Application Security Engineer

Role Overview: You will be joining KKR as an experienced Product Security Analyst, responsible for designing, implementing, and maintaining security measures across various applications. Your role will involve working closely with different teams to ensure a strong security posture aligned with industry best practices and regulatory requirements. Additionally, you will be involved in identifying future security needs and exploring innovative solutions. This is a full-time position based in the Gurugram office with a 4-day in-office and 1-day flexible work arrangement. Key Responsibilities: - Conduct application security assessments and penetration tests to identify vulnerabilities and security issues. - Collaborate with the software development team to ensure secure coding practices are implemented throughout the application development lifecycle. - Design and implement security solutions to protect applications from potential threats. - Provide guidance and recommendations on application security best practices. - Stay updated on the latest security trends, threats, and countermeasures. - Participate in incident response and handling activities related to application security incidents. - Conduct security awareness and training sessions for the development team to promote secure coding practices. - Develop and maintain application security standards, policies, and procedures. - Report and document security findings and remediation activities. - Integrate security tools and practices into the continuous integration/continuous delivery (CI/CD) pipeline. Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field. - At least 5 years of proven experience as an Application Security Engineer or similar role. - Strong understanding of the software development life cycle (SDLC) and secure coding practices. - Proficiency in conducting security assessments and penetration tests. - Experience with security tools and technologies such as firewalls, VPNs, IDS/IPS, and NAC. - Knowledge of regulatory requirements and industry best practices related to application security. - Experience with cloud security and DevSecOps practices. - Familiarity with OWASP Top Ten and other security frameworks. - Team-player who enjoys working collaboratively and is an active contributor as part of a global team. - Ability to work under pressure, meet deadlines, and solve problems creatively. - Ability to present ideas in a user-friendly, business-friendly, and technical language. - Strategic self-starter with an innovative mindset and outstanding attention to detail. Role Overview: You will be joining KKR as an experienced Product Security Analyst, responsible for designing, implementing, and maintaining security measures across various applications. Your role will involve working closely with different teams to ensure a strong security posture aligned with industry best practices and regulatory requirements. Additionally, you will be involved in identifying future security needs and exploring innovative solutions. This is a full-time position based in the Gurugram office with a 4-day in-office and 1-day flexible work arrangement. Key Responsibilities: - Conduct application security assessments and penetration tests to identify vulnerabilities and security issues. - Collaborate with the software development team to ensure secure coding practices are implemented throughout the application development lifecycle. - Design and implement security solutions to protect applications from potential threats. - Provide guidance and recommendations on application security best practices. - Stay updated on the latest security trends, threats, and countermeasures. - Participate in incident response and handling activities related to application security incidents. - Conduct security awareness and training sessions for the development team to promote secure coding practices. - Develop and maintain application security standards, policies, and procedures. - Report and document security findings and remediation activities. - Integrate security tools and practices into the continuous integration/continuous delivery (CI/CD) pipeline. Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field. - At least 5 years of proven experience as an Application Security Engineer or similar role. - Strong understanding of the software development life cycle (SDLC) and secure coding practices. - Proficiency in conducting security assessments and penetration tests. - Experience with security tools and technologies such as firewalls, VPNs, IDS/IPS, and NAC. - Knowledge of regulatory requirements and industry best practices related to application security. - Experience with cloud security and DevSecOps practices. - Familiarity with OWASP Top Ten and other security frameworks. - Team-player who enjoys working collaboratively and is an active contributor as part of a global team. - Ability to