Application Security Engineer
Location
India
Posted
3 days ago
Salary
0
Seniority
Mid Level
Job Description
Application Security Engineer
JUARA IT SOLUTIONS
Role Description We are looking for an experienced Application Security Engineer to join our cybersecurity team. The ideal candidate will be responsible for securing web applications and APIs by integrating security throughout the Software Development Life Cycle (SDLC). This role involves: - Implementing security tools - Identifying and validating vulnerabilities - Supporting remediation efforts - Collaborating with development teams to build secure applications Qualifications - Bachelor's degree in Computer Science, Information Security, or a related field - 7+ years of experience in Application Security or Cybersecurity - Hands-on experience with SAST, DAST, and vulnerability assessment tools - Strong knowledge of OWASP Top 10, API Security, and secure coding practices - Experience integrating security tools into CI/CD environments such as Jenkins, GitHub Actions, or GitLab - Familiarity with scripting languages such as Python, Bash, or PowerShell - Excellent analytical, troubleshooting, and communication skills Requirements - Implement and maintain security controls for web and API applications - Integrate security practices into the Secure SDLC, including threat modeling and security design reviews - Ensure compliance with organizational security policies and industry best practices - Manage and administer vulnerability scanning tools such as Tenable or equivalent solutions - Configure, optimize, and maintain scanning policies and schedules - Improve scan accuracy by reducing false positives and fine-tuning security tools - Deploy and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) solutions - Integrate security testing into CI/CD pipelines - Work closely with development teams to ensure effective security testing and reporting - Identify, validate, and assess application vulnerabilities through automated and manual testing - Perform risk assessments and prioritize vulnerabilities based on business impact - Track remediation activities and ensure timely closure of security findings - Conduct manual and automated security assessments of web applications and APIs - Validate reported vulnerabilities and verify remediation after fixes are implemented - Document findings, attack scenarios, and remediation recommendations - Perform manual verification of vulnerabilities using penetration testing techniques - Develop proof-of-concept demonstrations when required - Support security assessments and red team activities Preferred Qualifications - Experience in threat modeling and secure architecture reviews - Hands-on exposure to penetration testing or red team activities - Industry certifications such as OSCP, CEH, GWAPT, CSSLP, or equivalent are preferred
Related Guides
Related Categories
Related Job Pages
More Application Engineer Jobs
• Lead the modernization of enterprise applications and legacy systems. • Design, develop, and modernize .NET applications. • Migrate legacy platforms to modern architectures. • Build scalable, cloud-native solutions. • Develop and maintain RESTful APIs and microservices-based applications. • Design and integrate solutions with SQL Server and other relational databases. • Optimize application performance through code refactoring and architectural improvements.
Lead PLM Application Engineer
ConvatecPioneering trusted medical solutions to improve the lives we touch
• Lead and manage a Teamcenter support team of three, allocating workload, setting priorities, monitoring performance, and ensuring high-quality service delivery against agreed SLAs. • Act as the lead escalation point for L1/L2/L3 Teamcenter incidents and service requests, investigating, diagnosing, and coordinating the resolution of complex application defects, server errors, workflow failures, and data issues with structured root-cause analysis and permanent fixes. • Lead the design and governance of custom Teamcenter solutions using ITK APIs, BMIDE business modeller, Active Workspace client-side customisation, Java or C++ extensions, and workflow handler development, while mentoring team members and maintaining a controlled GxP SDLC. • Author and maintain controlled technical documents including System Design Specifications (SDS), Validation Plans, IQ/OQ/PQ protocols, SOPs, change control records, and user guides in compliance with ISO 13485 and 21 CFR Part 11 document control requirements. • Support Computer System Validation (CSV) activities – including installation qualification, operational qualification, and performance qualification – to keep Teamcenter in a validated state aligned with EU MDR 2017/745, ISO 13485, and FDA 21 CFR Part 11. • Oversee day-to-day Teamcenter service operations and server administration, including environment health monitoring, patch and upgrade planning, data model migrations, capacity planning, and coordination of team activities. • Participate in internal and external audits (FDA, Notified Body, ISO) as the Teamcenter SME, providing evidence of system validation, data integrity controls, and audit trail completeness. • Manage change requests through the formal change control process, including impact assessments, regression testing, and updating validation documentation prior to deployment in the production environment. • Coach and develop the Teamcenter support team, establish knowledge-sharing practices, and ensure end-user training, user guides, and ongoing support are delivered effectively across engineering, quality, and regulatory functions.
PLM Application Engineer – Teamcenter
ConvatecPioneering trusted medical solutions to improve the lives we touch
• Resolve L1/L2/L3 Teamcenter incidents and service requests within SLA • Investigate, diagnose, and resolve Teamcenter application defects, server errors, workflow failures, and data issues, applying structured root-cause analysis and providing permanent fixes with full traceability • Develop custom Teamcenter solutions using ITK APIs, BMIDE business modeller, Active Workspace client-side customization, Java or C++ extensions, and workflow handler development, all under a controlled GxP SDLC • Author and maintain controlled technical documents including System Design Specifications (SDS), Validation Plans, IQ/OQ/PQ protocols, SOPs, change control records, and user guides in compliance with ISO 13485 and 21 CFR Part 11 document control requirements • Support Computer System Validation (CSV) activities – including installation qualification, operational qualification, and performance qualification – to keep Teamcenter in a validated state aligned with EU MDR 2017/745, ISO 13485, and FDA 21 CFR Part 11 • Manage day-to-day Teamcenter server administration: environment health monitoring, patch and upgrade planning, data model migrations • Participate in internal and external audits (FDA, Notified Body, ISO) as the Teamcenter SME, providing evidence of system validation, data integrity controls, and audit trail completeness • Manage change requests through the formal change control process, including impact assessments, regression testing, and updating validation documentation prior to deployment in the production environment • Deliver end-user training, create user guides and quick-reference materials, and provide ongoing helpdesk-level support to Teamcenter users across engineering, quality, and regulatory functions
Senior Application Security Engineer
Monarch MoneyA financial coach in your pocket. Get personalized advice on how to best grow your money.
• Conduct application security reviews — threat modeling, code review, and risk assessment — for new features and major product changes across Monarch's Django/Python stack • Perform and improve SAST/DAST operations including triage, validation, and remediation tracking of findings in CI/CD pipelines • Work through the vulnerability backlog with urgency — maintaining triage criteria, remediation tracking, and escalation paths in partnership with engineering squads • Perform and coordinate penetration testing and security assessments against Monarch's web and API surfaces • Apply and improve AI security review processes for LLM-integrated features and agentic attack surfaces — covering prompt injection, data leakage, model abuse, and supply chain risk • Build and maintain security automations and AI-powered tooling, and define and assess security requirements for AI workflows and agentic systems. • Participate in the weekly security on-call rotation


