GURUGRAM · FULLTIME
Lenskart - Product Security Engineer

Lenskart
Gurugram · onsite · Posted 16d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
About The Role We are looking for a Product Security Engineer with 35 years of hands-on experience identifying, assessing, and mitigating security risks across our products and platforms. You will work closely with engineering, DevOps, and product teams to integrate security throughout the software development lifecycle (SDLC) and safeguard our applications and infrastructure.
Key Responsibilities
- Conduct application security assessments, threat modelling, and code reviews for products and services.
- Perform static (SAST), dynamic (DAST), and software composition (SCA) analysis using modern tooling.
- Collaborate with development teams to embed security controls in CI/CD pipelines.
- Review and enhance security architecture for web, mobile, and API-based applications.
- Partner with DevOps teams to strengthen cloud security posture across AWS, GCP, and Azure.
- Investigate and respond to product security incidents and vulnerability reports.
- Support bug-bounty triage and coordinate fixes with engineering teams.
- Document and enforce secure-coding practices and security guidelines.
- Participate in design and architecture reviews to uphold security-by-design principles.
Required Skills & Experience
- 3 to 5 years of experience in Application Security or Product Security roles.
- Strong knowledge of OWASP Top 10 (Web and Mobile), API Security Top 10, and secure development practices.
- Experience in infrastructure security, both external and internal.
- Hands-on experience with tools such as Burp Suite, OWASP ZAP, Checkmarx, SonarQube, Veracode, and GitLab Security.
- Familiarity with CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) and integrating security scans.
- Knowledge of cloud security (AWS, Azure, GCP), with exposure to IAM, KMS, and network controls.
- Scripting ability in Python, Bash, or PowerShell to automate security tasks.
- Understanding of container and Kubernetes security concepts.
Good To Have
- Experience with threat-modeling frameworks (STRIDE, PASTA, and similar).
- Familiarity with Infrastructure-as-Code security validation (Terraform, CloudFormation).
- Exposure to DevSecOps practices and security orchestration.
- Certifications - CEH, OSCP, CSSLP, or AWS Security Specialty are a plus. (ref:hirist.tech)
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02
Skills
Section · Company
About Lenskart

Lenskart
Internet
17.6k+
employees
2010
16 years old
Faridabad, Haryana
India
About
Industries
Employee ratings
4,430 reviews
Culture
3.0
Career growth
2.8
Work-life
3.1
Employees rate it well for
Find them on