Lead Security Engineer - Application Security
2 Months ago • 7 Years +
Cyber Security
Job Description
This role at Dream11 involves embedding security across the SDLC, working with development, DevOps, and product teams. Key responsibilities include leading secure architecture/design reviews, performing deep-dive assessments for web and mobile apps, and conducting manual and automated vulnerability testing. The role also focuses on promoting secure coding, building security automation tools, and supporting incident response for application-layer threats. The ideal candidate will contribute to a mobile-first platform managing high user concurrency and a large micro-services architecture.
Good To Have:
- Participation in bug bounty programs
- CTFs
- open-source security projects
Must Have:
- Embed security across the SDLC by working closely with development, DevOps, and product teams.
- Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
- Conduct manual and automated vulnerability testing, including penetration tests.
- Promote secure coding and threat modeling through training and best practice guidance.
- Build and automate security tools/workflows, ideally using GenAI.
- Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations.
Your Role:
- Embed security across the SDLC by working closely with development, DevOps, and product teams.
- Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
- Conduct manual and automated vulnerability testing, including penetration tests.
- Promote secure coding and threat modeling through training and best practice guidance.
- Build and automate security tools/workflows, ideally using GenAI.
- Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations
Qualifiers:
- 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews.
- Participation in bug bounty programs, CTFs, or open-source security projects.
- Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies.
- Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails.
- Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows.
Set alerts for more jobs like Lead Security Engineer - Application Security
Set alerts for new jobs by Dream Sports
Set alerts for new Cyber Security jobs in India
Set alerts for new jobs in India
Set alerts for Cyber Security (Remote) jobs
