Senior Application Security Engineer

We are looking for a Senior Application Security Engineer to security architecture reviews, and code security assessments across microservices and cloud-native applications. This position will be full time and Remote/Hybrid(Bangalore) 

What You’ll Do 

• Application Security Engineer with 5 to 8 years of experience. 

• Lead threat modeling, security architecture reviews, and code security assessments across microservices and cloud-native applications 

• Perform SAST, DAST, SCA, and manual penetration testing on applications 

• Identify, prioritize, and track remediation of vulnerabilities across the application portfolio 

• Define and enforce secure coding standards and security best practices 

• AI / LLM Security (AI Transformation Center Focus) 

• Threat model AI systems — identify and mitigate risks unique to LLM-powered applications: prompt injection, jailbreaking, model inversion, data poisoning, and training data leakage 

• Conduct adversarial testing (red-teaming) of LLM and generative AI applications before production release 

• Define and implement guardrails and content safety controls for LLM inputs/outputs (e.g., PII detection, toxicity filtering, output validation. 

• Evaluate and secure AI supply chain — third-party model APIs (OpenAI, Anthropic, Azure OpenAI), open-source model weights (Hugging Face), and fine-tuned models 

• Establish policies around RAG (Retrieval-Augmented Generation) security — securing vector databases, embedding pipelines, and document ingestion workflows 

• Implement controls against indirect prompt injection in agentic AI systems and multi-step LLM pipelines 

• Assess AI agent security — tool call authorization, agent sandboxing, privilege boundaries, and action scope controls 

• Ensure compliance with AI governance frameworks: ISO/IEC 42001, and internal AI usage policies 

• Collaborate with Data Science and ML Engineering teams to secure model training pipelines, dataset storage, and model registries 

• Drive AI incident response playbooks specific to model abuse, hallucination exploitation, and data exfiltration via LLM interfaces 

What You'll Need 

Required: 

• DevSecOps & CI/CD Security 

• Design and maintain DevSecOps pipelines integrating security gates into GitHub Actions workflows 

• Automate SAST, container scanning, secrets detection, SCA, and AI model scanning within CI/CD pipelines 

• Implement and manage Argo CD security policies, RBAC configurations, and deployment guardrails for GitOps workflows 

• Enforce branch protection, signed commits, and secrets management in GitHub 

• Integrate ML model integrity checks and artifact signing into AI deployment pipelines 

• Container & Orchestration Security 

• Harden Docker images — least-privilege, minimal base images, multi-stage builds, and image signing 

• Secure Kubernetes clusters: RBAC, Pod Security Admission, Network Policies, OPA/Gatekeeper, and runtime security 

• Isolate and sandbox AI inference workloads in Kubernetes — GPU node security, model server hardening (Triton, TorchServe, vLLM) 

• Integrate container vulnerability scanning (Trivy, Grype, Snyk) into pipelines 

• Security Operations & Governance 

• Define security benchmarks aligned to ISO42001, NIST, OWASP (including OWASP LLM Top 10), and internal standards 

• Collaborate with AI Engineering TEAM, Security and Risk Management Team, GRC Team, Infosec Team to shift security left 

Physical Demands 

• Ability to safely and successfully perform the essential job functions 

• Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc. 

• Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor