Application Security Engineer

Permanent / Full-Time
We are seeking an experienced Application Security Engineer to join our team and ensure that our applications and software are secure, robust, and compliant with industry standards. The ideal candidate will have 3-5 years of hands-on experience in identifying, assessing, and mitigating security risks in application architectures. You will collaborate closely with development, operations, and security teams to integrate security best practices throughout the software development lifecycle (SDLC).
Duties and responsibilities
Security Assessment & Implementation:
  1. Perform threat modeling, vulnerability assessments, and risk analysis for web and mobile applications.
  2. Conduct code reviews, security testing, and penetration testing to identify security vulnerabilities.
  3. Implement security controls and practices in collaboration with developers and operations teams.
  4. Perform application hardening and ensure adherence to OWASP standards.
Development Support:
  1. Collaborate with developers to design secure application architectures.
  2. Provide recommendations to mitigate vulnerabilities found in static, dynamic, and manual testing.
  3. Support secure coding practices and ensure security is integrated into the SDLC.
  4. Develop and implement security automation for testing and deployment pipelines (DevSecOps).
Tooling & Monitoring:
  1. Configure and manage application security tools such as SAST, DAST, and RASP tools (e.g., Checkmarx, Veracode, Burp Suite, etc.).
  2. Monitor application traffic and logs for suspicious activity using tools like SIEM or WAFs.
  3. Establish and monitor security KPIs for continuous improvement.
Compliance & Documentation:
  1. Ensure applications comply with industry standards (e.g., GDPR, PCI-DSS, ISO 27001).
  2. Prepare and maintain detailed documentation of security controls, testing results, and remediations.
  3. Participate in audits and compliance activities to demonstrate adherence to security protocols.
Training & Awareness:
  1. Conduct training sessions for developers on secure coding practices and application security principles.
  2. Raise awareness about emerging security threats and vulnerabilities across teams.
Skills and experience
Must-Have:
  1. Strong knowledge of OWASP Top 10, SANS CWE, and other security frameworks.
  2. Experience with security testing tools like Burp Suite, Nessus, ZAP, or similar.
  3. Hands-on experience with secure coding practices in Java, Python, JavaScript, or similar languages.
  4. Familiarity with application architectures, APIs, microservices, and cloud environments.
  5. Proficiency in tools for SAST, DAST, and CI/CD integration.
  6. Experience with cryptographic principles (e.g., TLS, PKI, hashing, and encryption).
Good to Have:
  1. Knowledge of cloud security (AWS, Azure, or Google Cloud).
  2. Familiarity with container security (e.g., Docker, Kubernetes).
  3. Certifications such as CISSP, CEH, OSCP, or CSSLP.
  4. Experience with scripting or automation using Bash, Python, or similar.
  5. Understanding of network security and firewalls.
Soft Skills:
  1. Strong problem-solving and analytical abilities.
  2. Excellent communication skills to convey technical details to non-technical audiences.
  3. Team player with a proactive and collaborative approach.
  4. Attention to detail and the ability to work in a fast-paced environment.

Perks & Benefits
  • Competitive salary and performance-based bonuses.
  • Opportunities for certifications and professional development.
  • Flexible working hours and remote work options.
  • Health and wellness benefits (if applicable).
  • Collaborative and innovative work environment.

Department

Software Department

Location

Hyderabad | India

Education

Graduation (Software, IT)

Compensation

5.6L – 7.2 L | Annum

Subordinates

Subordinate to the head

Additionally

pension + Insurance

Interested in this vacancy?

Enter your Resume details with cover letter and Apply  Shortlisted candidates will be contacted.

Ziegler Aerospace is a Global Aerospace Company, Operating under the EASA Part 21 framework and headquartered in the United Kingdom. our experienced Engineering Team is engaged in the design and certification of Structural and Cabin Interiors repairs and modifications for all types of Large Aircraft.