JobGrid.eu
Einloggen
Menü
Einloggen
elfbeauty

Senior Application Security Engineer

🇮🇳 Remote, Indien Remote Veröffentlicht Mai 19, 2026
Bewerben
Standort Remote, Indien
Arbeitsort Remote
Sprache English
Veröffentlicht 19. Mai 2026
Zuletzt geprüft 30. Mai 2026
JobGrid-Kontext

Rollenübersicht von JobGrid

Senior Application Security Engineer at elfbeauty: Remote, Indien. JobGrid adds normalized role facts, source context, and a path to the employer application page so candidates can compare the listing before applying.

  • Location and workplace: Remote, Indien
  • Source freshness: checked by JobGrid on 2026-05-30.
  • Application path: candidates continue to the employer application page with non-personal referral tags.

We are seeking a highly skilled and proactive Senior Application Security Engineer to join our growing security team.

You will be responsible for securing our applications throughout the software development lifecycle (SDLC). This includes

- identifying vulnerabilities,

- working with development teams to remediate risks, and

- implementing security best practices and tools to ensure our applications are robust, secure, and compliant with relevant standards.

Responsibilities:

  • Perform manual and automated security assessments of web, mobile, and cloud applications
  • Collaborate with development and engineering teams to embed security into SDLC (DevSecOps)
  • Conduct secure code reviews, threat modeling exercises, and risk assessments to identify security weaknesses in application design.
  • Implement and manage application security tools (SAST, DAST, SCA, IAST)
  • Design and enforce security policies, standards, and procedures for application development
  • Monitor, triage, and respond to application-layer vulnerabilities and incidents
  • Work closely with QA and engineering teams to drive security testing and fix validation
  • Lead the Incident Response effort for application-related security events.
  • Stay current on the latest security threats, vulnerabilities, and industry's best practices
  • Conduct developer training and promote a security-first culture within engineering
  • Cross-train team members on Application Security principles.
  • Actively participate in the broader corporate security efforts, including infrastructure security, end-user training, and vulnerability management.

Rquirements:

  • Overall 8+ years of experience
  • Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
  • 5+ years in application security, secure software development, and penetration testing.
  • Strong understanding of web technologies (HTML, JavaScript, Python, REST APIs, etc.).
  • Experience with security tools for code security, bug bounty programs, and the ability to integrate them into CI/DC pipelines for automated security testing.
  • Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices.
  • Knowledge of cloud environments (AWS, Azure, GCP) and their security features.
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.

Preferred Qualifications:

  • Industry certifications such as CSSLP, GWAPT, OSCP, or CEH
  • Experience with container security and CI/CD pipeline integration
  • Familiarity with regulatory and compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS)
  • Prior experience working in agile, DevOps, or fast-paced development environments