Senior Application Security Engineer
Jumio · Bangalore
New
senior
security engineerapplication security
Apply on Jumio →
Role Purpose: The Sr. Application Security Engineer will be a hands-on role responsible for delivering security engineering services to Jumio’s engineering teams and building secure systems and cloud infrastructure with our engineering teams and for executing initiatives on improving our security program.
Role Value: This role plays a vital part in our global Infosec function. It enables our business and customers to have more confidence in our systems, our processes and our ability to manage the cyber threats we face by ensuring that we work in a secure cloud infrastructure.
Example Responsibilities
Collaborate with Engineering and Infrastructure teams to identify and fill any security gaps in our SDLC, cloud infrastructure and associated processes
Integrate security into the Software/Infrastructure processes from initial threat modelling to decommissioning
Perform manual penetration testing of Web/mobile applications and APIs
Audit source code and perform code review for critical application changes
Help teams in understanding security vulnerabilities and associated risk, providing guidance in prioritizing and remediation efforts
Identify critical security risks and drive mitigation with engineering teams
Manage cross-functional internal and external team collaboration and communications
Deploy security services and tools through IaC, and actively promote the culture of security as code
Periodic security assessments and configuration review of cloud environments
Build custom security solutions tooling and automation and lead security initiatives
Build, promote and scale DevSecOps across the company and enable integration of tools and practices as the teams transition to DevSecOps.
Experience and Qualifications
10+ years of experience in a security engineering role, specialized in application security and cloud security
Strong familiarity with Linux operating systems and cloud ecosystems like Amazon AWS, GCP, including networking concepts and security services and patterns
Understanding of core AWS Cloud Services (e.g. EC2, ECS, Lambda, RDS, etc.) architecture (e.g. Well-Architectured Framework) and micro services
Experience in implementing secure IaC solutions
Experience in container-based architecture and deployments (Docker, Kubernetes)
Hands on experience in pen testing Web application and API
Deep understanding of OWASP Top 10 and CWE 25
Experience in using SAST, DAST, IAST, SCA tools
Experience in Threat Modeling
Ability to communicate well, present security threats and risks to engineering teams
Self-motivated; ability to work independently on new initiatives.
Great to have Experience and Qualifications
Experience in pentesting mobile applications
Experience in implementing secure infrastructure as code
Experience with scripting languages such as Python
Experience in applying AI and LLMs to automate complex security workflows
Knowledge on CI/CD automation tools (AWS DevOps, Github Actions, Jenkins)
Relevant security certifications such as CREST, OSCP, OSWE, CEPT, CMWAPT, GPEN, PentTest+, AWS Cloud Practitioner, AWS Security Speciality or any AWS Associate level certification
Bachelor's degree or experience with Master's degree in Computer Science
Key Characteristics and Attitudes
Passion for product security as a subject
Ability to learn and adapt to changing technology landscape
Desire to enable change and continuous growth
Jumio Values:
IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation
Equal Opportunities :
Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.
About Jumio:
Jumio is a B2B technology company dedicated to eradicating online identity fraud, money laundering and other financial crimes to help make the internet safer. We leverage AI, biometrics, machine learning, liveness detection and automation to create solutions that are trusted by leading brands worldwide and respected by industry thought leaders.
Jumio is the leading provider of online identity verification, eKYC and AML solutions. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others.
Applicant Data Privacy
We will only use your personal information in connection with Jumio’s application, recruitment, and hiring processes, as described in Jumio’s Applicant Privacy Notice. If you have any questions or comments, please send an email to privacy@jumio.com .
Posted 2026-07-15