Home
Hiring: DevSecOps Associate - Source Code Review Security
Location: Pune
No of Openings: 1

Key Responsibilities
Perform deep manual source code reviews across web, API, mobile, cloud-native, and microservices architectures
Identify and validate critical security vulnerabilities including:

  1. Broken Access Control
  2. Injection Flaws
  3. Authentication & Authorization Issues
  4. SSRF, XXE, Deserialization
  5. Business Logic Vulnerabilities
  6. Privilege Escalation
  7. Cloud & Container Security Weaknesses
  8. AI/LLM Security Risks

  1. Conduct:
    1. Secure Architecture Reviews
    2. Threat Modeling
    3. API Security Assessments
    4. Cloud Security Reviews
    5. Infrastructure-as-Code (IaC) Reviews
    6. Secure SDLC Assessments
  2. Technical Expertise Required
    1. Java, Spring Boot, .NET, Python, Node.js, Go, Rust, PHP
    2. React, Angular, Vue, Next.js
    3. Android & iOS Security
    4. Kubernetes, Docker, Terraform
    5. OWASP ASVS, OWASP Testing Guide, MITRE CWE, NIST Frameworks

3.Security Tooling Experience
    • Checkmarx
    • Fortify
    • Veracode
    • Semgrep
    • Snyk
    • Trivy

What We're Looking For

  1. 1-2+ years of Application Security experience
  2. Expertise in Manual Secure Code Review
  3. Strong Secure SDLC and DevSecOps background
  4. Ability to provide developer-focused remediation guidance
  5. Experience reviewing enterprise-scale codebases and security architectures

Preferred Certifications
If you have a passion for secure software development, offensive security, and building resilient applications at scale, we'd love to hear from you.
View all job openings