engineering
Posted Nov 3, 2025Senior Web Application Security Signature Engineer
at Qualys
Pune, IndiaOn-site
Responsibilities
- Create exploits, proof-of-concept for web application vulnerabilities
Requirements
- You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product.
- experience in web application security
- Strong JavaScript programming skills
- Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs
- Web application security scanning tools like BURP/ZAP, SQLMap, CURL *
- Experience with network analysis tools and analysis of packet captures.
- experience on Windows or Unix platforms.
- Experience with scripting languages, including Python and Bash
- Exposure to JAVA programming *
- Experience with selenium, postman scripting *
- Experience with Metasploit/Nessus exploits (especially HTTP-related ) *
- Experience with web application firewalls (WAF) rules, ModSecurity
- Exposure to WEB 2.0, XML/XPath, JSON, Swagger
- Database/SQL knowledge
- Experience in developing security-related tools/programs.
- Ability to work independently Published research
- Security certifications
Additional details
- Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
- Responsibilities In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies.
- Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry.
- Passion for web security and attention to detail *
- Experienced in the use of various scanners and open-source security tools. *