Security Engineer
Join Our Community
Required Skills
Job Description
- *This role is for one of our clients**
Industry: Software Development
Seniority level: Mid\-Senior level
Min Experience: 6\+ years
Location: Bengaluru
JobType: full\-time
We are looking for an experienced **Security Engineer** to join our engineering team and play a critical role in building secure, resilient, and scalable products. In this role, you will work closely with software engineers, DevOps, infrastructure, and product teams to embed security into every stage of the software development lifecycle. You will be responsible for identifying security risks, implementing preventive controls, conducting security assessments, and ensuring that applications and infrastructure meet modern security standards.
The ideal candidate has extensive hands\-on experience in **Product Security**, with a deep understanding of application security principles, secure software development practices, vulnerability management, and security automation. Experience with **Threat Modeling** is highly desirable and will be valuable in proactively identifying and mitigating security risks during the design and development phases.
- *Requirements**
- ---------------
### **Key Responsibilities**
- Design, implement, and maintain product security strategies across the software development lifecycle.
- Collaborate with engineering teams to integrate security best practices into application architecture, development, testing, and deployment.
- Conduct comprehensive security assessments, code reviews, and vulnerability analyses for web, mobile, and backend applications.
- Identify, prioritize, and remediate security vulnerabilities using industry\-standard tools and methodologies.
- Develop secure coding guidelines and educate engineering teams on security best practices.
- Implement and manage security controls, authentication mechanisms, encryption standards, and access management solutions.
- Automate security testing within CI/CD pipelines, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and container security scanning.
- Monitor security alerts, investigate incidents, and coordinate remediation efforts with relevant stakeholders.
- Perform security reviews for APIs, cloud infrastructure, and microservices\-based architectures.
- Ensure compliance with industry security standards and frameworks such as OWASP Top 10, CWE, NIST, ISO 27001, and SOC 2\.
- Partner with cross\-functional teams to improve overall security posture and reduce organizational risk.
- Stay updated with emerging threats, vulnerabilities, and security technologies to continuously improve security practices.
### **Required Qualifications**
- Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field.
- 6–9 years of professional experience in information security, application security, or product security engineering.
- Strong expertise in **Product Security** and secure software development practices.
- Hands\-on experience identifying and mitigating application security vulnerabilities.
- Deep understanding of authentication, authorization, encryption, identity management, and secure communication protocols.
- Experience securing cloud\-native applications running on AWS, Azure, or Google Cloud Platform.
- Strong knowledge of web application security, API security, container security, Kubernetes security, and modern software architectures.
- Experience using security tools such as Burp Suite, OWASP ZAP, Snyk, Checkmarx, Veracode, SonarQube, or similar platforms.
- Proficiency in one or more programming or scripting languages such as Python, Java, Go, JavaScript, or Bash.
- Strong analytical, troubleshooting, and problem\-solving abilities with excellent communication skills.
### **Good\-to\-Have Skills**
- Experience conducting **Threat Modeling** using methodologies such as STRIDE, PASTA, or Attack Trees.
- Knowledge of DevSecOps practices and security automation.
- Familiarity with Infrastructure as Code (Terraform, CloudFormation) security.
- Experience with penetration testing and red team assessments.
- Security certifications such as CISSP, CSSLP, GSEC, OSCP, GWAPT, or AWS Security Specialty.
- Experience working in Agile and cloud\-native product development environments.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Similar Jobs
- D
Scrum Master / Agile Coach
Datamatics Technologies · Bengaluru, Karnataka, India
- P
Agile Story Analyst (Web)
Prospus · India
- V
Java Architect
Virtusa · KA, IN
Job Overview
- Job type
- Full-time
- Work mode
- On-site
- Location
- Bengaluru
- Posted
- 21h ago
- Source
- Indeed