You are opening our English language website. You can keep reading or switch to other languages.

Product Security Engineer (Application Security)

  • Bengaluru
Small team (1-10 people)

If you received this vacancy from our recruiters — read our Privacy Notice.

Project overview

The project focuses on enhancing product security capabilities within a modern, cloud-native environment. The goal is to ensure that security is embedded early in the software development lifecycle, supporting scalable product delivery while maintaining a strong security posture across applications and services.

Team

You will be part of a Product Security function operating within a broader Information Security organization. The team collaborates closely with engineering, product, and platform teams to ensure secure design, development, and deployment of applications. The environment is fast-paced, with multiple parallel initiatives including security assessments, threat modelling, tooling improvements, and vulnerability management.

Position overview

We are looking for a Product Security Engineer (Application Security) who will operate at a senior level and contribute across security engineering, advisory, and stakeholder collaboration areas. The role focuses on securing applications and systems early in the lifecycle, supporting engineering teams with secure design practices, and managing ongoing security activities such as assessments, reviews, and vulnerability remediation.

The ideal candidate will be able to balance hands-on security work with strong communication and stakeholder engagement, while operating with a high degree of autonomy.

Technology stack

SAST, SCA (e.g., Sonatype), DAST, vulnerability scanning tools, AWS security services (e.g., GuardDuty, Inspector), CI/CD pipelines, containerized environments, Kubernetes

Responsibilities

  • Act as a security advocate for product owners and engineering teams
  • Perform web, backend, and mobile security assessments
  • Orchestrate and coordinate security testing activities including penetration testing
  • Participate in architecture and design discussions to ensure security is embedded from the start
  • Conduct threat modelling for new and existing features
  • Support and improve secure development practices across engineering teams
  • Integrate and enhance security tooling within CI/CD pipelines
  • Ensure adherence to Secure Development Lifecycle (SDLC) practices
  • Triaging findings from tools, bug bounty programs, and security reports
  • Provide guidance on secure coding practices and vulnerability remediation
  • Balance security requirements with engineering productivity
  • Collaborate with internal teams and external vendors on security initiatives
  • Additional responsibilities aligned to project needs:
  • Manage and reduce security backlog (e.g., reviews, threat models, pentest coordination)
  • Prevent backlog accumulation by efficiently handling incoming security requests
  • Correlate findings across multiple security tools and prioritize remediation efforts
  • Act as a security point of contact for specific product domains
  • Coordinate with external vendors for security testing and assessments
  • Provide practical and implementable security recommendations
  • Quickly onboard and contribute with minimal ramp-up in a fast-paced environment

Requirements

  • Experience in application security or product security roles
  • Hands-on experience with offensive security testing (e.g., Burp Suite, Nmap, Kali Linux)
  • Strong understanding of web and/or mobile security
  • Experience working with cloud-native applications (preferably AWS).
  • Solid knowledge of networking and operating systems
  • Experience with threat modelling and secure design practices
  • Basic programming knowledge (Python, JavaScript, Go, or similar)
  • Ability to identify and remediate common vulnerabilities (e.g., SQL injection, XSS)
  • Experience advising engineering teams on secure coding practices
  • Basic understanding of cloud environments and infrastructure concepts

Nice to have

  • Understanding of distributed systems security and service-to-service communication risks
  • Familiarity with Kubernetes environments (no deep expertise required)
  • Ability to prioritize vulnerabilities and reduce noise from security tools
  • Strong stakeholder management and communication skills
  • Ability to work independently and take ownership of responsibilities

Looking for Similar Opportunities?

Try AI chatbots with our ready-made prompt to discover similar roles that match your skills and interests.
Image

We offer

Image

Vacation

As per the laws of your country. We do ask you to take a proper rest

Image

Health insurance

We help you to take out an insurance policy for you and your loved ones

Image

Sick pay

10 days without a doctor's note, afterwards - as per the laws of your country

Image

Time off for state holidays

According to the official calendar, regardless of the client’s schedule

Image

Pleasant environment

Two large corporate parties and many small get-togethers for colleagues

Image

Comfort service

Solving technical and everyday problems at work

The benefits package may vary depending on the region and the type of contract

FAQ for Candidates

Work on global projects, grow your career in a supportive, flexible, and innovative tech environment. We help cover the cost of IT certifications and provide access to top-tier courses and learning platforms. View current openings and take the next step with us.

DataArt is a global software engineering company that helps businesses build powerful data, analytics, and AI solutions. We work with clients across a range of industries — including Finance, Healthcare & Life Sciences, Consumer Goods & Retail, Travel, Media & Entertainment, Mobility, and Manufacturing.

Learn more about what we do here.

DataArt supports flexible work formats to help you find the balance that works best for you. You can choose to work from the office, go hybrid, or stay fully remote—each option comes with equal opportunities for growth. We’ll help set you up with secure access and the equipment you need. With 46 remote and onsite official locations, you can join us from almost anywhere in the world.

Learn more about how we work here.

At DataArt, we put people first—fostering a culture built on trust, flexibility, and professional growth. We believe in open communication, mutual respect, and the freedom to choose how and where you work. Diversity, equity, and inclusion are core to our values, and we actively support a workplace where everyone can thrive. From mental health support to global sustainability efforts, we aim to create a healthy, empowering environment for all.

Read more about our culture and values.

There's no one-size-fits-all career path at DataArt—your growth is yours to shape. Whether you want to deepen your technical skills, move into management or sales, or even switch professions entirely, you'll have the support to do it. With exam fees fully covered, you can also earn professional certifications, like AWS, Azure, or Google Cloud. With tools like the Professional Development Map, the Talent Lab, and access to expert mentoring, we help you build your desired career.

Learn how we support both newcomers starting their careers and experienced professionals looking to grow further.

DataArt offers competitive compensation along with a range of thoughtful benefits that support your well-being, growth, and daily comfort. You’ll get flexible vacation and sick leave, mental health programs, and access to a corporate laptop or BYOD option. We also offer bonuses for referrals, parental leave, and smooth exit and return-to-work options.

Read more about how things work at DataArt.

At DataArt, we focus on creating an environment where people want to stay and grow. With 95% of employees recommending us to a friend on Glassdoor and a 100% CEO approval rating, we’re proud of the trust we’ve built. From mentoring programs and professional development services to support and conflict resolution programs, we invest in our colleagues' growth and wellbeing—because when people feel valued, they stick around.

Learn more about our company >here.

Our interview process is designed to be thorough, transparent, and supportive. It starts with a CV review, followed by an HR interview to discuss your background and goals. You'll then go through communication and technical assessments, where we evaluate your English skills and knowledge of relevant technologies. If all goes well, you’ll meet someone from the project team to learn more about the work, and we’ll guide you every step of the way—including helping you prep for any client interviews.

Read more and get tips for each stage here.

DataArt looks for candidates with strong technical skills, analytical thinking, and a commitment to continuous learning. We value experience in relevant technologies and industries, adaptability, and excellent communication skills. If you’re a junior or just starting out, don’t worry—our mentorship programs and training will support your growth from day one. The most important thing is your willingness to learn and develop professionally in our collaborative, people-first environment.

Read more about development in DataArt.

At DataArt, continuous learning is part of our culture. You’ll have access to expert mentors, leadership guidance, and thousands of courses from top platforms like Udemy and LinkedIn Learning. You can shape your own path—whether it’s growing within your role or switching to a new one.

Explore how we support your growth.