Staff Application Security Engineer

Delhi, India

Full Time Senior-level / Expert USD 28K - 67K * ^est.

Chegg

Get step-by-step Textbook Solutions or ask homework questions to get expert answers, plus textbook rentals, writing & citation help, exam prep and more.

View all jobs at Chegg

Apply now Apply later

Posted 5 hours ago

Job Description

Role: Staff Application Security Engineer

Location: New Delhi, India

As a Staff Application Security Engineer at Chegg, you'll shape how security integrates into our product lifecycle, development pipelines, and developer onboarding. We're seeking a curious, collaborative, and strategic security professional to define, lead, and evolve our application security practices alongside product and infrastructure engineering teams.

What You'll Do:

Perform secure design and code reviews, identifying and prioritizing risks, attack surfaces, vulnerabilities, and providing mitigation strategies.

Drive the remediation of critical vulnerabilities and clearly communicate risks and solutions to stakeholders.

Proactively eliminate entire vulnerability classes through security architecture improvements and secure coding practices.

Continuously improve Chegg’s security posture with software and service platforms including Hackerone, Cobalt.io, and Wiz.io.

Mentor and guide junior security engineers and cross-functional teams on secure software development best practices.

What You'll Bring:

8+ years of experience in application security, secure software development, and cloud infrastructure security.

Experience securing APIs, microservices architectures, and addressing modern infrastructure security challenges.

Deep understanding of authentication and authorization protocols such as OAuth, OIDC, SAML, and JWT.

Hands-on experience with static application security testing (SAST) and software composition analysis (SCA) tools.

Developer-level proficiency in at least one programming language—preferably Python, Java, JavaScript, or Golang.

Familiarity with front-end and back-end technologies such as React, Next.js, TypeScript, Node.js, GraphQL, and/or Java.

Creative, resourceful, and adaptive problem-solving capabilities.

Excellent communication skills, both written and oral, with the ability to effectively engage with stakeholders at all levels.

Strong ability to work independently and collaboratively across various teams, linking tactical initiatives to long-term strategic outcomes.

A genuine passion for security and continuous learning.

Stand-Out Qualifications:

Proven track record mentoring and developing junior team members.

Relevant experience in offensive security, penetration testing, or red teaming.

Expertise of cloud-native (AWS) technologies including containers, Kubernetes, and infrastructure-as-code (Terraform).

Experience with Gitlab CI/CD.

Contributions to the security community through open-source projects, research papers, or conference presentations.

Why do we exist?

Students are working harder than ever before to stabilize their future. Our recent research study called State of the Student shows that nearly 3 out of 4 students are working to support themselves through college and 1 in 3 students feel pressure to spend more than they can afford. We founded our business on provided affordable textbook rental options to address these issues. Since then, we’ve expanded our offerings to supplement many facets of higher educational learning through Chegg Study, Chegg Math, Chegg Writing, Chegg Internships, Thinkful Online Learning, and more to support students beyond their college experience. These offerings lower financial concerns for students by modernizing their learning experience. We exist so students everywhere have a smarter, faster, more affordable way to student.