Search by job, company or skills

Recro

Application Security Engineer

Save
  • Posted 7 days ago
  • Be among the first 20 applicants
Early Applicant

Job Description

Role - Application Security Engineer

Experience - 4+Yrs

Location - Bangalore


Qualifications & Experienc

e● Education: Bachelor's degree in Computer Science, Cybersecurity, Information Security, or equivalent practical experience

.● Experience: 3–5+ years in application security, product security, or penetration testing with strong hands-on skills

.● Technical Testing: Demonstrated experience in web application and API security testing; mobile security experience is strongly preferred

.● Tooling: Proficiency with at least two of the following: Accunetix, Burp Suite, OWASP ZAP, SonarQube (or other SAST tools), dependency scanning, or secrets scanning tools

.
Technical Knowledge & Skil

ls● Deep understanding of OWASP Top 10 and API security risks (BOLA/IDOR, mass assignment, rate-limit abuse

).● Strong grasp of authentication and authorization models, including JWT, OIDC, and session handlin

g.● Working knowledge of DevSecOps practices and embedding security testing into CI workflows (GitHub Actions

).● Ability to build reproducible proofs and utilize scripting (Python/Node) for light automatio

n.● Familiarity with Cloudflare WAF/API Shield and API gateway architectures (Kong/AWS API Gateway) is a plu

s.

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 150485363

Similar Jobs

Bengaluru, India

Skills:

API securityOwasp Top 10Wafegress DLPDDoS mitigationidentity MFASSPM

Bengaluru, India

Skills:

VeracodeApplication SecurityBash ScriptingTerraformSonarqubeAnsibleMicrosoft Office ToolsWizAI-enabled development practices

Bengaluru, India

Skills:

JavaDASTDevSecOpsJavascriptApplication SecurityOwasp Top 10PythonCWESCASAST

Bengaluru, India

Skills:

PrometheusJavascriptDockerKubernetesPythonHashiCorp VaultGoGRPCGitHub ActionsSCASASTSemgrep

Bengaluru, India

Skills:

WafAPI securityOwasp Top 10SSPMidentity MFADDoS mitigationegress DLP