Application Security Engineer I/II

Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future.
Security
Mid-Level Software Engineer
In-Person
1,000 - 5,000 Employees
2+ years of experience
Finance · Enterprise SaaS

Description For Application Security Engineer I/II

Zeta is a Next-Gen Banking Tech company founded in 2015 by Bhavin Turakhia and Ramki Gaddipati. Our flagship platform, Zeta Tachyon, is a modern, cloud-native, API-enabled stack for banking services. We've issued 20M+ cards globally and work with major banks and fintechs.

As an Application Security Engineer I/II, you'll be part of the Risk & Compliance Team in the Engineering division. Your role involves securing all mobile & web applications and APIs by identifying vulnerabilities and educating developers and DevOps teams on fixes. Key responsibilities include:

  • Performing regular VA/PT for Web & Mobile applications, API & Infrastructure
  • Guiding developers in fixing security issues
  • Conducting regular code reviews
  • Participating in application design discussions
  • Performing Threat Modelling of Web/Mobile applications
  • Developing secure code practices and educating dev and QA engineers
  • Evaluating & Integrating security testing tools into CI/CD pipelines

You'll need 2+ years of experience in developing large-scale internet or SaaS applications, and 2-3 years as a Web/Mobile Application Security engineer or Developer. A Bachelor's or Master's degree in Computer Science or equivalent from a Tier-1 engineering college/university is required.

Zeta offers a dynamic work environment in a rapidly growing company with a $1.5 billion valuation. Join us in shaping the future of banking technology!

Last updated a month ago

Responsibilities For Application Security Engineer I/II

  • Guide technology organization's security and privacy initiatives
  • Participate in design reviews and threat modeling
  • Ensure applications are secured and hardened
  • Define scope and ensure adherence to project phases
  • Create visibility and adoption of projects for internal customers
  • Act as a security engineering expert and technical champion
  • Assess gaps and tools to improve application security
  • Liaise with external and internal stakeholders
  • Mentor developers and QA
  • Evaluate bugs reported through Bug Bounty program
  • Run security posture of various applications across BUs
  • Continuously improve web/mobile application security
  • Conduct quarterly VA/PT for mobile/web applications
  • Ensure secure configuration of Web/Mobile applications, DB, and Data

Requirements For Application Security Engineer I/II

Java
Python
Ruby
  • 2+ years of experience in developing large scale internet or SaaS applications
  • 2 to 3 years of overall experience as Web/Mobile Application Security engineer or Developer
  • Bachelor's or Master's degree in Computer Science or equivalent from a Tier-1 engineering college/university
  • Hands-on VA/PT experience in Web, Mobile, API & Network
  • Thorough understanding of OWASP Top 10, their attack & defence mechanisms
  • Experience with security tools like Burpsuite, AppScan, OWASP ZAP, BEEF, MetaSploit, Qualys, Nessus, Synk
  • Understanding of Cryptography, PKI-based systems, TLS
  • Knowledge of AuthN/AuthZ frameworks (OIDC, oAuth, SAML)
  • Experience with Static Analysis and Code reviews using tools like Snyk, Veracode, Checkmarx, Sonarqube
  • Hands-on experience with mobile application reversing and dynamic instrumentation tools
  • Shell scripting or automation skills using Python or Ruby
  • Knowledge of security standards like PCI DSS, UIDAI, GDPR, NIST
  • Understanding of Java Frameworks like Springboot, CI/CD, Jenkins
  • Experience with cloud infrastructure (AWS/Azure)
  • Certifications like OSCP (Preferred), GWAPT, AWAE, Comptia Security+

Interested in this job?

Jobs Related To Zeta Application Security Engineer I/II

Lab Safety Engineer

Lab Safety Engineer position at Amazon Robotics, leading EHS compliance and safety initiatives in robotics R&D labs with competitive compensation and benefits.

Application Security Engineer

AWS Security Engineer role focusing on application security, penetration testing, and security automation for Amazon's cloud services and applications.

Software Development Engineer, Denied Party Screening

Build large-scale security systems to prevent prohibited transactions at Amazon, working with ML and distributed systems to process billions of daily events.

Security Software Engineer - Crypto Services, Enterprise Systems

Security Software Engineer role at Apple focusing on cryptographic services development for enterprise systems, offering competitive compensation and comprehensive benefits.

Security Engineer II, AppSec AI

AI Security Engineer role at Amazon focusing on securing AI applications, combining security expertise with AI technology to protect customer experiences.