Senior Security Engineer - Veracode
Indexed description
More information is available at www.credera.com. We are part of the OPMG Group of Companies, a division of Omnicom Group Inc.
Location: Hyderabad
Role Summary:
We are seeking a highly skilled and experienced Senior Security Engineer with a strong focus on Application Security and Software Vulnerability Management. The ideal candidate will bring hands-on expertise in Veracode along with exposure to modern security testing and DevSecOps practices.
This role will partner closely with engineering teams, architects, DevOps, and business stakeholders to strengthen and scale the organization's Application Security capability across the enterprise. The individual will play a key role in identifying, prioritizing, and driving remediation of software vulnerabilities while enabling secure software development practices.
Key Responsibilities
- Lead and scale Application Security initiatives across multiple engineering teams and business units.
- Hands-on management and administration of Veracode platform including onboarding applications, policy management, scan execution, triaging findings, and reporting.
- Collaborate with development, DevOps, cloud, and architecture teams to integrate security into the SDLC and CI/CD pipelines.
- Drive vulnerability management activities including identification, prioritization, tracking, remediation validation, and risk reporting.
- Work with stakeholders to improve secure coding practices and reduce recurring vulnerabilities.
- Support secure deployment practices across cloud and hybrid environments.
- Assist in defining Application Security standards, policies, and best practices.
- Create dashboards, metrics, and executive reports related to vulnerability posture and remediation status.
- 4+ years of experience in Cybersecurity with strong focus on Application Security.
- Hands-on experience with Veracode is mandatory.
- Hands on experience of other application security tooling is desirable
- Strong understanding of:
- Secure coding principles
- Vulnerability management lifecycle
- API security
- Application security
- Data security
- Building developer engagement to encourage remediation
- Experience in rolling out secure by design architecture patterns
- Knowledge of CI/CD integration using Jenkins, GitHub Actions, GitLab CI, Azure DevOps, etc.
- Familiarity with cloud platforms such as AWS, Azure, or GCP.
- Understanding agentic development practices and techniques to secure it.
- Understanding of container and Kubernetes security concepts is preferred.
- Experience working with Agile/Scrum development environments.
- Strong analytical, problem-solving, and stakeholder management skills.
- Excellent communication and collaboration abilities.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search