CrawlJobs Logo
Zuora Logo Zuora · IT - Software Development

Application Security Engineer II

India, Bengaluru · Job Posted January 09, 2026
Apply Position
Job Link Share

Job Description

Zuora’s Application Security & Security Engineering team partners closely with engineering to embed security into the software development lifecycle through scalable tools, processes, and culture. As an Application Security Engineer, you’ll work hands-on with developers and architects to drive secure design, build security automation, and support critical projects across our cloud-native platform. This role is part of our growing presence in Sydney and offers the opportunity to shape and scale security practices globally.

Job Responsibility

  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams

Requirements

  • 2+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders

Nice to have

  • Experience with AWS security best practices and securing cloud-native architectures
  • Background in DevSecOps or building security automation into CI/CD pipelines
  • Familiarity with Bug Bounty triage or managing responsible disclosure programs
  • Experience with regulatory frameworks (e.g., ISO 27001, SOC 2, or GDPR) as they relate to product security
  • Programming or scripting skills (e.g., Python, JavaScript, or Go) to build internal tools or automation

What we offer

  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Zuora - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Application Security Engineer II

8 matching positions

Application Security Engineer II

The Application Security Engineer II plays a key role in strengthening applicati...
Location
Location
United States , Irvine
Salary
Salary:
120000.00 - 170000.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application Security, Product Security, or Secure Software Engineering with hands-on experience defining and implementing Secure SDLC requirements
  • Experience integrating SAST, DAST, and open-source vulnerability scanning into CI/CD pipelines
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field
  • Practical experience securing containerized applications and managing hardened container images
  • Strong understanding of common application vulnerabilities (e.g., OWASP Top 10), modern CI/CD workflows and DevOps practices and secure coding and build processes
  • Strong troubleshooting and collaboration skills
  • Excellent stakeholder management and communication skills
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Define, document, and maintain Secure SDLC policies, standards, and procedures covering secure design and coding expectations, security testing requirements, build, release, and deployment security controls
  • Partner with Engineering, Platform, and AppDev teams to ensure Secure SDLC requirements are practical and scalable, integrated into existing development workflows, and clearly communicated and understood
  • Utilizing the standardized Risk Operation processes, support governance activities, including reviews, exceptions, and continuous improvement of SDLC security requirements
  • Develop, manage, and maintain a hardened cloud container image repository for application workloads
  • Define baseline security requirements for container images, including base image selection and hardening, patch and dependency management, and runtime security considerations
  • Partner with platform and application teams to drive adoption of approved images and patterns
  • Ensure container images are scanned, updated, and versioned in alignment with security standards
  • Define and implement automated security testing within CI/CD pipelines, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Open-source and dependency vulnerability scanning
  • Tune tools and rules to balance coverage, accuracy, and developer experience
  • Ensure security testing is integrated early in the pipeline to enable remediation prior to final build and deployment
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

We have a 4 month contract opportunity for a hands-on Application Security Engin...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) or equivalent experience
  • 2–4 years of experience embedding security across the Secure SDLC
  • Application Security Testing
  • Web Application Firewalls
  • API Security
  • Experience with SAST, DAST, IAST, MAST, and WAF (preferred)
  • Knowledge of .NET Framework, C++, Java, Python
  • Knowledge of development toolset to design, develop, test, deploy, maintain, and improve software
  • Experience with static, dynamic, and interactive application scanning tools
  • Intermediate - Seeks to acquire knowledge in area of specialty
Job Responsibility
Job Responsibility
  • Implement and enforce the Company’s secure system development life cycle (SSDLC) standard
  • Administrate the Company’s application security testing (AST) technologies
  • Work directly with application development teams to ensure application weaknesses and identified vulnerabilities are mitigated or remediated within a standardized SLA
  • Web Application Firewall (WAF) Management
  • Interactive Application Security Testing (IAST) expansion
  • Supply Chain Security
  • Application Security Posture Management (ASPM)
  • Application Programming Interface (API) Security
  • Ensure the implementation and maintenance of application security standards as per industry best practices
  • Perform architectural analysis of the current application security architecture to detect critical deficiencies and recommend solutions for improvement
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer II

As a Senior Application Security Engineer, you will drive security initiatives t...
Location
Location
United States , Seattle
Salary
Salary:
148500.00 - 237600.00 USD / Year
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in programming languages like Python, Java, Go, or C#
  • Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control
  • In-depth understanding of vulnerabilities and secure coding practices
  • Hands-on experience with security tools like Snyk, Semgrep, or similar
  • Ability to simplify and communicate technical security concepts to diverse audiences
  • Demonstrated success in partnering with developers to integrate security without disrupting velocity
  • Experience performing secure code reviews and interpreting SAST/DAST results
  • Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes)
Job Responsibility
Job Responsibility
  • Integrate Security into Development
  • Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines
  • Partner with engineering teams to design secure-by-default architectures and workflows
  • Enable Developer Success
  • Act as a trusted advisor and partner for development teams, providing actionable guidance to address security issues
  • Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities
  • Proactively Identify Risks
  • Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools
  • Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated
  • Advocate for a “security debt” reduction mindset to maintain long-term product integrity
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Employee Resource Groups (ERGs)
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer II

