| Position | Staff security engineer |
| Posted | 2025 September 15 |
| Expired | 2025 October 15 |
| Company | Ethos |
| Location | Trivandrum, Kerala | IN |
| Job Type | Full Time |
Latest Job Information from Company Ethos as position Staff security engineer. If Job Vacancy Staff security engineer in Trivandrum, Kerala matches your criteria, please send your latest application/CV directly through the latest and most updated job site Jobkos.
Every job may not be easy to apply for, because as a new candidate / prospective employee must meet several qualifications and requirements according to the criteria sought by the Company. Hopefully the career information from Ethos as the position Staff security engineer below matches your qualifications.
About the Role:We're looking for a Staff Security Engineer with deep technical expertise in application security, penetration testing, and offensive security practices. You will lead efforts to proactively identify and exploit vulnerabilities across our products and infrastructure, working alongside engineering and security teams to design robust defences and build security into everything we deploy. This is a hands-on technical role with significant influence over the security posture of the company, from code to cloud.
Duties and Responsibilities:Application SecurityPerform code reviews, threat modelling, and architecture assessments across internal and customer-facing applications. Guide engineering teams on secure design patterns, libraries, and development practices. Integrate and maintain security tooling (SAST, DAST, SCA) into CI/CD pipelines.
Collaborate with product and engineering teams to remediate identified vulnerabilities and design secure solutions.Penetration TestingConduct manual and automated penetration tests against Ethos Web Application, APIs, infrastructure, and cloud environments. Simulate attacker behaviors to assess technical weaknesses and business risks. Create detailed, developer-friendly reports with risk ratings and actionable remediation guidance.
Re-test findings and validate security fixes in collaboration with product owners. Offensive SecurityPlan and execute red team operations, simulating advanced persistent threat (APT) scenarios. Develop custom tools, scripts, and exploits to test detection and response capabilities.
Collaborate to improve detection, logging, and incident response based on attack insights. Contribute to the development of offensive security playbooks and adversary emulation plans. Other ResponsibilitiesMentor junior team members and evangelize security best practices across the company.
Participate in investigations, threat hunting, and incident response activities; build playbooks for specific incident response scenarios
Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
Support security audits, compliance efforts, and executive briefings with technical depth.Qualifications and Skills:Required:8+ years of experience in security engineering, penetration testing, or offensive security.Strong understanding of secure coding principles, web security vulnerabilities (e.g., OWASP Top 10), and remediation techniques.Proficiency in threat modeling, design reviews and security testing of various types of applications, technologies and platforms
Proficient in scripting and development (e.g., Python, Bash, Go, Java Script). Skilled in using tools such as Burp Suite, Metasploit, Nmap, Cobalt Strike, or custom tooling. Experience with AWS cloud platform and containerized environments (Docker, Kubernetes).
Strong written and verbal communication skills for technical and non-technical audiences. Preferred:Certifications like OSCP, OSWE, OSEP, GXPN, or equivalent. Experience with threat modeling methodologies (e.g., STRIDE, PASTA).
Familiarity with MITRE ATT&CK, adversary emulation, and purple teaming. Contributions to security research, open-source tools, or bug bounty platforms.
After reading and understanding the criteria and minimum qualification requirements explained in the job information Staff security engineer at the office Trivandrum, Kerala above, immediately complete the job application files such as a job application letter, CV, photocopy of diploma, transcript, and other supplements as explained above. Submit via the Next Page link below.
Next Page »