Search by job, company or skills

Ola

Application Security Engineer

Save
  • Posted a month ago
  • Over 50 applicants

Job Description

Job Title: Application Security Engineer

Job Summary:

A Security Engineer will be responsible for ensuring the security and privacy of the company's products and services. This role will be vital in shaping the company's security strategy by working closely with development teams to identify, evaluate, and mitigate potential security risks and ensuring that all products are designed, built, and deployed with security as a critical consideration.

Roles and Responsibilities:

  1. Embed security in all products and services, including architecture, development, deployment, and maintenance, through the SSDLC program.
  2. Perform threat modeling, security reviews, code assessments, penetration testing, and overall application security evaluations.
  3. Develop and implement security policies, standards, and guidelines to secure product development processes.
  4. Identify and mitigate security risks across the product life cycle with practical solutions.
  5. Continuously enhance the organization's security posture through technical improvements and process optimization.
  6. Assist in incident response and support vulnerability remediation efforts with technical expertise.
  7. Stay informed on emerging security threats and technologies, integrating improvements into the security strategy.
  8. Drive the adoption of shift-left security practices, ensuring security is considered early in development.
  9. Collaborate with DevOps and IT teams to integrate security into the CI/CD pipeline and drive security automation initiatives such as SAST, DAST, and IAST.
  10. Measure and improve security maturity using different frameworks like the DevSecOps Maturity Model.
  11. Ensure compliance with industry standards and regulations such as ISO 27001, GDPR, and PCI DSS.
  12. Promote security awareness across development teams and establish secure coding practices through continuous education.

Experience & Skills:

  1. Strong understanding of security principles and methodologies, with experience securing systems at scale.
  2. Proficiency in application security engineering, vulnerability assessments, and incident response.
  3. Expertise in web, mobile, and cloud security and familiarity with tools like OWASP and SANS frameworks.
  4. Mobile Application Testing, API Security Testing, Web Application Testing, Cloud Security (AWS, GCP, OpenStack etc)
  5. Strong problem-solving skills with the ability to address complex security issues.
  6. Excellent communication and collaboration skills, with experience working across development and operations teams.
  7. Expertise in ISO/IEC 27001, ISO 27017, ISO 27018, SOC 2, and PCI DSS is highly desirable.

More Info

Job Type:
Industry:
Employment Type:

About Company

Ola

Job ID: 141053837

Similar Jobs

Bengaluru, India

Skills:

secure sdlc JavaDASTCloud securityVulnerability AssessmentPenetration TestingSecurity VulnerabilitiesBurp SuiteGcpDevSecOpsApplication SecurityAuthenticationAzurePythonAWSAutomation scriptsAutomating security testing processesSCAAuthorizationOWASP ZAPSAST

Bengaluru, India

Skills:

JavaDASTDevSecOpsJavascriptApplication SecurityOwasp Top 10PythonCWESCASAST

Bengaluru, India

Skills:

threat modeling SonarqubeBurp SuiteJwtDjangoReactAWSNode.jsFastAPIKubernetesAzureOwasp Top 10GcpDockerOauth2ZapSemgrepSANS CWE Top 25OIDCTrivy

Bengaluru, India

Skills:

threat modeling Application SecurityVulnerability AssessmentsPenetration Testingrisk managementsecure coding principlessecurity policies and procedures

Bengaluru, India

Skills:

threat modeling Penetration TestingApplication SecurityOwasp Top 10Vulnerability Assessmentssoftware risk managementsecurity policies and proceduressecure coding principles