Login Sign Up

Application Security Engineer

Curefit

2 - 5 years

Bengaluru

Posted: 07/06/2026

Getting a referral is 5x more effective than applying directly

Job Description

About the role:

In this role, youll be part of a dedicated team ensuring Curefit's security posture. Youll conduct design reviews, develop automated security tools, and collaborate with product teams to identify and mitigate threats, all while enhancing secure software development practices. Your expertise will play a crucial role in maintaining the safety of our web and mobile applications.


Key Responsibilities:

Join a team dedicated to maintaining Curefit world-class security posture.

Conduct design reviews of upcoming features from an application security perspective, identifying potential threats and

proposing mitigations.

Develop security tools to monitor for security and compliance controls in real time.

Develop a broad understanding of the curefit products and pro-actively update the threat model and implement

mitigations.

Improve secure software development practices.

Create a roadmap of pentesting curefit assets and automate your test cases.

Collaborate with the Product Team to ensure adherence to Security Standards.


Skills Required

Minimum of 2+ years of in-depth experience in Application Security, with a focus on Web and Mobile Applications.

Ability to Develop and implement automated tools (python/bash) to help spot known security exposures.

Excellent understanding of security by design principles and architecture level security concepts.

Experience and knowledge of penetration testing tools and methodologies.

Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities.

Competency in Cyber Security Risk Analysis.

Understanding of application protocols, development, and common attack vectors.

Proficiency in at least one scripting language, such as Bash, Python, Go etc.

Experience with Secure Code Quality Tools like Sonarqube, Fortify etc.

Experience with pentest tools and frameworks such as: Burp Suite, Kali open-source tools, OWASP ZAP, Metasploit,

Nessus, Nmap, MobSF, Genymotion, Frida, APK Tool etc.


Good To Have

Understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like

AWS.

Understanding of CI/CD pipelines, Jenkins etc.

Certifications like CEH, eJPT, LPT, AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), OSCP,

OSWE/AWAE, SANS etc.

Services you might be interested in

We Search & Apply Jobs for You!

Our team scans through 1000s of opportunities and applies to roles best suited to your profile

Save 100+ hours and focus on what matters - cracking interviews and landing offers.

getmereferred logo Know more