Senior Application Security Engineer
Hyderabad India
Model N
Model N's leading cloud-based revenue management solutions for high tech and life sciences industries allow companies to impact their top-line. Maximize every revenue moment.Job Responsibilities
- Operations in Security Integration: Architect and implement advanced security measures into our CI/CD pipeline, ensuring seamless automation of security testing, vulnerability management, and compliance validation across all development phases.
- Comprehensive Threat Modeling: Lead and facilitate thorough threat modeling sessions with cross-functional teams, identifying and prioritizing potential risks and vulnerabilities during the design and development stages.
- Advanced Code Analysis: Conduct expert-level static and dynamic code analysis, providing in-depth feedback and mentorship to developers on secure coding practices, while ensuring adherence to security standards.
- Tooling Innovation: Research, evaluate, and implement state-of-the-art application security tools (SAST, DAST, SCA) to automate testing processes and enhance vulnerability reporting, ensuring that security measures evolve alongside emerging threats.
- Incident Response Excellence: Collaborate with incident response teams to analyze and mitigate security incidents, developing and refining processes to learn from incidents and strengthen defenses.
- Robust Training and Advocacy: Design and deliver comprehensive security training programs for developers and stakeholders, promoting a proactive security culture and enhancing awareness of application security best practices.
- Policy Development and Governance: Drive the creation and continuous improvement of application security policies, standards, and frameworks, ensuring alignment with industry best practices, regulatory requirements, and business objectives.
- Risk Management & Remediation: Drive the risk reduction with Products, Platforms and Infrastructure by recommending security remediation approach and participating in risk reduction planning/strategy. Continue to scale Risk Remediation program by supporting risk backlog and other opportunities to reduce risk.
- Strategic Cross-Functional Collaboration: Engage effectively with DevOps, product management, product development, project managers, cloud operations and engineering, and IT teams to ensure security is integrated into the product development process, fostering a culture of shared responsibility for security.
Job Qualification
- 7+ years of hands-on experience in application security, with significant expertise in CI/CD and DevSecOps environments.
- Mastery of leading application security tools (e.g., Checkmarx, Qualys, Burp Suite, Rapid 7, Tenable, Snyk etc.) and methodologies.
- In-depth knowledge of web application vulnerabilities (OWASP Top 10) and secure coding frameworks (e.g., OWASP ASVS).
- Proficient in containerization technologies (Docker, Kubernetes) and securing cloud environments (AWS, Azure, GCP).
- Industry-recognized certifications such as CISSP, CISM, CEH, or CSSLP are strongly preferred but not required.
- Project planning, communication, and collaboration skills, with the ability to influence and drive change across diverse teams.
- BE/BTech or equivalent in Computer Science, Information Security, or a related field; advanced degrees preferred.
We’re constantly growing and may have something for you later on if this is not the right opportunity for you. Check out our career site to learn more about Model N or view other jobs: https://www.modeln.com/company/careers/
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure Burp Suite CEH Checkmarx CI/CD CISM CISSP Cloud Code analysis Compliance Computer Science CSSLP DAST DevOps DevSecOps Docker GCP Governance Incident response Kubernetes OWASP Product security Qualys Risk management SAST SDLC Security strategy Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.