Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
EXL

Lead Assistant Manager – Application Security

EXL

Lead Assistant Manager - Application Security responsible for penetration testing and secure application development. Collaborate across teams to enhance security testing and ensure application integrity.

Posted 6/19/2026full-timeNoida • 🇮🇳 IndiaSeniorWebsite

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
web application penetration testingmobile application security assessmentssource code security reviewsstatic analysisdynamic analysisreverse engineeringvulnerability triagethreat modellingsecure coding standardsscripting/automation
Soft Skills
collaborationcommunicationreport writingproblem-solvingprioritization
Tools & Technologies
Burp Suite ProMobSFFridaobjectiondrozerSemgrepSonarQubeCheckmarxVeracodeJenkins
Industry Keywords
OWASP Top 10API vulnerabilitiesDevSecOpsCI/CDSASTDASTSCAIaC securityvulnerability classessecurity champions programmes

Tech Stack

Tools & technologies
AndroidiOSJavaJavaScriptJenkinsPythonTerraformTypeScript

About the role

Key responsibilities & impact
  • Conduct manual and tool-assisted web application penetration testing (OWASP Top 10, business logic flaws, API vulnerabilities).
  • Perform mobile application security assessments for Android and iOS (static & dynamic analysis, reverse engineering, OWASP MASVS/MSTG).
  • Execute source code security reviews—both SAST-assisted and manual—across languages such as Java, Python, JavaScript/TypeScript, and others.
  • Participate in grey-box assessments and targeted red-team exercises against internal and client-facing applications.
  • Integrate and operate SAST, DAST, SCA, and container security tools within CI/CD pipelines (Jenkins, GitHub Actions).
  • Configure and tune security tooling to reduce false positives and enforce actionable pipeline quality gates.
  • Support IaC security reviews (Terraform, CloudFormation) and secrets management practices.
  • Collaborate with platform engineering to embed security controls in build and deployment workflows.
  • Triage, prioritise, and track vulnerabilities from discovery through verified closure.
  • Produce clear, developer-friendly reports with reproducibility steps, severity ratings, and remediation guidance.
  • Support development teams in understanding and fixing identified issues; re-test post-remediation.
  • Maintain internal vulnerability registers and risk-tracking artefacts.
  • Assist in threat modelling and secure design reviews for new features and services.
  • Promote secure coding standards and OWASP best practices across development teams.
  • Contribute to security champions programmes and developer awareness initiatives.
  • Assist in securing AI/GenAI applications and APIs following defined security patterns.

Requirements

What you’ll need
  • 3–5+ years of hands-on experience in application security, penetration testing, or a closely related security engineering role.
  • Demonstrated web application penetration testing proficiency (Burp Suite Pro, OWASP methodology, manual exploitation).
  • Proven mobile application security testing experience for Android and/or iOS (MobSF, Frida, objection, drozer, APK/IPA analysis).
  • Practical source code review capability—ability to identify security defects through manual inspection and SAST tooling (Semgrep, SonarQube, Checkmarx, Veracode).
  • Familiarity with DevSecOps pipelines and security tool integration (SAST/DAST/SCA in CI/CD).
  • Solid understanding of vulnerability classes: injection, authentication flaws, IDOR, XXE, SSRF, deserialization, cryptographic weaknesses.
  • Scripting/automation capability for security tasks (Python, Bash, or equivalent).

Benefits

Comp & perks
  • Health insurance
  • Retirement plans
  • Paid time off
  • Flexible work arrangements
  • Professional development