Zoho
Zoho

Zoho Recruitment 2026: Application Security Engineer | Chennai (0-2 Yrs)

onsite
Chennai
Posted 2/28/2026
Exp: 0-2y

Job Overview

Role: Application Security Engineer Location: Chennai, Tamil Nadu Experience: 0 – 2 Years (Freshers Eligible) Qualification: B.E / B.Tech / M.E / M.Tech (CS/IT/Security) Key Skills: Burp Suite, SAST/DAST, Threat Modeling, Python, Linux Internals

Job Description

For the Zoho Recruitment 2026 drive, the team is looking for an Application Security Engineer to secure the software and infrastructure lifecycle. You will identify technical risks, perform threat modeling using frameworks like STRIDE, and manage vulnerabilities. The role involves a mix of automated testing (SAST/DAST) and manual code reviews. You will also develop custom scripts in Python or Bash to automate alert handling and incident response, collaborating closely with development teams to embed security into CI/CD pipelines.

Roles and Responsibilities

  • Threat Modeling: Leading sessions using frameworks like STRIDE to identify attack vectors in applications and infrastructure.
  • Vulnerability Management: Managing the end-to-end lifecycle of vulnerabilities and prioritizing technical risks.
  • Security Testing: Implementing and tuning SAST, DAST, and IAST tools to ensure high-quality security signals.
  • Code Review: Performing manual code reviews for critical business logic that automated tools might miss.
  • Incident Response: Monitoring and investigating security alerts from SIEMs; analyzing suspicious activity and validating incidents.
  • Automation: Developing custom scripts (Python, Bash) to automate repetitive alert handling.
  • Collaboration: Working with developers to remediate findings and verify code before deployment.

Skills and Eligibility Criteria

Experience: 0–2 years in Security Operations or Application Security (Freshers with strong skills are welcome).

Mandatory Technical Skills:

  • Strong understanding of Network Protocols, Linux Internals, and the MITRE ATT&CK framework.
  • Hands-on experience with AppSec tools like Burp Suite, ZAP, Checkmarx, or Snyk.
  • Proficiency in at least one major language (e.g., Python) for building security tools.
  • Solid understanding of Threat Modeling methodologies (STRIDE, Attack Trees).

Competencies:

  • Familiarity with Cloud Security (AWS, Azure, GCP).
  • Experience with Infrastructure as Code (IaC) and log analysis.
Apply Now

About the Company

Zoho Corporation is a leading Indian multinational technology company that specializes in software development, cloud computing, and web-based business tools. Known for its unique culture and deep focus on R&D, Zoho offers a challenging environment where security is paramount to protecting millions of users worldwide.