Security Test Engineer For Product Company-Pune

Lead and perform advanced application security testing (SAST, DAST, IAST) for web,

mobile, and cloud-native applications.

Design security test strategies, perform vulnerability assessments, and report findings

with risk prioritization and remediation recommendations.

Collaborate with development, QA, and DevOps teams to integrate security testing into

CI/CD workflows.

Conduct threat modelling sessions and define security requirements early in the project

lifecycle.

Simulate real-world attacks (ethical hacking, red teaming) and ensure application

hardening against OWASP Top 10 and CWE vulnerabilities.

Review code, architecture, and infrastructure for security compliance and weaknesses.

Stay updated on evolving security threats, tools, and best practices.

Mentor junior analysts and contribute to the security knowledge base.

What is needed from you:

Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related

discipline.

7 to 10 years of experience in security testing, application security, or security

engineering.

Proficiency in tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode,

Metasploit, Kali Linux.

In-depth understanding of threat modelling, risk assessment methodologies, and secure

development practices.

Strong knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices.

Experience with scripting languages such as Python, Bash, or PowerShell.

Hands-on experience integrating security into DevOps/DevSecOps pipelines (e.g.,

GitHub Actions, Jenkins, GitLab CI).

Familiarity with cloud platforms (AWS, Azure, GCP) and their security controls.

Certifications like OSCP, CEH, GWAPT, CISSP, or SANS GIAC are highly desirable.

What will you get:

Opportunity to work in Product Development and excellent learning opportunities Healthy work environment, peer to peer collaborative work culture

Individual growth and encouraging opportunities with highly motivated team Work-Life Balance