<
Join Our Official Channels ✔️
-->
Zoho is hiring Application Security Engineers for its Chennai location. This is an excellent opportunity for freshers and early-career professionals who want to build a strong foundation in Application Security, Threat Modeling, and Vulnerability Management while working on real-world systems.
🏢 Company Overview
Zoho Corporation is a globally recognized SaaS company known for building secure, scalable, and privacy-focused software products used by millions worldwide. Security is a core part of Zoho’s engineering culture, making this role ideal for candidates passionate about cybersecurity.
📌 Job Details
- Job Role: Application Security Engineer
- Experience Required: 0–2 Years
- Job Location: Chennai, Tamil Nadu
- Employment Type: Full-Time
🛡️ Key Responsibilities
- Conduct risk assessments and identify, document, and prioritize technical risks across applications and infrastructure.
- Translate complex security vulnerabilities into actionable business risks.
- Perform threat modeling for applications, services, and infrastructure using frameworks such as STRIDE.
- Lead threat modeling sessions with engineering teams for new features and releases.
- Manage the end-to-end vulnerability lifecycle, from discovery to remediation.
- Implement and fine-tune SAST, DAST, and IAST tools to ensure high-quality security signals without impacting development speed.
- Perform manual code reviews for critical business logic that automated tools may miss.
- Monitor, triage, and investigate security alerts from SIEMs, intrusion detection scripts, and other security tools.
- Develop automation scripts using Python, Bash, or similar languages to streamline alert handling and incident response.
- Analyze suspicious activity, validate incidents, and assist in incident response and post-incident reviews.
- Collaborate with development teams to embed security into CI/CD pipelines and ensure secure deployments.
- Clearly document findings, response actions, and security recommendations.
🧠 Required Skills & Knowledge
- Strong understanding of network protocols, Linux internals, and the MITRE ATT&CK framework.
- Solid knowledge of threat modeling methodologies such as STRIDE and attack trees.
- Hands-on experience with SAST, DAST, and IAST tools.
- Experience with application security tools like Snyk, Veracode, Checkmarx, Burp Suite, OWASP ZAP, or Contrast Security.
- Proficiency in at least one programming language for security automation or tooling.
- Familiarity with AWS, Azure, or GCP security services is an added advantage.
- Experience in log analysis, alert tuning, false-positive reduction, and intrusion detection response is a plus.
⚠️ Important Notes for Candidates
- Only shortlisted candidates will receive interview call letters.
- Candidates are advised not to attend multiple interviews with Zoho simultaneously.
- If found participating in multiple processes at the same time, the company may discontinue or withdraw the offer.
🎯 Who Should Apply?
This role is ideal for:
- Freshers or professionals with up to 2 years of experience in Security Operations or Application Security
- Candidates interested in secure coding, threat analysis, and vulnerability management
- Individuals aiming to build a long-term career in cybersecurity and application security engineering
📢 Disclaimer
This job post is shared for informational purposes only. We are not directly involved in the hiring process. Job details, eligibility criteria, and selection processes are subject to change by the company without prior notice. Always verify details on the official company careers page before applying.
