Security Engineer

Role Summary: As an Application Security Engineer at JioStar, you will play a critical role in safeguarding our products and user data. You’ll work at the intersection of engineering and security—integrating best practices across the development lifecycle, identifying vulnerabilities in web and mobile platforms, and proactively addressing risks from design to deployment. This role is ideal for someone who is passionate about secure coding, threat modeling, and driving a security-first mindset across teams. You will have the opportunity to work on cutting-edge technologies, influence product decisions, and continuously evolve JioStar’s security posture in a fast-paced, high-impact environment. Perched firmly at the nucleus of spellbinding content and innovative technology, JioStar is a leading global media & entertainment company that is reimagining the way audiences consume entertainment and sports. Its television network and streaming service together reach more than 750 million viewers every week, igniting the dreams and aspirations of hundreds of million people across geographies.
 
 JioStar is an equal opportunity employer. The company values diversity and its mission is to create a workplace where everyone can bring their authentic selves to work. The company ensures that the work environment is free from any discrimination against persons with disabilities, gender, gender identity and any other characteristics or status that is legally protected

Key Responsibilities
Perform security testing of web, Android, and iOS applications to identify and mitigate vulnerabilities
Collaborate closely with product and engineering teams from feature design through implementation, integrating secure SDLC practices
Develop creative and practical attack scenarios to uncover potential threats
Define the threat landscape from product ideation to architecture and implementation, ensuring security is embedded throughout
Proactively identify platform-wide vulnerabilities and provide actionable remediation guidance
Take ownership of tasks and deliver them within defined timelines with minimal supervision
Continuously learn and build expertise across multiple security domains, including cloud, application, and operating system security
Stay up to date with evolving technologies, platforms, and frameworks, and adapt security approaches accordingly
Drive innovation to accelerate vulnerability detection and integrate security early in the development lifecycle
Champion a security-first culture across JioStar by influencing engineering practices and decision-making
Identify key problem areas and implement solutions that significantly strengthen JioStar’s overall security posture
Skills & Attributes for success:
In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10
Experience in doing security assessments on web applications, Android and iOS mobile applications in microservice architecture
Experience in using the security tools to carry out the manual as well as automated security assessments
Experience working with common product flows like payment gateway integration, authentication etc.
Knowledge of how applications get built which may help in multiple scenarios to break the very things.
Knowledge and understanding of Python, Java, PHP, C, C++, SQL, Javascript, Ruby, NodeJS, Go etc. is a huge plus
Passion for security, and a practical and balanced approach to security issues
Ability to visualize the root cause of the behavior of the applications or systems setup
Curiosity in knowing how things work in different conditions
Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams
Contributions to the security community is a huge plus
Lazy, so that could make machines work for him/her [automation]