Security Engineer

Overview

Job Title: Product / Application Security Engineer

Location: Bengaluru (On-Site)

Department: Product Security / Engineering

Reports To: Product Security Lead / Director of Security / CISO

About The Role

We are seeking a passionate Product/Application Security Engineer to help design, build, and maintain secure applications across our product portfolio. You will work closely with developers, architects, and DevOps teams to ensure security is embedded throughout the Software Development Life Cycle (SDLC).

This role bridges offensive and defensive security, requiring hands-on experience with secure design, code review, threat modeling, Penetration testing and vulnerability remediation — helping the organization “build security in” from concept to deployment.

Key Responsibilities

• Perform application security assessments, including manual and automated testing for web, API, Infrastructure and mobile platforms.
• Collaborate with developers and architects to integrate security controls and best practices into CI/CD pipelines.
• Conduct secure code reviews, threat modeling, and design reviews for new and existing products.
• Build and maintain security automation, leveraging tools like Burp Suite, ZAP, Trivy, Snyk, SonarQube, or custom scripts.
• Support DevSecOps initiatives—integrating static, dynamic, and dependency scanning into build pipelines.
• Work with Product and Engineering teams to triage and remediate vulnerabilities found through penetration tests, bug bounty reports, or customer findings.
• Assist in basic security reviews for AI-integrated features, such as validating API access controls and protecting inference endpoints.
• Support investigation of prompt injection or model abuse scenarios in LLM-driven applications (when applicable).
  
  

Required Qualifications

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 2-4 years of hands-on experience in application or product security and penetration testing.
• Strong understanding of OWASP Top 10, SANS CWE-25, and modern web/mobile security practices.
• Familiarity with SDLC, CI/CD, and tools such as GitHub Actions.
• Working knowledge of cloud security (AWS, GCP, Azure) and containerized environments (Docker, Kubernetes).
• Experience using tools like Burp Suite, ZAP, Nmap, SonarQube, Veracode, or Checkmarx.
  
  

Preferred Skills

• Familiarity with threat modeling frameworks (STRIDE, PASTA, LINDDUN).
• Experience developing security automation in CI/CD.
• Certifications such as OSWE or CEH are a plus- Not mandatory
• Strong communication and documentation skills — ability to translate technical risks into business impact.
  
  

What’s in it for you?

Aptean offers competitive pay and robust benefit plans along with the opportunity to

grow your career in a fast-paced, flexible and casual environment, an outstanding

opportunity for career development and growth.  

About Aptean

At Aptean, our mission is to solve tomorrow’s unique challenges today with unrivaled,

purpose-built software and superior customer experiences from people who care.

Aptean is a global provider of mission-critical, industry-specific software solutions.

Aptean’ s purpose-built ERP and supply chain management solutions help address the

unique challenges facing process and discrete manufacturers, distributors and other

focused organizations. Aptean’ s compliance solutions are built for companies serving

specific markets such as finance, healthcare, biotech and pharmaceuticals, over 10,000

highly specialized organizations in more than 20 industries and 80 countries rely on

Aptean to streamline their everyday operations.

“At Aptean, our global and diverse employee base is our greatest asset. It is through

embracing and understanding our differences that we are able to harness our individual

power to maximize the success of our customers, our employees and our company.” -

TVN Reddy

Aptean pledges to promote a company culture where diversity, equity and inclusion are

central. We are committed to applying this principle as we interact with our customers,

build our teams, cultivate our leaders and shape a company in which any employee can

succeed, regardless of race, color, sex, national origin, sexuality and gender identity,

religion, disability or age. Celebrating our diverse experiences, opinions and beliefs

allows us to embrace what makes us unique and to use this as an asset in bringing

innovative solutions to our customer base.

---