Product Security Engineer (App Security)

Job Description

PhonePe Group is seeking a skilled Application Security Engineer to enhance its security by identifying and mitigating vulnerabilities in web applications, APIs, and mobile apps. The candidate will have experience in penetration testing, secure code review, and security automation.

PhonePe is India’s leading digital payments company with 50 crore (500 Million) registered users and 3.7 crore (37 Million) merchants covering over 99% of the postal codes across India. PhonePe has expanded into financial services as well as adjacent tech-enabled businesses.

Responsibilities:

• Perform penetration testing of web applications, APIs, and mobile apps, providing vulnerability analysis and remediation guidance.
• Conduct manual and automated secure code reviews in Java, Python, and JavaScript.
• Develop security automation solutions using Python to streamline testing and improve coverage.
• Work with development teams to resolve security issues within release cycles.
• Create and maintain threat models to mitigate design-level security risks.
• Educate developers on secure coding practices and communicate security findings.

Requirements:

• 1-5 years of experience in application security, penetration testing, or related fields.
• Expertise with tools like Burp Suite, OWASP ZAP, semgrep, MobSF, Jadx-GUI, and other mobile security testing frameworks.
• Experience integrating security into SDLC and familiarity with DevSecOps tools.
• Proficiency in secure coding principles, OWASP Top 10, CWE, and exploit techniques.
• Strong scripting skills in Python for security automation.
• Excellent communication and stakeholder management abilities.
• Passion for continuous learning.
• Certifications like OSCP, OSWE, CRTP, or a proven Bug Bounty track record and/or CTF participation are a plus.

PhonePe Employee Benefits:

• Insurance Benefits (Medical, Critical Illness, Accidental, Life)
• Wellness Program (Employee Assistance Program, Onsite Medical Center, Emergency Support System)
• Parental Support (Maternity, Paternity, Adoption Assistance, Day-care Support)
• Mobility Benefits (Relocation, Transfer Support, Travel Policy)
• Retirement Benefits (Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment)
• Other Benefits (Higher Education Assistance, Car Lease, Salary Advance Policy)