Solutions
Advanced Metering Infrastructure kimbal dropdown arrow
Energy
Management Kimbal Energy Management Arrow
Smart
Solutions kimbal smart solutions arrow
Smart Grid
Automation kimbal smart grid automation arrow
Company kimbal company arrow
Resources kimbal resources arrow
Careers Kimbal Careers Arrow Contact Us Kimbal Contact Us Arrow Terms of Use Kimbal Terms of Use Arrow Privacy Policy Kimbal Privacy Policy Arrow Equal Opportunity Doc Kimbal Equal Opportunity Doc Arrow Ethics and Compliance Kimbal Ethics and Compliance Arrow

Please inbox your updated resume to workwithus@kimbal.io

You will hear from us at the earliest possible. We wish you our best! Team Kimbal

Share

Share this link via

Or copy link

hyperlink

Request for Demo

Start saving on your energy bills right now!

    Order your kit

    Start saving on your energy bills right now!

      Join the waiting list

      Be the first one to know everything about smartest ways to save on your energy bills.

        Application Security Engineer (AppSec Engineer)

        At Kimbal

        Apply

        Role Description

        We are looking for a highly skilled Application Security Engineer to strengthen the security posture of our applications and platforms. This role focuses on embedding security into the Software Development Lifecycle (SDLC), proactively identifying vulnerabilities, and partnering with engineering teams to build secure-by-design systems.

        The ideal candidate combines deep application security expertise with strong technical acumen, enabling secure coding practices, vulnerability management, and DevSecOps integration across modern, cloud-native architectures.

        Key Responsibilities

        • Integrate security practices into the SDLC and promote secure-by-design principles.
        • Perform secure code reviews and identify vulnerabilities across web, mobile, and backend applications.
        • Conduct threat modeling and risk assessments for new and existing features.
        • Implement and manage SAST, DAST, SCA, and container security scanning tools.
        • Identify, triage, and support remediation of application security vulnerabilities.
        • Partner with engineering teams to provide secure coding guidance and best practices.
        • Embed security checks into CI/CD pipelines to enable DevSecOps practices.
        • Conduct periodic security assessments and support penetration testing exercises.
        • Ensure compliance with OWASP Top 10 and other industry security standards.
        • Develop security documentation, policies, and training material for developers.
        • Monitor emerging threats and proactively strengthen application defenses.

        Current Challenges

        • Scaling application security across microservices and distributed architectures.
        • Reducing vulnerability backlog and improving remediation turnaround time.
        • Balancing development velocity with strong security governance.
        • Integrating automated security testing into fast-paced CI/CD pipelines.
        • Enhancing developer awareness and ownership of secure coding practices.

        Qualifications & Experience

        • 4–8+ years of experience in Application Security or Software Security Engineering.
        • Strong understanding of web application vulnerabilities (OWASP Top 10).
        • Hands-on experience with SAST, DAST, SCA tools (e.g., SonarQube, Checkmarx, Veracode, Burp Suite, etc.).
        • Experience in secure code reviews for languages such as Java, .NET, Python, or JavaScript.
        • Familiarity with CI/CD tools (Jenkins, GitHub Actions, Azure DevOps) and DevSecOps integration.
        • Understanding of API security, authentication protocols (OAuth, JWT), and encryption standards.
        • Experience with cloud security concepts (AWS/Azure/GCP).
        • Knowledge of container security (Docker/Kubernetes) preferred.
        • Relevant certifications such as CEH, CSSLP, GWAPT, or similar preferred.
        • Bachelor’s degree in Computer Science, Information Security, or related field.

        Why Kimbal?

        At Kimbal, security is embedded into everything we build. As an AppSec Engineer, you will work at the intersection of engineering and security — influencing architecture, strengthening developer practices, and ensuring robust protection of mission-critical systems. We value ownership, technical excellence, and proactive innovation in securing scalable platforms.

        Latest Jobs

        Senior Firmware Engineer

        Location: New Delhi About Role Embedded Software Engineer with strong experience in Embedded C, Zephyr RTOS, and Linux-based systems. The role involves developing firmware for embedded devices, building reusable SDKs and platform components, integrating with gateway systems, and supporting large-scale IoT deployments. Key Responsibilities Required Skills Good to Have

        Senior Firmware Engineer

        Location: Bengaluru About Role Embedded Software Engineer with strong experience in Embedded C, Zephyr RTOS, and Linux-based systems. The role involves developing firmware for embedded devices, building reusable SDKs and platform components, integrating with gateway systems, and supporting large-scale IoT deployments. Key Responsibilities Required Skills Good to Have

        Digital Business Partner – Engineering / PLM / R&D

        Location: Delhi About the Role  We are looking for a dynamic IT Business Partner to work closely with our Engineering team (R&D, New Product Development, Software Development, Manufacturing Engineering) and drive digital transformation initiatives.  This role will act as a strategic bridge between Engineering, IT, and external technology vendors, leading PLM implementation, SAP integration, engineering automation, and KPI […]

        Director – Enterprise Solutions (SAP)

        Location: Delhi Role Description The Director – Enterprise Solutions (SAP) will be responsible for owning and leading Kimbal’s SAP landscape across the enterprise. This role will define SAP strategy, governance, architecture, and execution to enable scalable growth, operational excellence, and data-driven decision-making across manufacturing, supply chain, projects, finance, HR, and commercial functions. The role will […]