Senior Application Security Engineer at Hewlett Packard Enterprise

Bengaluru, Karnataka, India

Apply Now
Hewlett Packard Enterprise Logo
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, CybersecurityIndustries

Requirements

  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • Hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • Knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • Familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • Hands-on experience with [incomplete in JD: likely tools or practices related to web/API security, SAST/DAST/SCA scanning, etc.]

Responsibilities

  • Secure SDLC & DevSecOps Integration – Partner with engineering and DevOps teams to embed security into the entire software delivery process
  • Software Delivery Pipeline (CI/CD) Security – Design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps, etc.); ensure code integrity via signing, artifact scanning, and build provenance; automate SAST, DAST, SCA, and container image scanning; identify and remediate misconfigurations in pipeline environments and access control
  • Web & API Security – Design, implement, and monitor WAF rules and API protections; perform API risk assessments; champion secure design patterns
  • Code Review & Testing – Conduct secure code reviews and support automation of testing pipelines
  • Vulnerability Management – Triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
  • Threat Modeling & Risk Assessment – Facilitate threat modeling sessions for applications, APIs, and pipeline workflows
  • Tooling & Automation – Expand security automation coverage, including API discovery, dependency scanning, SBOM generation, and secrets detection
  • Security Champion Enablement – Mentor developers and DevOps engineers on secure pipeline and coding practices
  • Collaboration & Advisory – Act as a trusted partner to product, platform engineering, and DevOps leaders, translating security risk into business impact
  • Incident Support – Collaborate with SOC/IR teams in response to software supply chain or pipeline compromises

Skills

Secure SDLC
DevSecOps
Application Security
Cybersecurity Incident Response
Incident Detection
Incident Analysis
Containment
Remediation
Mentoring

Hewlett Packard Enterprise

Provides enterprise IT solutions and services

Website

About Hewlett Packard Enterprise

Hewlett Packard Enterprise provides enterprise IT solutions with a focus on cloud services, artificial intelligence, and edge computing. Their products include HPE Ezmeral for managing containers, HPE GreenLake for cloud services, and HPE Aruba for networking. These solutions help businesses improve their performance and adapt to digital changes. HPE's business model includes selling hardware, software, and services, as well as offering subscription-based services and long-term contracts. What sets HPE apart from competitors is its commitment to open-source projects and its active developer community, which supports collaboration and innovation. The company's goal is to empower organizations to transform digitally and optimize their operations.

Houston, TexasHeadquarters
1939Year Founded
IPOCompany Stage
Hardware, Enterprise Software, AI & Machine LearningIndustries
10,001+Employees

Risks

Integration challenges with Juniper Networks may delay AI-driven networking benefits.
Competition from startups like Flywheel could impact HPE's AI and cloud services.
HPE's acquisition strategy may strain resources and distract from core operations.

Differentiation

HPE's GreenLake offers a unique hybrid cloud platform for diverse IT environments.
HPE Ezmeral provides advanced container management, enhancing enterprise AI and analytics capabilities.
HPE's Aruba solutions integrate cloud security and networking for seamless, secure connectivity.

Upsides

HPE's acquisition of Juniper Networks boosts AI-driven innovation in networking.
OpsRamp acquisition enhances HPE's IT management with AI-based automation capabilities.
Axis Security integration strengthens HPE's cloud security offerings with SASE solutions.

Related Jobs

San Francisco
Remote iconRemote

Security Architect

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Head of Security Engineering

Bastion
Salary not specified
Remote
Remote iconRemote

Principal DevSecOps Engineer

Second Front Systems
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
California
Remote iconRemote

Senior Technical Program Manager, Security & Infrastructure

Collectors
Salary not specified
United States
Remote iconRemote

Senior Application Security Engineer

M&T Bank
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
San Francisco
Remote iconRemote

Security Operations Lead

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Staff Threat Intelligence Analyst

Huntress
$190,000 - $210,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Remote
Remote iconRemote

Manager, Security Engineering

GoFundMe
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)

Land your dream remote job 3x faster with AI

Try Jobo Free