CrawlJobs Logo

Senior Application Security Engineer

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
India, Bangalore

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

This role involves embedding security into software delivery pipelines, designing and implementing security controls, and ensuring code integrity across systems. You'll engage in secure code reviews, vulnerability management, and mentoring team members while collaborating as a trusted partner across departments.

Job Responsibility:

  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
  • facilitate threat modeling sessions for applications, APIs, and pipeline workflows
  • expand security automation coverage, including API discovery, dependency scanning, SBOM generation, and secrets detection
  • mentor developers and DevOps engineers on secure pipeline and coding practices
  • act as a trusted partner to product, platform engineering, and DevOps leaders
  • translate security risk into business impact
  • collaborate with SOC/IR teams in response to software supply chain or pipeline compromises

Requirements:

  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices

Nice to have:

  • experience integrating SBOM generation and software composition analysis into software delivery pipelines
  • knowledge of runtime protection tools (API security, RASP, EDR for containers)
  • familiarity with GitOps, Infrastructure as Code (IaC) scanning (Terraform, CloudFormation), and policy-as-code solutions
  • experience responding to pipeline compromises or dependency poisoning incidents
  • relevant certifications: OSWE, CSSLP, GPCS, GIAC GWEB, GIAC Cloud Security Automation (GCSA)
What we offer:
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment

Additional Information:

Job Posted:
September 30, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Application Security Engineer

New

Senior Application Security Engineer

As an Application Security - Senior Product Security Engineer, you will play a c...
Location
Location
United States
Salary
Salary:
157000.00 - 216000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices
Job Responsibility
Job Responsibility
  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
  • Fulltime
Read More
Arrow Right
New

Senior Security Engineer

The primary focus of this role is web application security. The security team wo...
Location
Location
Salary
Salary:
110000.00 - 190000.00 USD / Year
aha.io Logo
Aha!
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Four+ years of experience working in application security
  • Active collaborator with engineering and product teams
  • Experience with security reviews or threat modeling for a full-stack web application
  • Experience with security tools such as CodeQL or Burp Suite
Job Responsibility
Job Responsibility
  • Identifying application security threats and mitigations early
  • Improving and maintaining security code scanning tools
  • Contributing to application security scanning or testing
  • Developing and sharing secure patterns internally for ongoing education
What we offer
What we offer
  • Profit sharing
  • Medical, dental, and vision plans (for many teammates, we cover 100% of the premiums)
  • Up to 200 hours of paid time off a year to spend however you want
  • 30 to 90 days of paid parental leave and five to 10 days of paid care and bereavement leave
  • Up to $1,000 annually for third-party education, along with paid time off to immerse yourself in learning
  • Volunteer opportunities throughout the year
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right
New

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right
New

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
  • Travel: No routine travel required
  • occasional travel as needed.
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, discounted games & events and stocked pantries.
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

The Senior Security Engineer will provide hands-on technical leadership within t...
Location
Location
United Kingdom , Leeds; Thame
Salary
Salary:
65000.00 - 75000.00 GBP / Year
pexa.co.uk Logo
PEXA UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proactive, can-do attitude to get things done quickly and efficiently
  • Strong collaboration and communication skills
  • Willingness to contribute ideas to the security programme
  • Demonstratable first-hand experience in achieving organisational adherence to security best practices
  • Experience in the practical protection of a remote working laptop estate and SaaS cloud solutions
  • Experience in identity and access management solutions
  • Experience in device business automation and updates
  • Experience in the security aspects of cloud web application hosting and defence measures like WAF
Job Responsibility
Job Responsibility
  • Maintenance and Operational Security: Ensure all security solutions remain operationally effective
  • Ensure technical teams timely patch applications, systems, software, and hardware
  • Maintain and audit secure configurations for devices, applications, and cloud environments
  • Access Control and Identity Management: Conduct regular user and privileged account reviews
  • Manage and monitor Privileged Identity Management (PIM) profiles and elevated access accounts
  • Coordinate with IT and HR for onboarding/offboarding
  • Tool, Infrastructure, and Encryption Management: Maintain and optimise security infrastructure and tools
  • Oversee encryption key and certificate management
  • Work with vendors and internal teams to ensure tools remain current
  • VPN, Network & Firewall Security: Design, configure, and maintain secure VPN and Zero-Trust network solutions
What we offer
What we offer
  • Your growth: We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools
  • Your wellness: We care about your holistic wellbeing
  • Your work/life blend: We want to help you create your ideal work/life blend
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Kensho is S&P Global’s hub for AI innovation and transformation. With expertise ...
Location
Location
United States , New York; Cambridge
Salary
Salary:
160000.00 - 190000.00 USD / Year
kensho.com Logo
Kensho Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Five or more years of experience as a security engineer
  • Experience securing modern web applications and distributed data infrastructure in a cross-team setting
  • Prior experience working with enterprise security technologies such as WAF, CSPM, OAuth2, and SIEM
  • Strong understanding of cryptography and current best practices
  • Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies
  • Three or more years experience writing code in Python, Javascript, Java, or Go
  • Experience conducting or facilitating IT security audits
  • Familiarity with security models for cloud providers such as AWS, Azure and GCP
  • Familiarity with core networking concepts and standard protocols such as TCP, UDP, and HTTP
Job Responsibility
Job Responsibility
  • Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards
  • Developing and updating security plans: Planning and managing security projects and initiatives
  • Emergency response: Demonstrating excellent surveillance and emergency response skills
  • Identifying and mitigating security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools
  • Implementing de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts
  • Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security program
  • Risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks
  • Auditing policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place
  • Building a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them
  • Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance
What we offer
What we offer
  • Medical, Dental, and Vision insurance
  • 100% company paid premiums
  • Unlimited Paid Time Off
  • 26 weeks of 100% paid Parental Leave (paternity and maternity)
  • 401(k) plan with 6% employer matching
  • Generous company matching on donations to non-profit charities
  • Up to $20,000 tuition assistance toward degree programs, plus up to $4,000/year for ongoing professional education such as industry conferences
  • Plentiful snacks, drinks, and regularly catered lunches
  • Dog-friendly office (CAM office)
  • Bike sharing program memberships
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy