Job Specifications
Cyber Security / Application Security Engineer with years of experience to lead enterprise security initiatives focused on application security, cloud security, and secure software development practices. The ideal candidate will drive security architecture, implement secure coding standards, and collaborate with engineering, DevOps, and infrastructure teams to ensure applications and platforms are protected against modern cyber threats.
This role requires deep expertise in application security, DevSecOps, cloud security, identity and access management, vulnerability management, and enterprise security architecture.
Key Responsibilities
Lead the design and implementation of enterprise application security architecture across modern cloud and on-premise environments.
Integrate DevSecOps practices into CI/CD pipelines to ensure security is embedded throughout the software development lifecycle (SDLC).
Perform secure code reviews, threat modeling, and vulnerability assessments to identify and mitigate security risks.
Implement and manage SAST, DAST, SCA, and container security scanning tools across development pipelines.
Design and enforce secure coding standards and security best practices for development teams.
Architect and implement API security, microservices security, and container security for cloud-native applications.
Lead identity and access management (IAM) implementations including SSO, RBAC, OAuth, OpenID Connect, and MFA.
Manage cloud security controls across platforms such as AWS, Azure, or GCP, including cloud workload protection and security posture management.
Conduct security risk assessments and penetration testing coordination to proactively identify vulnerabilities.
Implement Zero Trust security principles, network segmentation, and secure access strategies.
Work closely with DevOps, infrastructure, and engineering teams to remediate vulnerabilities and improve security posture.
Monitor and respond to security incidents, threats, and vulnerabilities in collaboration with SOC teams.
Ensure compliance with industry frameworks such as NIST, ISO 27001, SOC2, PCI-DSS, and CIS benchmarks.
Provide technical leadership, mentoring, and guidance to security engineers and development teams.
Develop security documentation, architecture diagrams, and risk mitigation strategies.
Required Skills & Experience
Years of experience in Cyber Security, Application Security, or Security Engineering roles.
Strong experience with Application Security (AppSec), secure SDLC, and DevSecOps practices.
Hands-on experience with security scanning tools such as Checkmarx, Fortify, Veracode, Snyk, SonarQube, or Black Duck.
Experience securing CI/CD pipelines using tools like Jenkins, GitHub, GitLab, or Azure DevOps.
Deep knowledge of cloud security architectures (AWS, Azure, or GCP).
Expertise in API security, container security, Kubernetes security, and microservices architecture.
Experience with Identity & Access Management (IAM) technologies such as Okta, Azure AD, Ping, SailPoint, or ForgeRock.
Strong understanding of OWASP Top 10, threat modeling, and vulnerability management.
Experience with security monitoring tools, SIEM platforms (Splunk, QRadar), and incident response processes.
Knowledge of network security concepts including firewalls, WAF, IDS/IPS, and Zero Trust architecture.
Strong scripting or programming experience in Python, Java, or Bash for security automation.
Experience implementing security compliance frameworks and governance controls.
Preferred Qualifications
Security certifications such as CISSP, CISM, CEH, CSSLP, or CCSP.
Experience leading enterprise security transformation or DevSecOps initiatives.
Prior experience working in banking, healthcare, fintech, or large enterprise environments.
Strong communication skills with the ability to work with cross-functional technical and leadership teams.
About the Company
Centillionz is a privately owned professional services firm specializing in Information Technology Consulting, Staffing Solutions, Corporate Training and Business Process Outsourcing services, dedicated to helping the world's leading companies build stronger businesses. Headquartered in South Plainfield, NJ and offshore development center in Hyderabad, India. Centillionz combines a passion for client satisfaction, technology innovation, deep industry and business process expertise, and a global, collaborative workforce that ...
Know more