Application Security Engineer

Millennium

Bengaluru, India

5-7 Years

Save

Posted 7 days ago
Be among the first 10 applicants

Early Applicant

Job Description

The successful candidate will be a subject matter expert with direct experience in a wide range of security technologies, tools, and methodologies. The role is suited for an experienced Application Security engineer with proven understanding in enterprise security and AI security and will focus on building toolsets and processes to drive adoption of secure practices across the enterprise. The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm's information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

Principal Responsibilities

AI Security Strategy: Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
AI Risk Management: Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning).
Security Consulting: Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects.
Lifecycle Engagement: Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards.
Program Development: Evangelize AppSec and AI security best practices through developer education, training materials, and outreach.
Tooling & Architecture: Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines.
Stakeholder Liaison: Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders.

Qualifications/Skills Required

Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field.
5+ years experience working as an Application Security Engineer, Software Engineer, or similar role.
Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs.
Experience working with AI models, Agentic frameworks and security risks associated with AI.
Experience in working with global teams, collaborating on code and presentations.
Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols.
Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions.
Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar.
Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
Familiarity with web application security testing tools and methodologies.
Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
Knowledge of Linux, OS internals and containers is a plus.
Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous.

More Info

Job Type:

Industry:

Function:

Employment Type:

About Company

MillenniumJob Source: www.linkedin.com

Job ID: 148876003

Jobs by Skill - IT

Jobs by Skill - Non IT

International Jobs

Last Updated: 10-06-2026 00:22:11 PM

Homejobs in Bengaluru / BangaloreApplication Security Engineer

Similar Jobs

Application Security Engineer

Recro

4-7 yrs

Bengaluru, India

Skills:

Node, Mobile Security, Sonarqube, AWS API Gateway, Python, Scripting, Jwt, Burp Suite, Owasp Top 10, Cloudflare WAF, SAST tools, authorization models, GitHub Actions, OWASP ZAP, API security testing, API gateway architectures, Kong, secrets scanning, API Shield, session handling, DevSecOps practices, API security risks, Accunetix, OIDC, dependency scanning

Sr. Application Security Engineer (InfoSec)

openfx

4-6 yrs

Bengaluru, India

Skills:

DAST, Config, Bash, Burp Suite, Kms, Iam, Waf, Kubernetes, Python, AWS, OPA, Gatekeeper, Aqua, Go, Security Hub, Kyverno, ZAP, SAST, Falco, GuardDuty, Prisma

Application Security Engineer

GLEAN

5-7 yrs

Bengaluru, India

Skills:

Java, Maven, Gcp, Npm, DAST, Vulnerability Management, Burp Suite, AWS, Application Security, Python, Azure, container security, Snyk, package managers, dependency scanning, Trivy, OWASP ZAP, vulnerability management tools, GitHub Dependabot, pip, Go, Kubernetes security, microservices architectures, cloud-native security, SAST, Clair, Go modules

Senior Application Security Engineer

DigiCert

5-7 yrs

Bengaluru, India

Skills:

Security Vulnerabilities, DAST, Java, PowerShell, Cryptography, Bash, Javascript, Authentication, Python, SCA, Authorization, SAST, Security Protocols, DevSecOps tools

Senior Application Security Engineer

Hewlett Packard Enterprise Software

5-10 yrs

Bengaluru, India

Skills:

DAST, Github, API security, Javascript, Application Security, Gitlab, Python, AWS, Java, Node.js, Jenkins, Gcp, Owasp Top 10, Azure, MITRE ATLAS, Go, artifact signing, SAST, supply chain security frameworks, Secure Software Development, WAF tuning, secrets management, container scanning tools, build integrity, SCA, CI CD pipelines