Back to search
Galaxy Office Automation Pvt. Ltd. Linkedin · Posted 1mo ago

Senior Application Security / Product Security Engineer

India

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Experience : 4+ Years

Job Location : Ghansoli, Mumbai

Job Description

We are seeking an experienced Application Security / Product Security Engineer to help secure

our applications and products throughout the software development lifecycle. The ideal

candidate will have strong knowledge of cloud-based architectures, application security best

practices, and secure SDLC, along with hands-on experience performing security design

reviews and application testing across web, API, mobile, and thick client applications. This role

requires close collaboration with engineering, architecture, DevOps, and product teams to

identify security risks early and ensure secure product development.

Key Responsibilities

 Integrate security practices into the Software Development Lifecycle (SDLC).

 Perform application security design reviews for new and existing products.

 Conduct Manual And Automated Security Testing Of

  • Web applications
  • REST / GraphQL APIs
  • Mobile applications (Android / iOS)
  • Thick client / desktop applications

 Identify vulnerabilities such as OWASP Top 10, authentication issues, authorization

flaws, and API security risks.

 Review cloud architecture and deployments (AWS, Azure, GCP) for security best

practices.

 Work with development teams to prioritize and remediate vulnerabilities.

 Perform threat modeling and security architecture assessments.

 Track vulnerabilities, remediation status, and risk metrics using Excel or vulnerability

management tools.

 Support secure coding practices and developer security awareness.

 Manage multiple security assessments and coordinate tasks across teams.

 Provide reports and dashboards for management regarding security posture.

Required Skills & Qualifications

 Strong understanding of Application Security and Product Security principles.

 Experience with secure SDLC practices.

 Hands-on Experience Performing Security Testing For

  • Web applications
  • APIs
  • Mobile apps
  • Thick client applications

 Knowledge of cloud platforms (AWS / Azure / GCP) and cloud security architecture.

 Experience performing security design reviews and threat modeling.

 Familiarity with OWASP Top 10, API Security Top 10, and common vulnerability

classes.

 Experience Using Security Tools Such As

  • SAST
  • DAST
  • SCA

 API testing tools

 Good working knowledge of Excel for tracking vulnerabilities, metrics, and reporting.

 Strong task management and stakeholder coordination skills.

 Ability to work with engineering and product teams to drive security remediation.

Preferred Qualifications

 Certifications such as:

  • CEH
  • OSCP
  • GWAPT
  • CSSLP
  • CISSP

 Experience with DevSecOps pipelines and CI/CD security integration and

architecture design principles.

 Experience with container and Kubernetes security and cloud security.

Soft Skills

 Strong communication and collaboration skills

 Ability to manage multiple projects and stakeholders

 Analytical thinking and problem-solving ability

 Strong documentation and reporting skills

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent