Back to Jobs
Product Security Engineer
Actively Reviewing
FPL Technologies
Job Description
Role: Product Security Engineer
Experience - 2-4 years in application security
We are looking for a hands-on Product Security Engineer with 2–4 years of experience to join our team. We are not just looking for someone to run scanners; we want an engineer who can bridge the gap between security and development. If you are passionate about building security automation, scaling DevSecOps practices, and finding clever ways to secure complex web, mobile, and cloud environments, we want to hear from you.
Job Description -
- Architect and implement security automation frameworks (Python, Go, Bash) to streamline vulnerability detection across web and mobile platforms.
- Engineer security controls within CI/CD pipelines to ensure automated gating and compliance at every SDLC stage.
- Lead comprehensive threat modeling sessions to proactively identify architectural risks and provide actionable mitigation strategies.
- Perform deep-dive secure code reviews (manual/automated) and full-spectrum penetration testing (black-box, grey-box, API, cloud-native) to identify vulnerabilities and drive remediation.
- Champion a "security-by-design" mindset and DevSecOps culture, establishing best-in-class security standards across the organization.
Core Competencies & Skill Sets -
- Expert knowledge of integrating SAST, DAST, and SCA tools into CI/CD workflows.
- Proven ability to build custom tools for automated security testing and monitoring.
- Comprehensive understanding of security requirements throughout the software development lifecycle.
- Proficiency in methodologies such as STRIDE or PASTA to identify and mitigate business-critical risks.
- Expertise in identifying vulnerabilities across web, mobile, and API surfaces using industry-standard tools and manual exploitation techniques.
Requirements-
- 2–4 years of demonstrated success in application security, penetration testing, and cloud security environments.
- Strong scripting/coding skills (e.g., Python, Go, Bash) specifically applied to security automation and tool integration.
- Deep knowledge of security frameworks (OWASP, NIST) and their practical application in regulatory environments (GDPR, ISO 27001).
- Hands-on experience with industry-standard security tools (Burp Suite, OWASP ZAP, Nmap) and securing cloud-native architectures (specifically AWS).
- Proven understanding of secure SDLC practices and the ability to integrate automated security gates into CI/CD pipelines.
- Strong analytical capabilities with the ability to communicate complex security risks effectively to both engineering and product stakeholders.
Required Skills
Similar Jobs
View all →
Product Security Engineer
Weekday AI (YC W21)
Hyderabad
Security Compliance
ISO 27001
Data Analysis
+9
Engineering Infrastructure Security Manager
Gruve
Pune
Security Compliance
ISO 27001
Compliance frameworks
+13
Cyber Security Engineer (Job 1354)
DLH Corporation
Security Compliance
ISO 27001
Machine Learning
+11
Product Security Engineer
Atlas Consolidated
Hyderabad
Security Compliance
ISO 27001
Data Analysis
+9
DevOps Engineer
Bolt Graphics
Capacity Planning
Compliance frameworks
ISO 27001
+27
Share
Quick Apply
Upload your resume to apply for this position
–