How much salary can I expect as a Application Security Engineer in Medibuddy in Bengaluru/Bangalore?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Application Security Engineer in Medibuddy in Bengaluru/Bangalore?

The candidate should have completed the required education and people who have 4 to 5 years are eligible to apply for this job. You can apply for more jobs in Bengaluru/Bangalore to get hired quickly.

Is there any specific skill required for this job?

The candidate should have sound communication skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Bengaluru/Bangalore at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Bengaluru/Bangalore . Through apna, you can find jobs in 64 cities across India. Join NOW!

Application Security Engineer

Medibuddy

Application Security Engineer

Medibuddy

Bengaluru/Bangalore

Not disclosed

Work from Office

Full Time

Min. 4 years

Job Description

Application Security Engineer - II

Location: Bengaluru,Karnataka,India

Job Summary
We are looking for a mid-to-senior level Application Security Engineer to own the security
posture of our web, mobile, and AI-driven ecosystems. You are expected to operate with high
autonomy, moving beyond simple checklist-based testing to proactive threat modeling and
automated defense. You will collaborate with engineering teams to ensure our rapid deployment
cycle remains secure by design.

Key Responsibilities:

1. Advanced Application Security & Pentesting
● Conduct deep-dive manual and automated penetration testing on Web, Mobile
(iOS/Android), and API layers.
● Master the OWASP Top 10 and SANS 25 frameworks to identify and remediate complex
logic flaws.
● Perform manual code reviews for high-risk features in Node.js and Python.

2. Cloud & Infrastructure (AWS Focus)
● Audit and harden AWS environments, focusing on IAM least-privilege policies and VPC
security.
● Secure serverless architectures (Lambda) and containerized workloads
(Kubernetes/Docker).
● Implement and monitor AWS security services like GuardDuty, Security Hub, and
Inspector.

3. Emerging Tech: AI & Low-Code Security
● AI Agents: Conduct security assessments for LLM-based features, protecting against
prompt injection, data leakage, and insecure output handling (OWASP for LLMs).
● Low-Code/No-Code: Establish governance and security reviews for internal tools (e.g.,
Retool, Zapier) to prevent unauthorized data exposure.
● API Integrity: Secure the machine-to-machine communication between our AI agents
and core healthcare microservices.

4. DevSecOps & Automation
● Integrate and manage SAST, DAST, and SCA tools (Snyk, Burp Suite, SonarQube)
directly into the CI/CD pipeline.
● Build custom automation scripts (Python/Go) to detect secrets in code or misconfigured
cloud assets in real-time.

Qualifications & Skills

1) Minimum Requirements
● Experience: 4-5 years in Application Security or Penetration Testing.
● Education: B.Tech/B.E. in Computer Science or a related technical field.
● Certifications: OSCP, eWPT, or GWAPT (preferred); CEH (minimum).
● Tooling: Expertise in Burp Suite Professional, Metasploit, Postman, and Cloud-native
security tools.

2) Technical Proficiencies
● Languages: Ability to read/write Python and Node.js for exploit development and script
automation.
● Standards: Deep knowledge of OAuth2, JWT, TLS/SSL, and Cryptographic standards.
● Cloud: Hands-on experience with Terraform/IaC security scanning.

3) Soft Skills
● The "Security Partner" Mindset: Ability to explain complex vulnerabilities to SDEs in a
way that encourages remediation rather than friction.
● Analytical Thinking: The ability to "think like a hacker" while providing "builder-centric"
solutions.

MediBuddy Introduction:
MediBuddy is India’s largest on-demand, full-stack digital healthcare platform that helps patients access multiple healthcare services. It gives users 24x7 access to high-quality healthcare at their fingertips. MediBuddy helps its users consult specialist doctors, order medicines and book lab tests from the comfort of their homes. It is also a partner to several leading corporate customers in the country and helps their employees access multiple healthcare benefits. MediBuddy users have access to online doctor consultations, wellness, preventive care services, fitness and hospitalization offered by its pan-India network of healthcare providers with its unparalleled reach.

It also provides its customers hassle-free, end-to-end surgery care through a Care Buddy, right from connecting them to the right surgeon to post-operative recovery care. MediBuddy’s surgery care provides specialized treatment in several other departments like Proctology, Ophthalmology, Vascular, ENT, Orthopaedics, Urology, Gynaecology, and more. With full-stack Surgery Care management services, MediBuddy assures customers an array of solutions for every medical, financing, insurance, and recovery need of its customers undergoing surgery.

The digital healthcare platform has a partner network of 90,000+ doctors, 7,100+ hospitals and clinics, 4,000+ diagnostic centers, 2,500+ pharmacies along with a team size of 2200+ members. It has created an integrated healthcare ecosystem that offers patients seamless access anytime and anywhere. It has created an integrated healthcare ecosystem that offers patients seamless access anytime and anywhere in 10 minutes. With its healthcare services available in 16 Indian languages to enable customer-friendly consultation, MediBuddy is bridging the Urban-Rural quality healthcare divide. MediBuddy offers online and offline doctor consultations, medicine delivery, lab tests at home, mental health consultations, surgery care, among other healthcare services.

Apply to this job