Enable job alerts via email!
Lead Security Engineer - Application Security
Houston Texans
Mumbai Suburban
On-site
INR 15,00,000 - 25,00,000
Full time
Job summary
A leading tech company in Mumbai is seeking an experienced Application Security Engineer to embed security across the software development lifecycle. You will lead security reviews, conduct vulnerability testing, and promote best practices in secure coding. Ideal candidates will have over 7 years of experience in AppSec, particularly with a focus on mobile and web security. This role offers an opportunity to innovate in a fast-paced environment.
Qualifications
- 7+ years in AppSec, with 4+ years in mobile/web security testing.
- Participation in bug bounty programs or open-source security projects.
- Strong knowledge of OWASP Top 10 and SANS 25.
Responsibilities
- Embed security across the SDLC by collaborating with teams.
- Lead secure architecture/design reviews.
- Conduct manual and automated vulnerability testing.
Skills
**Technology @Dream11:**Technology is at the core of everything we do. Our technology team helps us deliver a mobile-first experience across platforms (Android & iOS) while managing over 700 million rpm (requests per minute) at peak with a user concurrency of over 16.5 million.
At Dream11, we have over 190+ micro-services written in Java and backed by a Vert.x framework. These work with isolated product features with discrete architectures to cater to the respective use cases. We work with terabytes of data, the infrastructure for which is built on top of Kafka, Redshift, Spark, Druid, etc. and it powers a number of use cases like Machine Learning and Predictive Analytics. Our tech stack is hosted on AWS, with distributed systems like Cassandra, Aerospike, Akka, Voltdb, Ignite, etc.
We don’t just create for the users of today, but are driven to innovate for the sports fans of tomorrow. If you like to build with clean, resilient, and scalable code, this is the place for you. Check out some of our recent developments, all built with the same philosophy in mind.Your Role:
- Embed security across the SDLC by working closely with development, DevOps, and product teams.
- Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
- Conduct manual and automated vulnerability testing, including penetration tests.
- Promote secure coding and threat modeling through training and best practice guidance.
- Build and automate security tools/workflows, ideally using GenAI.
- Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations
Qualifiers:
- 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews.
- Participation in bug bounty programs, CTFs, or open-source security projects.
- Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies.
- Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails.
- Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
