Application Security Engineer Job in Phonepe

Job Title: Application Security Engineer

About PhonePe Group

PhonePe is India s leading digital payments company with 500 million registered users and 37 million merchants, covering over 99% of India s postal codes. Building on its leadership in digital payments, PhonePe has expanded into financial services, including insurance, mutual funds, stock broking, and lending. It has also ventured into adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store, India s first localized app store. The PhonePe Group is a portfolio of businesses aligned with the company s vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services.

Culture

At PhonePe, we empower our people and trust them to do the right thing. We create an environment that enables you to give your best every day, from day one. If you are passionate about building technology that impacts millions, ideating with the brightest minds, and executing with purpose and speed, PhonePe is the place for you!

Job Description

We are looking for a skilled Application Security Engineer to join our team and strengthen our security posture. You will proactively identify and mitigate vulnerabilities across our web applications, APIs, and mobile apps. The ideal candidate will have a strong background in penetration testing, secure code review, and security automation.

Roles & Responsibilities (What You Will Do)

• Penetration Testing: Perform penetration testing on web applications, APIs, and mobile apps, providing in-depth vulnerability analysis and remediation guidance.
• Secure Code Review: Conduct both manual and automated secure code reviews, primarily in Java, Python, and JavaScript.
• Security Automation: Develop security automation solutions using Python to streamline testing, improve coverage, and reduce manual effort.
• Collaborate with Development Teams: Work closely with development teams to ensure timely resolution of security issues within fast-paced release cycles.
• Threat Modeling: Create and maintain threat models, applying threat modeling techniques to proactively identify and mitigate design-level security risks.
• Security Education: Foster a security-first mindset by educating developers on secure coding practices, common vulnerabilities, and attack vectors. Effectively communicate security findings to stakeholders.

What Makes You a Great Fit

• Experience: 1-5 years of experience in application security, penetration testing, or related fields.
• Penetration Testing Expertise: Strong penetration testing expertise with tools like Burp Suite, OWASP ZAP, semgrep, MobSF, Jadx-GUI, and other mobile security testing frameworks.
• DevSecOps Knowledge: Experience integrating security into the SDLC and familiarity with DevSecOps tools.
• Secure Coding Knowledge: Proficiency in secure coding principles, OWASP Top 10, CWE, and exploit techniques.
• Scripting Skills: Strong scripting skills (Python preferred) for security automation.
• Communication Skills: Excellent communication and stakeholder management abilities.
• Continuous Learning: Passion for continuous learning and staying updated on security trends.
• Certifications (Optional): Certifications like OSCP, OSWE, CRTP, or a proven Bug Bounty track record and/or CTF participation are a plus.

PhonePe Full-Time Employee Benefits

• Insurance Benefits: Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance.
• Wellness Program: Employee Assistance Program, Onsite Medical Center, Emergency Support System.
• Parental Support: Maternity and Paternity Benefits, Adoption Assistance Program, Day-care Support.
• Mobility Benefits: Relocation Benefits, Transfer Support Policy, Travel Policy.
• Retirement Benefits: Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment.
• Other Benefits: Higher Education Assistance, Car Lease, Salary Advance Policy.

Why Work at PhonePe

Working at PhonePe is a rewarding experience. With great people, a work environment that thrives on creativity, and the opportunity to take on roles beyond your defined job description, PhonePe offers a chance to grow your career in an innovative, dynamic company.