Senior Engineer- Application Security

Job Title: Senior Application-Security Engineer, Cybersecurity

Experience: 6-9 Years

Job Location: Remote, India

Position Overview:

The Senior Application Security Engineer, Cybersecurity will serve as a key member of the Cybersecurity Technical Assessments team, providing advanced expertise in secure software development practices and application tooling.  This role is responsible for managing and optimizing the application security tool stack—including SAST, DAST, SCA, IaC scanning, and secret detection—and ensuring its effective integration into the software development lifecycle (SDLC).  The Senior Application Security Engineer will collaborate with development, engineering, and product teams to identify, triage, and remediate vulnerabilities, while also mentoring junior engineers and contributing to the evolution of secure development practices across the organization.

Roles & Responsibilities

• Manage and optimize application security tools (SAST, DAST, SCA, IaC, secret scanning) and ensure effective integration into CI/CD pipelines and the SDLC lifecycle
• Analyze source code and infrastructure-as-code for security vulnerabilities and provide actionable remediation guidance
• Validate and triage findings from security tools, removing false positives and ensuring accurate issue tracking
• Create and manage remediation tickets (e.g., Aha! Ideas, ServiceNow Requests), ensuring vulnerabilities are prioritized, assigned, and tracked to resolution
• Collaborate with development and engineering teams to validate remediation efforts and confirm closure of security issues
• Participate in the risk management process by documenting, reviewing, and maintaining risk exceptions for unresolved or accepted vulnerabilities
• Work with risk owners and business stakeholders to ensure appropriate compensating controls are in place and documented
• Lead secure code reviews and contribute to threat modeling and design discussions for high-risk applications
• Develop and maintain dashboards and reports that communicate application security posture, remediation progress, and risk trends to leadership
• Stay informed on emerging threats, vulnerabilities, and industry trends, and recommend improvements to tooling and processes

Required Skills

• Preferred Certifications: CISSP, CSSLP, CCSP, OSWE, OSCP, GPEN, GWEB
• A minimum of 5 years of experience in software development, architecture, or engineering roles
• A minimum of 3-5 years of experience applying secure development practices or working directly with application security tools (e.g., SAST, DAST, SCA, IaC scanning)
• Proficiency in one or more programming languages such as Java, .NET (C#), PHP, JavaScript, or Python)
• Strong understanding of OWASP Top10 and secure coding standards
• Strong collaboration skills - partner with others teams to solve problems, incorporate feedback and ensure smooth delivery
• Strong business analysis, documentation, and presentation skills

Why Join US? 

• We adapt emerging technologies to practical uses to deliver concrete solutions that bring maximum impact to providers’ bottom line. We currently have 10 Technology Patents in our name.
• We offer you a great organization to work for, where you will get to do best work of your career and grow with the team that is shaping the future of Revenue Cycle Management.
• We have our strong focus on Learning and development. We have the best Industry standard professional development policies to support the learning goals of our associates.
• We have flexible/ remote working/ working from home options

Benefits

• Health Benefits and Insurance Coverage for family and parents. Accidental Insurance for the associate.
• Compliant with all Labor Laws- Maternity benefits, Paternity Leaves.
• Company Swags- Welcome Packages, Work Anniversary Kits
• Exclusive Referral Policy
• Professional Development Program and Reimbursements.
• Remote work – flexibility to work from home.