Job Description
Job Title: Application Security Engineer – Code Remediation
Experience
- 5-8 years
Employment Type - Contract (3 months with possibility of further extension)
About the Role : We are seeking a highly skilled Application Security Engineer – Code Remediation to join our
client's growing team . This role is focused on analyzing, identifying, and remediating security vulnerabilities in both legacy and modern applications. You will work closely with development, QA, and security teams to ensure enterprise-grade security hygiene in all application codebases.
If you're passionate about writing secure code, eliminating OWASP Top 10 vulnerabilities, and securing systems end-to-end, we’d love to speak with you.
Key Responsibilities
Analyse security vulnerability reports (SAST, DAST, penetration tests) and implement remediation strategies across:
-Classic ASP, ASP.NET (C#), Perl, Java
-React, JavaScript, HTML
Perform hands-on code remediation for OWASP Top 10 issues, including:
SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Insecure Direct Object References, and more
Refactor insecure SQL queries to prevent injection and enforce database-layer security.
Configure and harden IIS servers:
Apply security headers, enforce HTTPS, and disable insecure modules.
Secure SQL Server configurations and eliminate insecure deployment patterns.
Collaborate with developers to introduce and enforce secure coding standards.
Validate fixes through static/dynamic scanning and manual security validation.
Document all remediation actions, accepted risks, and security changes thoroughly.
Assist in threat modelling and risk assessments for both legacy and modern applications.
Mentor junior developers and share best practices in secure software development.
Key Skills & Technologies
Strong programming/debugging experience in Classic ASP, ASP.NET (C#), Perl, Java, React, JavaScript
Deep understanding of OWASP Top 10 and secure coding principles
Experience with static and dynamic application security testing tools (Fortify, Veracode, Burp Suite, etc.)
Strong understanding of IIS and SQL Server security configurations
Proficient in writing secure, parameterised SQL queries
Familiarity with secure SDLC and CI/CD pipelines (optional but preferred)
Ideal Candidate Profile
4–8 years of experience in application development with at least 2 years in security-focused code remediation
Proven experience in analysing, fixing, and testing vulnerabilities across different languages
Strong ability to collaborate across security, QA, and development teams
Excellent problem-solving skills and attention to detail
Industry certifications (preferred): OSCP, CEH, CSSLP, GWAPT, or equivalent
💡 Quick Summary
Seeking a career-building opportunity? The Senior Application Security Engineer position is now open for candidates interested in the IT Engineer & Developer Jobs sector. This role in Kolkata offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in IT Engineer & Developer Jobs is a plus.
