Senior Application Security Engineer

InMobi Advertising is a global technology leader helping marketers win the moments that matter. Our advertising platform reaches over 2 billion people across 150+ countries and turns real-time context into business outcomes, delivering results grounded in privacy-first principles. Trusted by 30,000+ brands and leading publishers, InMobi is where intelligence, creativity, and accountability converge. By combining lock screens, apps, TVs, and the open web with AI and machine learning, we deliver receptive attention, precise personalization, and measurable impact.

Through Glance AI, we are shaping AI Commerce, reimagining the future of e-commerce with inspiration-led discovery and shopping. Designed to seamlessly integrate into everyday consumer technology, Glance AI transforms every screen into a gateway for instant, personal, and joyful discovery.  Spanning diverse categories such as fashion, beauty, travel, accessories, home décor, pets, and beyond, Glance AI delivers deeply personalized shopping experiences. With rich first-party data and unparalleled consumer access, it harnesses InMobi’s global scale, insights, and targeting capabilities to create high impact, performance driven shopping journeys for brands worldwide.

Recognized as a Great Place to Work, and by MIT Technology Review, Fast Company’s Top 10 Innovators, and more, InMobi is a workplace where bold ideas create global impact. Backed by investors including SoftBank, Kleiner Perkins, and Sherpalo Ventures, InMobi has offices across San Mateo, New York, London, Singapore, Tokyo, Seoul, Jakarta, Bengaluru and beyond.

At InMobi Advertising, you’ll have the opportunity to shape how billions of users connect with content, commerce, and brands worldwide. To learn more, visit www.inmobi.com

What does the team do? 

Opportunity is part of the evolving cybersecurity group, which is laser-focused on setting up industry benchmarks in managing & guarding against digital risks in a “Cloud Native - DevSecOps Only” environment. It is a lean-mean-special action group where every cyber sentinel gets an opportunity to work across domains, has the independence to challenge the status quo & evolve cyber practices to the next level of maturity. Our core competencies revolve around “Product & Platform security”, “Cloud Native Risk Management” ,and “Detection & Response”. 

What will you be doing? 

• Conduct Vulnerability Assessments, Penetration Testing, and source code review.  
• Automate Technical tasks in CI/CD through the use of APIs and tools. 
• Perform application source code security reviews for APIs, middleware, frontends in Java, Python, Node.js, etc.  
• Exploit security flaws and vulnerabilities with attack simulations on multiple application platforms like Web, iOS, Android, and cloud platforms. 
• Perform SAST & DAST and improve SDLC. 
• Develop solution architecture and blueprints based on business technology and security objectives.  
• Research and maintain secure coding guidelines. 
• Perform Security Architecture and Low-Level Application Security Design review involving: Data Protection, Authentication and Authorizations, Web Application Security and Network Security. 
• Collaborate with product teams to build secure products and achieve the cybersecurity objectives of InMobi. 
• Maintain an active understanding of industry practices for secure software development and incident response. 
• Integrating and optimizing security testing tools such as Burp Suite Enterprise, MobSF, SQLMap, and other open-source solutions into CI/CD workflows enhances early vulnerability detection.  

What is expected of you? 

• Zealous to unlearn & re-learn cybersecurity practices in a “Cloud Native- DevOps Only” environment. 
• Extensive hands-on experience in application security, penetration testing, DevSecOps. 
• Extensive hands-on experience in building and managing security gating in Checkmarx or another equivalent tool. 
• Experience in manual security code review 
• Standardize & maximise automation in CI/CD pipeline. 
• Excellent skills with application security testing tools such as Burpsuite, OWASP ZAP, SQLMap, Kali, etc. 
• Experience with scripting languages such as Python, bash, PowerShell, etc. 
• Experience in building and deploying open-source security software in production and making it scalable  
• Knowledge of Kubernetes and Docker containers (Desirable) 
• Knowledge of OWASP Top 10 and SANS Top 25. 
• Red Teamer with proven skills in exploitation. 
• Strong understanding of security fundamentals and general security technologies. 
• Excellent oral and written communication skills and a good team player. 
• Bug bounties, responsible disclosure awards & Hall of Fame are strongly preferred. 
• Certifications such as GWAPT, Offensive Security Certified Professional (OSCP), OSCE, or GIAC Penetration Testing (GPEN) are strongly preferred. 

The InMobi Culture

At InMobi, culture isn’t a buzzword; it's an ethos woven by every InMobian, reflecting our diverse backgrounds and experiences.

We thrive on challenges and seize every opportunity for growth. Our core values — thinking big, being passionate, showing accountability, and taking ownership with freedom — guide us in every decision we make.

We believe in nurturing and investing in your development through continuous learning and career progression with our InMobi Live Your Potential program.

InMobi is proud to be an Equal Employment Opportunity employer and is committed to providing reasonable accommodations to qualified individuals with disabilities throughout the hiring process and in the workplace.

Visit https://www.inmobi.com/company/careers to better understand our benefits, values, and more!