Tata Consultancy Services
Application Security Engineer
Tata Consultancy Services, Sunnyvale, California, United States, 94087
Job Description
Specialized expertise in application security testing, secure architecture, and vulnerability management across a variety of enterprise environments. Key Responsibilities Perform manual web application and mobile penetration testing. Identify, validate, and prioritize vulnerabilities, delivering actionable remediation and migration recommendations. Conduct code assisted reviews, architecture assessments, and threat modeling exercises. Research emerging vulnerabilities, exploit techniques, and security technologies to proactively improve defenses. Develop and deliver clear, comprehensive reports and presentations for technical and non-technical audiences. Assess and secure applications and services that incorporate AI/ML models or LLM-based functionality. Evaluate AI system components (data ingestion, model APIs, inference endpoints) for security and privacy risks.
Required Qualifications
5+ years of experience as an Application Security Engineer, Principal Security Consultant, or Senior Penetration Tester in an enterprise environment. Proven experience manually testing web applications and performing enterprise-level penetration testing. Strong understanding of Web and Mobile application security testing, methodologies, and common vulnerabilities. Proficiency in at least one scripting language (Python, Perl, Ruby, PHP) and one programming language (Java, Objective-C). Proficiency with Mac OS X and/or UNIX/Linux systems. General understanding of secure network architecture and design, including segmentation, ACLs, and secure communication protocols. General knowledge of common web technology stacks (LAMP, LEMP, MEAN, etc.) and their associated security considerations. General understanding of AWS services (EC2, S3, KMS, RDS) and security best practices relevant to those services. Ability to explain basic networking concepts (routing, load balancing, SSL/TLS, TCP/IP) to support secure application architecture reviews. Ability to ascertain and clearly articulate the size and scope of security assessments and penetration testing engagements. Solid understanding of the OWASP Top 10 and CWE Top 25 vulnerabilities (e.g., XXE, XSS, SQLi, SSRF). Strong communication skillsboth written and verbalwith the ability to convey complex technical issues to diverse audiences. Demonstrated passion for continuous learning, vulnerability research, and staying ahead of evolving threat landscapes.
Salary
Salary Range: $70,000-137,000 per year Location
Sunnyvale, CA Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industry
IT Services and IT Consulting #J-18808-Ljbffr
Specialized expertise in application security testing, secure architecture, and vulnerability management across a variety of enterprise environments. Key Responsibilities Perform manual web application and mobile penetration testing. Identify, validate, and prioritize vulnerabilities, delivering actionable remediation and migration recommendations. Conduct code assisted reviews, architecture assessments, and threat modeling exercises. Research emerging vulnerabilities, exploit techniques, and security technologies to proactively improve defenses. Develop and deliver clear, comprehensive reports and presentations for technical and non-technical audiences. Assess and secure applications and services that incorporate AI/ML models or LLM-based functionality. Evaluate AI system components (data ingestion, model APIs, inference endpoints) for security and privacy risks.
Required Qualifications
5+ years of experience as an Application Security Engineer, Principal Security Consultant, or Senior Penetration Tester in an enterprise environment. Proven experience manually testing web applications and performing enterprise-level penetration testing. Strong understanding of Web and Mobile application security testing, methodologies, and common vulnerabilities. Proficiency in at least one scripting language (Python, Perl, Ruby, PHP) and one programming language (Java, Objective-C). Proficiency with Mac OS X and/or UNIX/Linux systems. General understanding of secure network architecture and design, including segmentation, ACLs, and secure communication protocols. General knowledge of common web technology stacks (LAMP, LEMP, MEAN, etc.) and their associated security considerations. General understanding of AWS services (EC2, S3, KMS, RDS) and security best practices relevant to those services. Ability to explain basic networking concepts (routing, load balancing, SSL/TLS, TCP/IP) to support secure application architecture reviews. Ability to ascertain and clearly articulate the size and scope of security assessments and penetration testing engagements. Solid understanding of the OWASP Top 10 and CWE Top 25 vulnerabilities (e.g., XXE, XSS, SQLi, SSRF). Strong communication skillsboth written and verbalwith the ability to convey complex technical issues to diverse audiences. Demonstrated passion for continuous learning, vulnerability research, and staying ahead of evolving threat landscapes.
Salary
Salary Range: $70,000-137,000 per year Location
Sunnyvale, CA Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industry
IT Services and IT Consulting #J-18808-Ljbffr