Application Security Engineer

Location: Bengaluru

Job Title

Application Security Engineer

Job Description

So, who are we

Hello, we're IG Group. We are a publicly-traded FTSE
250 Fin Tech company who run mobile, web and desktop platforms that help our clients trade stocks & shares, leveraged products, Futures & Options and Crypto.

We are ambitious. Over 340,000 people already use our platforms. We're global with offices in 18 countries and products in 16 regions. We're hungry to move faster, ship better product for our customers and grow our user base. We believe in high autonomy, and we want people who are looking to do things differently in order to create better experiences for our customers.

We work in cross-functional teams and are laser focused on increasing the number of active clients we serve to drive sustainable growth.

Your team

We are seeking a passionate 'Application Security Engineer' who has hands-on experience in securing applications across SDLC, Penetration Testing. The ideal candidate will be responsible for identifying vulnerabilities, conducting security assessments, collaborating with developers and helping to embed security best practices into product development.

Your role in the Team's Success

Your role contributes to the success of the App Sec team by proactively identifying and mitigating application security risks, collaborating with developers and product teams to embed security early in the SDLC, Penetration Testing, SAST/DAST, Secret management, WAF, Purple Team Exercise . The position also supports process improvements, leverages automation to deliver security at pace, and helps strengthen overall security awareness across the organization.

What You'll Do

Perform security assessments/Penetration Testing of web, mobile, and cloud-based applications.
Conduct secure code reviews, threat modelling, and architecture reviews.
Collaborate with engineering teams to integrate security into CI/CD pipelines.
Identify, validate, and track remediation of vulnerabilities discovered through SAST, DAST, SCA, and penetration testing.
Develop and enforce secure coding standards and guidelines.
Execute Purple Team/Red Team exercise and work closely with SOC team on this.
Provide training and guidance to developers on application security best practices.
Research and stay up-to-date with emerging security threats, tools, and techniques.
Support incident response and root cause analysis for application-related security issues.

What You'll Need For This Role

Bachelor's degree in Computer Science, Information Security or related field.
At least 2 - 3 years of professional experience in Application Security / Secure Software Development Lifecycle (SSDLC) / Cyber security / Offensive Security.
Strong understanding of common vulnerabilities and mitigation techniques (OWASP Top 10, SANS 25, etc.).
Hands-on experience with one or more security tools:
SAST (Checkmarx, Fortify, Sonar Qube, etc.)
DAST (Burp Suite, OWASP ZAP, App Scan, etc.)
SCA (Black Duck, Snyk, etc.)
WAF(Akamai, Barracuda,etc)
Familiarity with cloud environments (AWS, Azure, GCP) and related security controls.
Exposure to bug bounty programs or responsible disclosure.
Strong knowledge on Attack simulations/Red team/purple team exercise.
Working knowledge of Dev Ops/Dev Sec Ops  tools and processes (Jenkins, Git Hub Actions, Git Lab CI/CD).
Excellent problem-solving and communication skills.

Preferred (Nice-to-Have)

Relevant certifications such as OSWE, OSCP, GWAPT, eWPT, CEH, CAPT or CSSLP.

Experience with container and Kubernetes security.
Knowledge of API security testing (Postman, SoapUI, or Burp plugins).
Experience in secure code review.

How We Work

We try to take a thoughtful approach to our ways of working as a company. We follow a hybrid working model with 3 days in the office -- which we think balances the need to collaborate effectively and connect with each other. When it comes to how we deliver, there are 5 things we want everyone to do to drive high performance, better learning and career satisfaction:

Lead and Inspire:
Drives trust, alignment, and enthusiasm
Think Big:
Focus on the problems that most impact commercial outcomes
Champion the client:
Understand and prioritise client's needs
Deliver at pace:
Push for fast, sustainable growth;
Raise the bar:
Take ownership, be accountable and share feedback

We believe that diversity is vital to success, it fuels creativity, drives innovation and sets us up for global success. We're committed to building teams with a variety of perspectives and skills to help us realise our vision and strategy, that's why we encourage applications from people with diverse backgrounds and experiences to join us on this journey. Learn more about our D&I approach here.

The Perks

Your growth fuels our success! Thrive with tailored development programs, mentoring opportunities with leaders, and clear career progression. Expand your network through committees, sports and social clubs. Enjoy extra time off for volunteering and community work.

Matched giving for your fundraising activity
Flexible…