Application Security Lead - Remote

Posted 10 weeks ago

Software Development

Full Time

India

Vulnerability Remediation

Overview

At Aspire, we’re more than just a FinTech company—we’re the leading all-in-one financial operating system built to empower the world’s innovators and entrepreneurs. We are on a mission to reinvent business finance, empowering startups and businesses to realise their full potential.

In Short

Lead application and infrastructure security assessments, code reviews, and penetration tests to identify and mitigate security issues.
Drive the implementation of penetration testing as part of the Secure SDLC.
Work collaboratively with engineering teams to identify security gaps, propose fixes, and guide their resolution.
Lead the creation and implementation of a scalable threat modeling process, integrating it into the product lifecycle.
Evaluate and implement new security tools and technologies to enhance application security processes.
Build strong relationships with product and engineering teams to advocate for secure coding practices and vulnerability remediation.
Conduct penetration tests on cloud-based applications, infrastructure, and services (AWS, Azure, GCP) to identify security gaps.

Requirements

Degree in Computer Science or other Technical discipline.
7+ years in penetration testing and offensive security practices.
Excellent verbal and written communication skills, with the ability to clearly articulate vulnerabilities and advocate for their remediation in high-pressure environments.
Solid understanding of the Software Development Life Cycle (SDLC) and embedding security early in development.
Proven experience leading and integrating threat modeling into the SDLC.
Hands-on experience in source code reviews and threat modeling.
Strong understanding of common attack vectors, network protocols, and web application security principles.
Strong knowledge of cloud security frameworks and standards such as AWS Well-Architected Framework, MITRE ATT&CK Cloud Matrix, CSA Cloud Controls Matrix (CCM) and CIS Benchmarks.
Perform security testing on cloud-native services like AWS Lambda, API Gateway, Kubernetes (EKS/GKE/AKS), and containerized workloads.

Benefits

Uncapped flexible annual leave.
Hybrid work arrangement.
Training subsidy for your professional growth.
Wellness benefit.
Team bonding budget to foster collaboration and sense of belonging.
Flexibility to work from anywhere (for up to 90 days per annum).
Culture is Key: We always strive to cultivate a special culture that brings special talents together.

Aspire

Aspire is a financial services company focused on providing innovative expense management solutions that streamline the reimbursement process for businesses. The company emphasizes the importance of compliance and security against financial crime while ensuring a seamless onboarding experience for its clients. Aspire's product team is dedicated to enhancing bookkeeping solutions and addressing customer needs through collaboration with engineers, designers, and various stakeholders. With a commitment to data-driven decision-making and continuous improvement, Aspire aims to deliver effective financial management tools that empower businesses to maintain visibility and control over their expenses.

Share This Job!

Save This Job!

Jobs from Aspire:

People Operations Specialist

People Operations

HRIS

Employee Engagement

Data Scientist - Financial Crime Risk Mitigation

Data Analysis

Machine Learning

Python

Director of Engineering - FinCrime