Lead Security Engineer - Application Security
Job Summary
Job Description
This role at Dream11 involves embedding security across the SDLC, working with development, DevOps, and product teams. Key responsibilities include leading secure architecture/design reviews, performing deep-dive assessments for web and mobile apps, and conducting manual and automated vulnerability testing. The role also focuses on promoting secure coding, building security automation tools, and supporting incident response for application-layer threats. The ideal candidate will contribute to a mobile-first platform managing high user concurrency and a large micro-services architecture.
Must have:
- Embed security across the SDLC by working closely with development, DevOps, and product teams.
- Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
- Conduct manual and automated vulnerability testing, including penetration tests.
- Promote secure coding and threat modeling through training and best practice guidance.
- Build and automate security tools/workflows, ideally using GenAI.
- Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations.
Good to have:
- Participation in bug bounty programs
- CTFs
- open-source security projects
7 skills required
Job Details
Your Role:
- Embed security across the SDLC by working closely with development, DevOps, and product teams.
- Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
- Conduct manual and automated vulnerability testing, including penetration tests.
- Promote secure coding and threat modeling through training and best practice guidance.
- Build and automate security tools/workflows, ideally using GenAI.
- Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations
Qualifiers:
- 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews.
- Participation in bug bounty programs, CTFs, or open-source security projects.
- Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies.
- Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails.
- Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows.
Similar Jobs
Applied materials
Bengaluru, Karnataka, India (On-Site)
• 2 Months ago
![Sourcegraph Inc - Security Engineer [IC3]](/_next/image?url=https%3A%2F%2Foutscal-lms-data.s3.ap-south-1.amazonaws.com%2Fcompany-image%2Fproduction%2Fsourcegraph%2Fsourcegraph_logo_10_16_2024__09_22_23.jpg&w=256&q=50){kind=logo}
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Qualcomm
Bengaluru, Karnataka, India (On-Site)
• 2 Months ago
PayPal
Mexico City, Mexico City, Mexico (Hybrid)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Jobs in Mumbai, Maharashtra, India
%3Aformat(webp)&w=256&q=50)
Safe security
Bengaluru, Karnataka, India (On-Site)
• 5 Months ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
Tencent
Shenzhen, Guangdong Province, China (On-Site)
• 2 Months ago
bytedance
San Jose, California, United States (On-Site)
• 5 Months ago
InMobiInMobi
Bengaluru, Karnataka, India (On-Site)
• 3 Months ago
Get notifed when new similar jobs are uploaded
