Product Security Engineer
Lenskart
Work from Office
Full Time
Min. 3 yearsJob Description
Product Security Engineer (Devsec Ops)
We are looking for a Product Security Engineer with 3 to 5 years of hands-on experience in identifying, assessing, and mitigating security risks across our products and platforms. The ideal candidate will work closely with engineering, DevOps, and product teams to integrate security throughout the software development lifecycle (SDLC) and ensure the security of our applications and infrastructure.
Key Responsibilities
Conduct application security assessments, threat modeling, and code reviews for products and services.
Perform static (SAST), dynamic (DAST), and software composition (SCA) analysis using modern tools.
Collaborate with development teams to embed security controls in CI/CD pipelines.
Review and enhance security architecture for web, mobile, and API-based applications.
Work with DevOps teams to strengthen cloud security posture (AWS/GCP/Azure).
Investigate and respond to product security incidents and vulnerability reports.
Support bug bounty triage and coordinate fixes with engineering teams.
Document and enforce secure coding practices and security guidelines.
Participate in design and architecture reviews to ensure security-by-design principles.
Requirements
3 to 5 years of experience in Application Security or Product Security roles.
Strong knowledge of OWASP Top 10 Web, Mobile, API Security Top 10, and secure development practices.
Experience in Infrastructure security ( External and Internal)
Hands-on experience with tools like Burp Suite, ZAP, Check Marx, SonarQube, Veracode, GitLab Security, etc.
Familiarity with CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) and integrating security scans.
Knowledge of cloud security (AWS, Azure, GCP) and exposure to IAM, KMS, and network controls.
Scripting knowledge (Python, Bash, or PowerShell) for automating security tasks.
Understanding of container and Kubernetes security concepts.
Good to Have
Experience with threat modeling (STRIDE, PASTA, etc.).
Familiarity with infrastructure as code (Terraform, CloudFormation) security validation.
Exposure to DevSecOps practices and security orchestration.
Certifications such as CEH, OSCP, CSSLP, or AWS Security Specialty are a plus.
Experience Level
Mid LevelJob role
Job requirements
About company
Similar jobs you can apply for
Manufacturing / Production
Project Coordinator
Skymax Construction Private LimitedWork from OfficeFull TimeMin. 10 years
Basic English
Factory Officer
O Karmica WellnessWork from OfficeFull TimeMin. 1 yearBasic English
Spm Desinger
Hanu ToolsWork from OfficeFull TimeMin. 5 yearsBasic English
Supervisor
Jitendra Tour & Travels
Field JobFull Time
Night ShiftMin. 5 yearsNo English RequiredQuality Inspector
Lakshaya Engineers & ContractorsWork from OfficeFull TimeMin. 3 yearsBasic English
Quality Control Manager
Amit BuildwellField JobFull TimeMin. 5 yearsBasic EnglishYou can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.
The candidate should have completed the required education and people who have 3 to 5 years are eligible to apply for this job. You can apply for more jobs in Gurgaon/Gurugram to get hired quickly.
The candidate should have sound communication skills and sound communication skills for this job.
Both Male and Female candidates can apply for this job.
No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Gurgaon/Gurugram at apna.
No work-related deposit needs to be made during your employment with the company.
Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.
The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Gurgaon/Gurugram . Through apna, you can find jobs in 64 cities across India. Join NOW!