CrawlJobs Logo
AMBC Logo AMBC · IT - Software Development

Application Security Engineer / Analyst

India, Chennai, Bangalore · Job Posted December 06, 2025
Apply Position
Job Link Share

Job Description

Core Responsibilities: Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus. Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps. Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance. Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning. Define and review hardening standards, TLS configurations, and integration security controls. Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages. Document findings, prepare detailed security assessment reports, and assist in mitigation validation. Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture.

Job Responsibility

  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture

Requirements

  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
AMBC - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Application Security Engineer / Analyst

8 matching positions

New

Application Security Engineer II

Ellucian designs technology that powers the educational mission of colleges and ...
Location
Location
Mexico
Salary
Salary:
Not provided
mygwork.com Logo
myGwork - LGBTQ+ Business Community
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 5 years of experience working as Application Security engineer or similar position
  • Thorough knowledge of SAST, DAST, SCA tooling
  • Extensive skills and experience performing application security / penetration testing using manual and automated tools including AI
  • Progressive application security and software development experience
  • Demonstrated technical skills, especially in the areas of enterprise application security, AI security testing, and secure development practices
  • A thorough understanding of OWASP application security tools, code libraries and documentation
  • Experience developing automated solutions to application security problems
  • Demonstrated ability to clearly communicate complex ideas verbally and in writing
  • Excellent troubleshooting, problem-solving, and analytical skills
  • Ability to occasionally work off-hours or extended hours in support of various projects
Job Responsibility
Job Responsibility
  • Analyze the security of Ellucian applications and coding practices using a variety of tools and frameworks
  • Perform manual and automated application penetration testing
  • Provide guidance to development teams for remediating application security vulnerabilities
  • Develop innovative new DevSecOps solutions to application security problems
  • Act as an evangelist for DevSecOps and application security within Ellucian
  • Create and deliver application security training for product owners, business analysts, test engineers and developers
  • Lead ongoing process and policy improvement efforts
  • Provide mentoring to members of development teams
  • Conduct ongoing research of trends in application security practices, tools and utilities
What we offer
What we offer
  • Comprehensive health coverage: family major medical expenses, dental and life insurance
  • Christmas bonus 30 days
  • Saving fund
  • Monthly food coupon
  • 15 workdays vacation
  • Thrive Flex Program that allows you to contribute towards your health, financial or learning interests
  • 5 charitable days to support the community that supports us
  • Diversity and inclusion programs that promote employee resource groups such as: Women in Technology, Pride and Go Green
  • Parental leave
  • Employee referral bonuses
  • Fulltime
Read More
Arrow Right
New

Application Security Analyst

Location
Location
India , Pune
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–3 years of professional experience in malicious code analysis or security research
  • Strong understanding of malicious code patterns and supply-chain attack techniques
  • Experience using Python for analysis or automation
  • Familiarity with both interpreted and compiled languages
  • Ability to independently learn new technologies
  • High attention to detail
  • Fluent English
Job Responsibility
Job Responsibility
  • Perform in-depth analysis of open-source packages to identify malicious behavior
  • Analyze source code across multiple programming languages
  • Investigate obfuscation, suspicious execution flows, and hidden payloads
  • Evaluate and validate detections from security tools
  • Develop scripts and internal tools (primarily in Python) to support analysis
  • Collaborate with the SCS research team and other security teams in the group
  • Fulltime
Read More
Arrow Right

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, curious, detail-orie...
Location
Location
Portugal , Braga
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst or researcher
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Customer-oriented mindset and driven by innovation
Job Responsibility
Job Responsibility
  • Analyze source code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Collaborate with other areas in the group, such as SCA and SCS
  • Supervise required technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
  • Leverage the latest technological trends for optimizing processes, including AI
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

The Security team at Zip is responsible for protecting the confidentiality and i...
Location
Location
United States , San Francisco
Salary
Salary:
160000.00 - 220000.00 USD / Year
ziphq.com Logo
Zip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience writing production-quality code for security tooling and services
  • Strong written and verbal communication with internal and external stakeholders
  • A solid understanding of security risks and the ability to balance security with business requirements
  • Experience with web applications, APIs, and cloud environments. At Zip, our stack includes Python, React, GraphQL, Kubernetes, and AWS
Job Responsibility
Job Responsibility
  • Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities
  • Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments
  • Validate, triage, and coordinate security findings from bug bounty and third party pentests
  • Mentor security analysts and security champions on security best practices and techniques
What we offer
What we offer
  • Start-up equity
  • Full health, vision & dental coverage
  • Catered lunches & dinners for SF employees
  • Commuter benefit
  • Team building events & happy hours
  • Flexible PTO
  • Apple equipment plus home office budget
  • 401k plan
  • Fulltime
Read More
Arrow Right

