Senior Application Security Engineer at HCLSoftware | creonjobs.com
fulltime Posted 1 day ago
Senior Application Security Engineer ₹25,00,000 - ₹37,50,000/year ATS Match is available
1) Upload your resume. 2) Open any job and click Check ATS Match to see your fit score.
Sign in to check your resume match
Resume Tailoring
Sign in to tailor your resume for this role.
Salary
₹25,00,000 - ₹37,50,000/year
Track your application in your dashboard
Junior Application Security Consultant – AppScan Professional Services
Role Overview
We are seeking a
Junior Application Security Consultant
to support the deployment and operation of
HCL AppScan
solutions within a large banking environment. The consultant will work as part of the
AppScan Professional Services team
, supporting the customer’s application security program by assisting with security scanning operations, vulnerability analysis, and DevSecOps integration activities.
This role involves
long-term onsite engagement
with the banking customer in Mumbai and close collaboration with application development teams, security teams, and DevSecOps engineers.
Key Responsibilities
Application Security Scanning
Execute
Static Application Security Testing (SAST)
scans using HCL AppScan.
Execute
Dynamic Application Security Testing (DAST)
scans against web applications.
Perform
Software Composition Analysis (SCA)
scans to identify vulnerable open-source components.
Monitor scheduled scans and troubleshoot scan execution issues.
Vulnerability Analysis & Reporting
Review and triage vulnerabilities identified during security scans.
Assist development teams in understanding reported vulnerabilities.
Generate and distribute vulnerability reports and remediation summaries.
Track remediation progress and validate fixes through rescan activities.
DevSecOps Integration Support
Assist with integrating AppScan scanning into
CI/CD pipelines
.
Support application teams with
scan execution in build pipelines
.
Help maintain scanning workflows within DevSecOps environments.
Customer Engagement
Act as a
technical liaison between the customer and the AppScan Professional Services team
.
Provide guidance to development teams on interpreting scan results.
Participate in regular status meetings with customer stakeholders.
Operational Support
Monitor AppScan platform usage and ensure scanning operations run smoothly.
Assist with onboarding new applications into the scanning program.
Document scanning procedures and maintain operational runbooks.
Required Qualifications
Bachelor’s degree in
Computer Science, Information Security, or related field
.
1–3 years of experience
in application security, security testing, or DevSecOps.Basic understanding of
web application architecture and APIs
.
Familiarity with
OWASP Top 10 vulnerabilities
.
Experience with
web technologies
(HTTP, REST APIs, JSON, XML).
Understanding of
CI/CD pipelines
and modern development workflows.
Strong analytical and problem-solving skills.
Preferred Skills
Experience with
HCL AppScan
,
DAST
,
SAST
, or similar tools (Checkmarx, Veracode, Fortify, etc.).
Knowledge of
secure coding practices
.
Familiarity with
Java, .NET, or modern web frameworks
.
Exposure to
cloud environments or container platforms
.
Experience working in
financial services or regulated environments
.
Key Competencies
Strong communication skills with both
technical and non-technical stakeholders
.
Ability to work independently in a
customer-facing onsite role
.
Attention to detail in vulnerability analysis and reporting.
Ability to manage multiple applications and scan schedules simultaneously.
Work Environment
Full-time onsite deployment at a banking customer location in Mumbai. Collaboration with global
AppScan Professional Services teams
.
Exposure to
enterprise-scale application security programs
.