Model N

Principal Application Security Engineer

Hyderabad, India Remote Hybrid
AWS Azure GCP Docker Kubernetes
Description
Model N Global Information Security team is seeking a Principal Application Security Engineer with deep expertise and a proven track record in the Application/Product Security domain.  This is the perfect opportunity if you’re passionate about security and thrive in a collaborative environment.
The role requires managing and supporting the Application Security discipline, maturing the vulnerability management program, integrating security within CI/CD environments, and implementing advanced DevSecOps practices. This role is crucial in shaping our application security strategy, driving the "Shift Left" approach, and ensuring that security is embedded throughout our software development lifecycle.
If you are an innovative thinker with extensive experience in application security and a passion for fostering a security-first culture, we invite you to apply.

Job Responsibilities

  • Operations in Security Integration: Architect and implement advanced security measures into our CI/CD pipeline, ensuring seamless automation of security testing, vulnerability management, and compliance validation across all development phases.
  • Comprehensive Threat Modeling: Lead and facilitate thorough threat modeling sessions with cross-functional teams, identifying and prioritizing potential risks and vulnerabilities during the design and development stages.
  • Advanced Code Analysis: Conduct expert-level static and dynamic code analysis, providing in-depth feedback and mentorship to developers on secure coding practices, while ensuring adherence to security standards.
  • Tooling Innovation: Research, evaluate, and implement state-of-the-art application security tools (SAST, DAST, SCA) to automate testing processes and enhance vulnerability reporting, ensuring that security measures evolve alongside emerging threats.
  • Incident Response Excellence: Collaborate with incident response teams to analyze and mitigate security incidents, developing and refining processes to learn from incidents and strengthen defenses.
  • Robust Training and Advocacy: Design and deliver comprehensive security training programs for developers and stakeholders, promoting a proactive security culture and enhancing awareness of application security best practices.
  • Policy Development and Governance: Drive the creation and continuous improvement of application security policies, standards, and frameworks, ensuring alignment with industry best practices, regulatory requirements, and business objectives.
  • Risk Management & Remediation: Drive the risk reduction with Products, Platforms and Infrastructure by recommending security remediation approach and participating in risk reduction planning/strategy. Continue to scale Risk Remediation program by supporting risk backlog and other opportunities to reduce risk.
  • Strategic Cross-Functional Collaboration: Engage effectively with DevOps, product management, product development, project managers, cloud operations and engineering, and IT teams to ensure security is integrated into the product development process, fostering a culture of shared responsibility for security.

Job Qualification

  • 8+ years of hands-on experience in application security, with significant expertise in CI/CD and DevSecOps environments.
  • Mastery of leading application security tools (e.g., Checkmarx, Qualys, Burp Suite, Rapid 7, Tenable, Snyk etc.) and methodologies.
  • In-depth knowledge of web application vulnerabilities (OWASP Top 10) and secure coding frameworks (e.g., OWASP ASVS).
  • Proficient in containerization technologies (Docker, Kubernetes) and securing cloud environments (AWS, Azure, GCP).
  • Industry-recognized certifications such as CISSP, CISM, CEH, or CSSLP are strongly preferred but not required.
  • Project planning, communication, and collaboration skills, with the ability to influence and drive change across diverse teams.
  • BE/BTech or equivalent in Computer Science, Information Security, or a related field; advanced degrees preferred.
At Model N, we believe our collective success stems from the uniqueness of every individual's diverse backgrounds, experiences, and expertise; we call this the N Factor. So don’t allow uncertainty to keep you from applying to join our team. If you don’t meet the exact criteria but can demonstrate your skillset is the best for the job, we’d love to talk with you. We’re curious to know, what’s your N Factor?    
  
About Model N  
 
Model N enables life sciences and high tech companies to drive growth and market share, minimizing revenue leakage throughout the revenue lifecycle. With deep industry expertise and solutions purpose-built for these industries, Model N delivers comprehensive visibility, insight and control over the complexities of commercial operations and compliance. Our integrated cloud solution is proven to automate pricing, incentive and contract decisions to scale business profitably and grow revenue. Model N is trusted across more than 120 countries by the world’s leading pharmaceutical, medical technology, semiconductor, and high tech companies, including Johnson & Johnson, AstraZeneca, Stryker, Seagate Technology, Broadcom and Microchip Technology. For more information, visit www.modeln.com

We’re constantly growing and may have something for you later on if this is not the right opportunity for you. Check out our career site to learn more about Model N or view other jobs: https://www.modeln.com/company/careers/ 
Model N
Model N
Medical Device Pharmaceutical Software

0 applies

4 views

Other Jobs from Model N

Cloud Operations Engineer

Hyderabad, India Remote Hybrid

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

60,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 401 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

To try it out

For active job seekers

For those who are passive looking

Cancel anytime

Frequently Asked Questions

  • We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
  • We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
  • We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
  • We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
  • Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
  • Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
  • Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅

What Fellow Engineers Say