Senior Application Security Engineer

Role Overview:The Application Security Senior Engineer will play a crucial role in safeguarding our applications and digital assets against security threats. With a primary focus on Vulnerability Assessment and Penetration Testing (VAPT), the role involves identifying, assessing, and mitigating security vulnerabilities across our application portfolio. This position requires a proactive mindset, strong technical skills, and the ability to collaborate effectively with cross-functional teams and support the security projects.You'll be Responsible for?Vulnerability Assessment and Penetration Testing (VAPT):Conduct comprehensive security assessments of applications using industry-standard tools and techniques.Perform manual testing and automated scans to identify vulnerabilities such as OWASP Top 10, SQL injection, XSS, CSRF, etc.Analyze and interpret assessment findings, providing clear and actionable recommendations to development teams.Support the security gating process with timely security assessment and reporting.Provide guidance and assistance on secure software development life cycle.Track identified vulnerabilities through to resolution, collaborating closely with development teams to ensure timely mitigation.Provide detailed vulnerability reports and metrics to stakeholders, including risk assessments and remediation progress.Support for Security Projects:Actively participate in security projects and initiatives, providing expertise and guidance on application security best practices.Perform Security Architecture review for existing and new security projects and guide on security best practices.Collaborate with architects and developers to integrate security into the SDLC (Secure Development Life Cycle) and CI/CD pipelines.Incident Response and Support:Assist in incident response activities related to application security incidents.Contribute to root cause analysis and lessons learned sessions to improve incident handling and prevention strategies.Security Awareness and Training:Develop and deliver training sessions on secure coding practices and application security awareness.Promote a culture of security within the organization, advocating for continuous improvement and adherence to security policies.What we'll look in you?Bachelor's degree in computer science/information technology, or a related field.Minimum of 5 years of experience in application security, with a focus on VAPT and secure development practices.Proven experience with security assessment tools such as Burp Suite, Qualys, Nessus, etc.Strong understanding of web application architecture, including front-end, back-end, and APIs.Solid knowledge of OWASP guidelines and best practices for secure coding.Certifications such as CISSP, CEH, OSCP, or similar are preferred.Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders.Strong analytical and problem-solving skills, with attention to detail.Why join us?Impactful Work: Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry.Tremendous Growth Opportunities: Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development.Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated.Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees.www.tanla.com PRB