Developer III - Software Engineering

3 - 5 Years
1 Opening
Kochi

Experience: 2-4 Years

Hiring Location: Bangalore, Chennai, Trivandrum, Kochi, Hyderabad, Noida, Pune

We are looking for a skilled and detail-oriented Application Security Engineer with a strong development background to join our Cybersecurity team. This role focuses on securing applications and APIs through manual testing, secure code reviews, and close collaboration with development teams. The ideal candidate will combine strong programming skills with deep knowledge of modern application security practices, including DevSecOps.

Key Responsibilities

• Perform manual security testing of RESTful and GraphQL APIs to identify vulnerabilities.

• Conduct secure source code reviews and assess application implementations.

• Validate APIs and applications against OWASP Top 10, ASVS, and internal security standards.

• Evaluate and enhance authentication, authorization, encryption, and input validation controls.

• Collaborate with development teams to support secure SDLC and remediation activities.

• Provide clear, actionable recommendations based on security findings.

• Stay updated on emerging security threats, tools, and best practices in application security.

Must-Have Skills

• Hands-on experience with manual application and API security testing.

• Strong programming skills in Java, JavaScript, and Python.

• Practical experience with security testing tools such as Postman, Burp Suite, OWASP ZAP.

• Solid understanding of OWASP Top 10, ASVS, and secure coding principles.

• Ability to read, analyze, and review source code to identify security flaws.

• Strong communication, documentation, and problem-solving abilities.

• Ability to manage testing activities aligned with product release cycles.

Good-to-Have Skills

• Security certifications such as OSCP, CSSLP, GWAPT, or equivalent.

• Experience with cloud platforms (AWS, Azure, GCP).

• Familiarity with DevSecOps practices and security integration in CI/CD pipelines.

• Knowledge of container security (Docker, Kubernetes).

Java,Javascript,Python