As a Senior Application Security Engineer, you will drive security initiatives t...
Location
Location
United States , Seattle
Salary
Salary:
152850.00 - 244560.00 USD / Year
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in programming languages like Python, Java, Go, or C#
  • Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control
  • In-depth understanding of vulnerabilities and secure coding practices
  • Hands-on experience with security tools like Snyk, Semgrep, or similar
  • Ability to simplify and communicate technical security concepts to diverse audiences
  • Demonstrated success in partnering with developers to integrate security without disrupting velocity
  • Experience performing secure code reviews and interpreting SAST/DAST results
  • Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes)
Job Responsibility
Job Responsibility
  • Integrate Security into Development
  • Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines
  • Partner with engineering teams to design secure-by-default architectures and workflows
  • Enable Developer Success
  • Act as a trusted advisor and partner for development teams, providing actionable guidance to address security
  • Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities
  • Proactively Identify Risks
  • Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools
  • Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated
  • Advocate for a "security debt" reduction mindset to maintain long-term product integrity
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Security Engineer II - Windows Security

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in security or related field
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Public track record of relevant security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Security Engineer II - Threat Modeling & AI

Sec Eng at Uber means building for real-world impact under real-world constraint...
Location
Location
Brazil , Sao Paulo
Salary
Salary:
Not provided
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior/Staff seniority in a Security Engineer role, specifically within threat modeling or security architecture
  • Proficiency in Python or Go, with the ability to write modular, high-quality code and pass a technical coding interview
  • Experience performing offensive security testing and identifying architectural gaps in distributed systems (microservices, APIs, or cloud infrastructure)
  • Demonstrated knowledge of AI-specific security risks, including OWASP Top 10 for LLM or Agentic Applications
  • Bachelor’s degree in Computer Science, a related technical field, or equivalent practical experience
Job Responsibility
Job Responsibility
  • Red team AI agents and developer tools to identify vulnerabilities, creating reproducible PoCs and clear mitigation paths for engineering teams
  • Translate complex standards like the OWASP Top 10 for LLMs into Uber-specific reference architectures and enforceable security controls
  • Drive findings through to completion by partnering across disciplines—including engineering, legal, and external vendors—to land fixes in a fast-paced environment
  • Scale your security testing by building automated evaluation harnesses and AI-driven regression coverage to keep pace with rapid deployment
  • Communicate residual risk to non-technical stakeholders and leadership, translating technical debt into actionable business decisions
  • Own the security bar for agentic workflows and vendor onboarding, ensuring that guardrails are integrated into the developer experience from day one
Read More
Arrow Right

Clinical Engineering Medical Device Security Engineer II

As our Clinical Engineering Med Device Network Engineer, you will ensure end-to-...
Location
Location
United States , Englewood
Salary
Salary:
49.78 - 74.05 USD / Hour
americannursingcare.com Logo
American Nursing Care
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree in HTM, Computer Science, Technology or Business Discipline upon hire or equivalent professional experience required
  • Minimum of 5-6 years of Clinical Engineering Networking role or equivalent experience required
  • Experience with HIPAA/HITECH compliance standards required
  • Valid Driver's License
Job Responsibility
Job Responsibility
  • Ensure end-to-end security for medical devices and integrate security systems within our environment
  • Leverage technology for security testing
  • Collaborate with regional CE technicians on complex medical device projects
  • Contribute to remediation documentation with the CE Medical Device Security Team
  • Manage vendor-related device vulnerabilities
  • Support the CE IT environment
  • Provide specialized repair for medical equipment
  • Collaborate with cross-functional teams to architect solutions that strengthen security controls of network connected medical devices
  • Test configurations and deploy risk mitigation strategies
  • Prepare, document and present detailed guidance for system configuration and risk mitigation
What we offer
What we offer
  • medical
  • prescription drug
  • dental
  • vision plans
  • life insurance
  • paid time off (full-time benefit eligible team members may receive a minimum of 14 paid time off days, including holidays annually)
  • tuition reimbursement
  • retirement plan benefit(s) including, but not limited to, 401(k), 403(b), and other defined benefits offerings
  • Fulltime
Read More
Arrow Right

Cloud Security Engineer Ii (Aws, Secops)

We are looking for a hands-on Cloud Security Engineer II (AWS, SecOps) to be the...
Location
Location
Salary
Salary:
Not provided
tripadvisor.com Logo
Tripadvisor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience securing a production environment in AWS
  • comfortable with its core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail)
  • good understanding of core AWS services beyond just security tools (e.g., VPC networking, EC2, RDS, S3, Lambda, EKS)
  • proficiency with Terraform for managing and securing cloud infrastructure
  • proven experience with the full lifecycle of security incidents
  • proficiency in at least one scripting language (e.g., Python, Go, Bash)
  • solid understanding of common web application vulnerabilities (OWASP Top 10)
  • demonstrated ability to use AI tools to improve efficiency, quality, and decision-making in day-to-day work
  • proven ability to operate effectively with a global-first mindset
Job Responsibility
Job Responsibility
  • Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling (WAF, SIEM, Cloud-Native tools)
  • respond to security incidents that directly impact the Tripadvisor Experiences application
  • triage vulnerabilities reported through our bug bounty program and other external sources
  • build and maintain security monitoring and alerting capabilities within our production environment
  • automate security operations tasks using scripting languages like Python or Go
  • configure, tune, and help manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub
  • operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams
  • conduct threat modeling for new features
  • collaborate with engineering teams and provide guidance on secure coding practices and architecture
What we offer
What we offer
  • Competitive compensation packages
  • base salary and annual bonuses
  • Work your way
  • flexible schedule
  • donation matching
  • tuition assistance
  • lifestyle benefit
  • travel perks
  • employee assistance program
  • health benefits
  • Fulltime
Read More
Arrow Right