This job has closed.

Tata Consultancy Services · 22 hours ago

Application Security Engineer

Sunnyvale, CA

Full-time

Hybrid

Mid, Senior Level

$70K/yr - $137K/yr

5+ years exp

Tata Consultancy Services is seeking an Application Security Engineer with specialized expertise in application security testing, secure architecture, and vulnerability management. The role involves performing penetration testing, identifying vulnerabilities, conducting architecture assessments, and developing reports for various audiences.

Business Information SystemsConsultingInformation TechnologyIT Management

H1B Sponsor Likely

Responsibilities

Perform manual web application and mobile penetration testing

Identify, validate, and prioritize vulnerabilities, delivering actionable remediation and migration recommendations

Conduct code assisted reviews, architecture assessments, and threat modeling exercises

Research emerging vulnerabilities, exploit techniques, and security technologies to proactively improve defenses

Develop and deliver clear, comprehensive reports and presentations for technical and non-technical audiences

Assess and secure applications and services that incorporate AI/ML models or LLM-based functionality

Evaluate AI system components (data ingestion, model APIs, inference endpoints) for security and privacy risks

Qualification

Application Security TestingPenetration TestingVulnerability ManagementScripting Language ProficiencyProgramming Language ProficiencySecure Network ArchitectureAWS Security Best PracticesCommunication SkillsContinuous Learning

Required

5+ years of experience as an Application Security Engineer, Principal Security Consultant, or Senior Penetration Tester in an enterprise environment

Proven experience manually testing web applications and performing enterprise-level penetration testing

Strong understanding of Web and Mobile application security testing, methodologies, and common vulnerabilities

Proficiency in at least one scripting language (Python, Perl, Ruby, PHP) and one programming language (Java, Objective-C)

Proficiency with Mac OS X and/or UNIX/Linux systems

General understanding of secure network architecture and design, including segmentation, ACLs, and secure communication protocols

General knowledge of common web technology stacks (LAMP, LEMP, MEAN, etc.) and their associated security considerations

General understanding of AWS services (EC2, S3, KMS, RDS) and security best practices relevant to those services

Ability to explain basic networking concepts (routing, load balancing, SSL/TLS, TCP/IP) to support secure application architecture reviews

Ability to ascertain and clearly articulate the size and scope of security assessments and penetration testing engagements

Solid understanding of the OWASP Top 10 and CWE Top 25 vulnerabilities (e.g., XXE, XSS, SQLi, SSRF)

Strong communication skills—both written and verbal—with the ability to convey complex technical issues to diverse audiences

Demonstrated passion for continuous learning, vulnerability research, and staying ahead of evolving threat landscapes

Company

Tata Consultancy Services

Glassdoor3.8

Tata Consultancy Services is a business solutions company that specializes on information technology services and consulting.

Founded in 1968

Mumbai, Maharashtra, IND

10001+ employees

http://www.tcs.com

H1B Sponsorship

Tata Consultancy Services has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (7880)

2024 (9690)

2023 (8537)

2022 (11159)

2021 (9813)

2020 (11984)