Chief Manager – Secure Coding & Application Security

8 years

0 Lacs

Posted:6 days ago| Platform: GlassDoor logo

Apply

Work Mode

On-site

Job Type

Full Time

Job Description

Requirements

    Security Engineer with a strong background in Java (Full Stack) based Software Development, Spring MVC, Spring Boot, Spring Security, Hibernate including secure software development practices.
    Hands-on experience in source code reviews, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and API security.
    8+ years of experience
      5+ Years in development experience in designing and deploying software systems in Java, building robust and high-availability systems for critical business operations
      Minimum 3+ years of experience in designing and implementing security solutions for Java-based applications and APIs.
    Understanding of Cryptography and implementation experience of the same.
    Deep understanding of secure coding standards and vulnerability remediation.
    Exposure to microservices development.

Key Responsibilities:

    Ensure the security robustness of applications by promoting integration ofsecurity into the software development lifecycle (SDLC) by providing necessary inputs to the development team.
    Participate in threat modelling and security design reviews.
    Conduct manual and automated source code reviews to identify security vulnerabilities and coding issues.
    Integrate and manage SAST tools (e.g., SonarQube, Fortify, Checkmarx) within CI/CD pipelines.
    Analyse the Application Security Test reports and identify and eliminate possible false positives reported. If required coordinate with development team to confirm before elimination.
    Collaborate with Development teams to remediate vulnerabilities and implement secure coding practices.
    Ensure API security through proper authentication, authorization, rate limiting, and input validation.
    Coordinate withSoftware Developers in validating and mitigating observations in DAST assessments using tools like WebInspect, Burp Suite, OWASP ZAP, etc.
    Mentor junior developers on secure coding standards and best practices.
    Stay updated with the latest security trends, vulnerabilities, and mitigation techniques.

Required Qualifications:

    B.E./B.Tech. in CS/ IT/ ECE/ EEE, MCA, M.Sc. CS/IT fulltime course from a reputed institute with a good academic track record.
    8+ years of experience in Java development with a focus on secure coding including designing and implementing security solutions.
    Strong understanding of OWASP Top 10, CWE, and other security frameworks.
    Experience with SAST/DAST tools and interpreting their results.
    Familiarity with API security standards (e.g., OAuth2, JWT, OpenAPI).
    Experience with DevSecOps practices and CI/CD integration.

Preferred Qualifications:

    Certifications such as OCJP, CSSLP (ISC2), OSCP(OffSec).
    Exposure to secure SDLC frameworks and governance, such as OWASP SAMM and the NIST SSDF.
    Exposure to microservices deployments in east-west and north-south traffic preferred.
    Exposure containerization and orchestration technologies, including Docker and Kubernetes, for deploying and managing scalable, secure, and resilient applications in distributed environments.

Last date to apply would be as 13-12-2025.

Job Features

Job Category
Information Technology (IT)

Mock Interview

Practice Video Interview with JobPe AI

Start Java Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

coding practice

Enhance Your Java Skills

Practice Java coding challenges to boost your skills

Start Practicing Java Now