follow-up.

Technologies and platforms you may work with

Source code repositories and development workflow platforms
Issue-tracking and remediation management tools
CI/CD and release workflow documentation
Security documentation, risk registers, and exception trackers
Basic cloud and enterprise environments such as AWS, Azure, and Microsoft 365
Limited exposure to SOC workflows, application-related alerts, logs, incident records, and security evidence

What you bring to the role

2+ years of experience in application security, information security, software security, security operations, software engineering, or a related technical area.
Basic understanding of the software development lifecycle (SDLC) and how security fits into design, development, testing, release, and maintenance activities.
Foundational understanding of common application security vulnerabilities, including OWASP Top 10 concepts such as broken access control, injection, insecure design, authentication issues, vulnerable components, and security misconfiguration.
Looking to get Placed? Try our Placement Guarantee Plan

Basic understanding of software risk management, including risk severity, ownership, remediation timelines, exceptions, and follow-up.
Awareness of threat modeling concepts such as assets, data flows, trust boundaries, attack paths, misuse cases, and security requirements.
Ability to work with Engineering and Security teams to understand findings, ask clarifying questions, document risk, and track remediation.
Strong documentation skills, attention to detail, and ability to maintain accurate trackers, notes, and follow-up records.
Good communication and collaboration skills with the ability to explain security issues in a clear and practical way.
Bachelors degree in IT, Cybersecurity, Computer Science, Software Engineering, or equivalent practical experience.

Nice to have

Exposure to secure coding practices or previous collaboration with software development teams.
Familiarity with application design reviews, secure SDLC processes, or software risk reviews.
Basic understanding of CI/CD pipelines and release management concepts.
Awareness of cloud security concepts in AWS, Azure, or similar environments.
Exposure to SOC, incident response, vulnerability management, or security monitoring workflows.
Entry-level certifications such as CompTIA Security+, ISC2 Certified in Cybersecurity, or similar security certifications.

What youll get from us:

A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility - there are opportunities for cross training and the ability to attain your next career step within Barracuda. Inaddition, you will receive equity, in the form of non-qualifying options.

#LI-onsite

Skills

Risk Management

If an employer asks you to pay any kind of fee, please notify us immediately. Jobaaj does not charge any fee from the applicants and we do not allow other companies also to do so.

About Company

Barracuda provides cloud-connected security and storage solutions that simplify IT. These powerful, easy-to-use, and affordable solutions are trusted by more than 150,000 organizations worldwide and are delivered in appliance, virtual appliance, cloud, and hybrid deployments. Barracuda's customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data security. For additional information, please visit www.barracuda.com. Barracuda, Barracuda Networks, and the Barracuda Networks logo are trademarks or registered trademarks ofBarracuda Networks, Inc. in the U.S. or other regions.

Important dates & deadlines?

Application Deadline

15 Aug 26, 06:01 PM IST

Similar Jobs

View All

Jobaaj

Don't Miss out any Updates

Subscribe now for the latest job alerts
and never miss an update

Job Alert

Google hiring for Specific Roles Apply Now!

1 min ago

New Opportunity

Amazon is hiring freshers Apply Now!

5 min ago

Featured Jobs

Microsoft opening 50+ positions Apply Now!

10 min ago