Application Security Engineer

We're looking for an intermediate Application Security Engineer to join our Info...
Location
Location
Salary
Salary:
Not provided
talentsafari.io Logo
Talent Safari
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years in application security, IT security, or software development with a security focus
  • Hands-on experience with penetration testing, vulnerability assessments, and secure code reviews
  • Proven experience with SAST, DAST, and threat modelling frameworks
  • Practical knowledge of secure software development practices (OWASP Top 10, CWE)
  • Hands-on development experience or scripting ability (Python, JavaScript, Bash)
  • Strong understanding of web application security, API security, and cloud security concepts (AWS, Azure, or GCP)
  • Understanding of DevSecOps principles and CI/CD security integration
  • Excellent communication skills with the ability to explain complex security concepts to technical and non-technical audiences
  • Collaborative mindset with the ability to work cross-functionally
Job Responsibility
Job Responsibility
  • Application Security Testing: Conduct web and mobile application security assessments and API security testing. Perform threat modelling, secure code reviews, and attack surface analysis. Support SAST and DAST initiatives
  • Vulnerability Management: Assist in managing the vulnerability lifecycle. Coordinate internal and external security assessments, ensuring proper scoping and timely delivery. Track and report on remediation progress
  • Secure Development Lifecycle (SDLC) Integration: Ensure secure coding practices are followed. Collaborate with developers, testers, and business analysts to provide proactive security guidance during development sprints. Contribute to security frameworks, checklists, and guidelines (aligned with OWASP, NIST, MITRE). Work on DevSecOps testing and protective controls
  • Incident Response Support: Assist in the investigation and resolution of application security incidents. Contribute to post-incident analysis and implement preventative measures
  • Continuous Improvement & Innovation: Stay informed about cybersecurity trends, emerging threats, and attack vectors. Research and contribute to the implementation of innovative security solutions. Identify process improvements to enhance the efficiency and effectiveness of security assessments
What we offer
What we offer
  • Competitive compensation package and benefits
  • Stripe Equity compensation
  • Full medical coverage
  • Wellbeing stipend
  • Generous leave and sabbatical policies
  • Hybrid working environment
  • Smart, kind colleagues who’re invested in your growth
  • Fulltime
Read More
Arrow Right

Security Engineer Analyst

At Ledger, we’re proud to be the global platform for digital assets and Web3, wi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Solid understanding of network fundamentals: TCP/IP, routing, DNS, VPN, HTTP(S), TLS
  • Good grasp of core security concepts: Zero Trust, least privilege, segmentation, identity- and context-based access
  • Comfortable with Linux environments and at least one scripting language (ideally Python) plus basic Git usage
  • Interest in cloud environments (AWS/GCP/Azure or similar) and modern access patterns (bastions, proxies, SASE/ZTNA)
  • Ability to read and challenge technical documentation and propose pragmatic improvements
  • Proactive, curious, and willing to dive into low-level technical details
  • Interest in Web3 and hardware wallets is a plus and provides useful context on Ledger’s ecosystem.
Job Responsibility
Job Responsibility
  • Work with Security Engineering and Infrastructure / SRE and IT teams to strengthen Ledger’s network and access security model
  • Map and document application and admin flows (who/what/where) and propose Zero Trust patterns (per-app access, identity-aware gateways, strong auth)
  • Contribute to PoCs and integrations for ZTNA / SASE / secure access solutions (e.g. controlled access to cloud consoles, internal admin tools, and critical SaaS)
  • Help define and document reference architectures, diagrams, and runbooks for secure remote access and network security
  • Where relevant, contribute small scripts/tools (Python, shell, etc.) to automate validation, configuration checks, or data collection.
What we offer
What we offer
  • Comprehensive compensation packages that include a wide range of benefits
  • Regionally specific benefits.
  • Fulltime
Read More
Arrow Right

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Application Security Product Analyst

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 2 years of DAST and penetration testing expertise, including hands-on experience in application security or operating enterprise tools like Burp Suite, OWASP ZAP, or Acunetix
  • Proven ability in security rule and policy development, specifically in writing custom scripts or signatures to translate vulnerability classes into detection rules
  • Technical proficiency in web protocols and API standards, with a strong command of HTTP/S, REST, GraphQL, and authentication mechanisms like OAuth and SAML
  • Proficiency in scripting languages such as Python, Go, or JavaScript to automate tasks and interact with the codebase
  • An analytical mindset with the ability to diagnose complex logs and scans to distinguish between tool failures, configuration issues, and valid security findings
Job Responsibility
Job Responsibility
  • Oversee the daily deployment, health, and operation of DAST and penetration testing capabilities to ensure optimal scanning across diverse customer environments
  • Develop and maintain attack policies and rules by creating and fine-tuning the logic that defines how the system identifies, prioritizes, and exploits vulnerabilities
  • Analyze and validate findings by reviewing complex attack paths to reduce false positives and improve the core logic's performance
  • Research novel attack vectors and emerging web/API threats to translate new techniques into executable behaviors for the DAST engine
  • Collaborate on product evolution with R&D and Product teams, using operational insights to drive feature requests and continuous improvement
Read More
Arrow Right