Security Engineer (Enterprise)

Role Summary: As an Application Security Engineer at JioStar, you will play a critical role in safeguarding our products and user data. You’ll work at the intersection of engineering and security—integrating best practices across the development lifecycle, identifying vulnerabilities in web and mobile platforms, and proactively addressing risks from design to deployment. This role is ideal for someone who is passionate about secure coding, threat modeling, and driving a security-first mindset across teams. You will have the opportunity to work on cutting-edge technologies, influence product decisions, and continuously evolve JioStar’s security posture in a fast-paced, high-impact environment.

Key Responsibilities

Perform security testing of web, Android, and iOS applications to identify and mitigate vulnerabilities Collaborate closely with product and engineering teams from feature design through implementation, integrating secure SDLC practices Develop creative and practical attack scenarios to uncover potential threats Define the threat landscape from product ideation to architecture and implementation, ensuring security is embedded throughout Proactively identify platform-wide vulnerabilities and provide actionable remediation guidance Take ownership of tasks and deliver them within defined timelines with minimal supervision Continuously learn and build expertise across multiple security domains, including cloud, application, and operating system security Stay up to date with evolving technologies, platforms, and frameworks, and adapt security approaches accordingly Drive innovation to accelerate vulnerability detection and integrate security early in the development lifecycle Champion a security-first culture across JioStar by influencing engineering practices and decision-making Identify key problem areas and implement solutions that significantly strengthen JioStar’s overall security posture

Skills & Attributes for success

In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10 Experience in doing security assessments on web applications, Android and iOS mobile applications in microservice architecture Experience in using the security tools to carry out the manual as well as automated security assessments Experience working with common product flows like payment gateway integration, authentication etc. Knowledge of how applications get built which may help in multiple scenarios to break the very things. Knowledge and understanding of Python, Java, PHP, C, C++, SQL, Javascript, Ruby, NodeJS, Go etc. is a huge plus Passion for security, and a practical and balanced approach to security issues Ability to visualize the root cause of the behavior of the applications or systems setup Curiosity in knowing how things work in different conditions Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams Contributions to the security community is a huge plus Lazy, so that could make machines work for him/her [automation]