AppSec Engineer
Indexed description
Our disruptor’s mindset, commitment to client success, and agility to thrive in the dynamic environment have enabled us to sustain our growth momentum. Persistent has been recognized across top industry platforms for innovation, leadership, and inclusion. We reported $1,654.4M FY26 revenue with 17.4% Y-o-Y growth. We have delivered 24 sequential quarters of growth with $436.0M in Q4 FY26 revenue, up 3.2% Q-o-Q and 16.2% Y-o-Y growth. Our 27,500+ global team members, located in 18 countries, have been instrumental in helping the market leaders transform their industries.
About Position
We are looking for an experienced Application Security (AppSec) Engineer to join our Security Practice. You will partner with engineering teams to embed security across the software development lifecycle.
- Role: AppSec Engineer
- Location: Mumbai
- Experience: Between 5 to 8 Years
- Job Type: Full Time Employment
- Perform application security assessments including SAST, DAST, IAST, and manual secure code reviews across web, API, and mobile applications.
- Identify, triage, and prioritize vulnerabilities, and partner with development teams to drive timely remediation.
- Conduct threat modeling and security design reviews early in the SDLC to embed security-by-design.
- Integrate and tune security tooling within CI/CD pipelines to enable shift-left and DevSecOps practices.
- Develop secure coding guidelines and deliver developer enablement and awareness sessions.
- Validate fixes, track risk to closure, and report on application security posture to stakeholders.
- Between 5 to 8 years of experience in application security.
- Hands-on expertise with SAST/DAST tools (e.g., Checkmarx, Fortify, Veracode, Burp Suite) and dependency/SCA scanning.
- Strong understanding of the OWASP Top 10, CWE/SANS Top 25, and common application attack vectors and defenses.
- Experience with threat modeling methodologies (e.g., STRIDE) and security design reviews.
- Working knowledge of at least one programming language (Java, .NET, Python, or JavaScript) to perform meaningful code reviews.
- Familiarity with CI/CD pipelines, containers, and cloud platforms (AWS, Azure, or GCP) from a security perspective.
- Relevant certifications such as CEH, OSCP, GWAPT, or CSSLP are a plus.
- Competitive salary and benefits package
- Culture focused on talent development with quarterly growth opportunities and company-sponsored higher education and certifications
- Opportunity to work with cutting-edge technologies
- Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards
- Annual health check-ups
- Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents
- We support hybrid work and flexible hours to fit diverse lifestyles.
- Our office is accessibility-friendly, with ergonomic setups and assistive technologies to support employees with physical disabilities.
- If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search