102+ Applicants
Posted: 1 week ago
3-5 years
India
work from office
Posted: 1 week ago
|
Applicants: 102+
Job Description
Similar Jobs
Please verify your account first!
Send OTP
Job Description
What Youll Do
Core Skills
- Conduct VAPT (Vulnerability Assessment & Penetration Testing) across web applications, mobile apps, and APIs — end-to-end, with clear findings and actionable recommendations.
- Perform secure code reviews across Go, Python, Java, and Node.js codebases to identify security issues before they reach production — not just relying on scanners.
- Integrate and tune SAST, DAST, dependency scanning, and other security tooling into CI/CD pipelines to automate vulnerability detection at scale.
- Identify and remediate cloud security misconfigurations — particularly in AWS — covering IAM policies, networking, storage, and service configurations.
- Build and improve security automation, signal aggregation pipelines, and internal tooling that reduce manual toil for the security team.
- Respond to security incidents: triage, investigate, contain, and help build resilience to prevent recurrence.
- Partner with engineering teams to embed security into product development workflows — be a resource, not a gatekeeper.
- Stay ahead of emerging threats, vulnerability disclosures, and attack techniques relevant to companys stack and operating environment.
- Hands-on experience with VAPT — web, mobile, and API security — with the ability to go beyond tooling and think like an attacker.
- Ability to read and review code in one or more of: Golang, Python, Java, Node.js — finding security issues through manual review, not just automated scans.
- Solid understanding of cloud security fundamentals, especially AWS: IAM, VPC, S3, security groups, and common misconfigurations.
- Familiarity with application security concepts: OWASP Top 10, authentication/authorization flaws, injection vulnerabilities, insecure deserialization, etc.
- Experience with CI/CD pipelines and integrating security tooling (SAST, DAST, SCA) into developer workflows.
- 3–5 years of experience in a security engineering, AppSec, or product security role at a product-first company.
- B.Tech / M.Tech in Computer Science or equivalent.
Looking to get Placed? Try our Placement Guarantee Plan
- You are curious and proactive — you dig into problems, not wait for them to escalate.
- You balance security best practices with real-world product and business constraints — you understand what good enough for now means without losing sight of the right direction.
- You communicate clearly with engineers and non-engineers alike — you can explain a SQL injection in a pull request comment or in a leadership review.
- Participation in CTFs (Capture the Flag), bug bounty programs, or published security research.
- Experience with container security or Kubernetes environments.
- Exposure to threat modeling, security design reviews, or red-teaming exercises.
- Familiarity with mobile security (iOS/Android) in addition to web/API.
Skills
PythonCode ReviewGolangJavaKubernetesNode.jsTestingDeveloperApiCloudSqlIf an employer asks you to pay any kind of fee, please notify us immediately. Jobaaj does not charge any fee from the applicants and we do not allow other companies also to do so.
Important dates & deadlines?
Application Deadline
23 Jun 26, 07:28 PM IST
Similar Jobs
View All
Loading...
Don't Miss out any Updates
Subscribe now for the latest job alerts
and never miss an update
Job Alert
Google hiring for Specific Roles Apply Now!
1 min ago
New Opportunity
Amazon is hiring freshers Apply Now!
5 min ago
Featured Jobs
Microsoft opening 50+ positions Apply Now!
10 min ago
