onsite

Lead Assistant Manager - Application Security - EXL Service

Security Engineer

Lead Assistant Manager driving application security programs through manual and tool‑assisted penetration testing, mobile app assessments, and DevSecOps integration using SAST, DAST, SCA and container security across Java, Python and JavaScript codebases.

About the role

Key Responsibilities

Perform manual and automated web application penetration tests, covering OWASP Top 10, business logic flaws, and API vulnerabilities.
Conduct comprehensive mobile security assessments for Android and iOS, including static/dynamic analysis, reverse engineering, and compliance with OWASP MASVS/MSTG.
Execute source‑code security reviews using SAST tools and manual techniques across Java, Python, and JavaScript/TypeScript projects.
Lead grey‑box and targeted red‑team exercises against internal and client‑facing applications.
Integrate, configure, and maintain SAST, DAST, SCA, and container‑security solutions within CI/CD pipelines to embed security early in the development lifecycle.

Requirements

5+ years of hands‑on experience in application security testing, including web, API, and mobile platforms.
Proficiency with security testing tools (e.g., Burp Suite, ZAP, Veracode, Snyk, Trivy) and scripting languages for automation.
Strong knowledge of secure coding practices in Java, Python, and JavaScript/TypeScript.
Experience implementing DevSecOps practices, integrating SAST/DAST/SCA into CI/CD pipelines (Jenkins, GitLab, Azure DevOps).
Excellent analytical, communication, and mentorship skills to guide junior security analysts.

Skills

penetration testingjavapython

CompanyEXL Service

DepartmentEngineering

LocationUttar Pradesh, India

Experience7+ years

Tenurefull-time

LevelLead

Posted June 20, 2026