Lead Specialist, Application Security
India
Full Time
2 hours ago
No Sponsorship
Key skills
AWSAzureCloudCyber SecurityJavaJavaScriptKubernetesPythonSDLCAIGenAIAgenticCI/CDLeadershipCommunicationOWASP
About this role
Role Overview
- Provide security guidance for AI technologies, including GenAI and agentic systems, ensuring responsible and secure adoption.
- Perform advanced secure code reviews, dependency scanning (SCA), and dynamic application security testing (DAST/IAST) across a wide range of applications and technology stacks.
- Conduct in-depth risk assessments and provide clear, actionable remediation guidance aligned with business priorities.
- Act as an application security subject matter expert, guiding teams on secure design, architecture, and implementation patterns.
- Embed application security controls into SDLC and CI/CD pipelines, ensuring security is integrated without slowing delivery.
- Design, review, and advise on secure authentication and authorization mechanisms, APIs, and identity integrations.
- Identify systemic security weaknesses and drive long-term improvements to reduce recurring vulnerabilities.
- Partner closely with software engineers, architects, platform, and DevOps teams to solve security problems collaboratively.
- Influence secure engineering practices through technical credibility, design reviews, and hands-on support, not policy enforcement.
- Act as a trusted advisor to engineering leadership on application security risks, trade-offs, and improvements.
- Contribute to internal security guidance, patterns, and documentation to improve security maturity at scale.
- Stay current with emerging threats, attack techniques, and application security trends, translating insights into practical improvements.
- Support secure adoption of cloud-native and containerized platforms (AWS, Azure, Kubernetes).
Requirements
- Good exposure to and understanding of AI technologies, including GenAI and agentic systems.
- 8+ years of combined experience in software development, cybersecurity, and application security.
- Proven track record as a senior / expert-level individual contributor in application security.
- Strong hands-on experience with application security tools, including SAST, DAST/IAST, and SCA.
- Deep understanding of secure software development practices and integrating security into SDLC and CI/CD pipelines.
- Proficiency in one or more programming languages such as Python, Java, and JavaScript.
- Strong knowledge of application security standards and frameworks (OWASP, NIST, CIS).
- Advanced understanding of cryptography, authentication, authorization, and identity concepts.
- Practical experience with threat modelling and use of commercial threat modelling tools.
- Experience securing cloud and containerized environments (AWS, Azure, Kubernetes).
- Excellent communication skills with the ability to influence cross-functional teams through technical expertise.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Java
- JavaScript
- Kubernetes
- Python
- SDLC
Benefits
- Competitive compensation, benefits, and long-term career growth on a technical expert track.