GrepJob
Zeta Global

Senior Application Security Engineer

Zeta Global
Apply
3 days ago
Bengaluru, IndiaSenior / Mid Level
H1B Sponsor

Responsibilities

  • Conduct threat modeling and security reviews for distributed cloud-native systems.
  • Perform security code reviews, static/dynamic analysis (SAST/DAST), and dependency scanning.
  • Participate in incident response exercises and red/blue team simulations.
  • Assess third-party libraries, APIs, and vendor integrations for security compliance.
  • Partner with developers and QA engineers to embed security testing into CI/CD pipelines.
  • Review architecture and design documents to identify and mitigate risks early.
  • Contribute to security automation initiatives and tooling to improve developer velocity.
  • Support security checkpoints in release and deployment processes.
  • Stay current on evolving security risks, frameworks, and attack vectors.
  • Assist in designing and deploying proactive defense mechanisms across applications and data platforms.
  • Support investigations and post-incident reviews to strengthen detection and prevention capabilities.
  • Advocate secure coding and best practices through code reviews, workshops, and documentation.
  • Contribute to internal security standards and playbooks.
  • Collaborate closely with Engineering, DevOps, and Product teams to foster a security-first culture.

Requirements

  • Bachelor’s degree in computer science, Cybersecurity, or related field, or equivalent experience.
  • 2 - 4 years of experience in Application Security, DevSecOps, or Secure Software Development.
  • Strong understanding of OWASP Top 10, SANS CWE Top 25, and general application threat modeling.
  • Experience with frameworks and architectures such as React, Node.js, Django, or FastAPI.
  • Knowledge of securing APIs, microservices, and authentication mechanisms (OAuth2, OIDC, JWT).
  • Experience with cloud platforms (AWS, GCP, Azure) and containerization (Docker, Kubernetes).
  • Working knowledge of security testing tools (e.g., Semgrep, SonarQube, Burp Suite, Zap, Trivy).
  • Solid collaboration and communication skills with cross-functional teams.

Tech Stack

AWSAzureDjangoDockerFastAPIGoogle Cloud PlatformKubernetesNode.jsReactSonarQube

Categories

AI & MLSecurity