Free cookie consent management tool by TermsFeed Senior Security Consultant | Antal Tech Jobs
Back to Jobs
1 Day ago

Senior Security Consultant

decor
Information Technology
Full-Time
NetSPI India

Overview

Title: Senior Security Consultant (Secure Code Review)

Location: Pune, MH


NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world-class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since 2001.


NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers (http://www.netspi.com/careers).


Join the mission as a Security Consultant (Secure Code Review). These individuals will primarily serve as a resource for delivery of client assessment services and contribute to practice development. Individuals who are passionate about findings vulnerabilities in source code and identifying secure coding best practices should consider applying.


Core Competencies:

  • This position requires an understanding of technology, enterprise security and risk management.
  • Incumbent should have experience with application security assessment and testing, as well as demonstrate competencies in problem solving, client service, written and verbal communications, and project execution. Incumbent should adhere to high standards of ethics, integrity and display professionalism.
  • Finally, incumbent should possess strong consulting skills.

Primary Duties:

  • Proven ability to identify security vulnerabilities in source code across various programming languages and frameworks including Java, .Net, JavaScript, Python, and more.
  • Experience using, configuring, and triaging findings from Static Application Security Testing (SAST) tools such as Veracode, Checkmarx or Semgrep.
  • Proven track record in delivering several assessments involving static analysis and manual code review. The consultant should excel in taint tracking across data and control flow paths from source to sink and be skilled at identifying mitigation controls that may affect a finding's exploitability.
  • Experience identifying and reviewing third-party vulnerabilities in source code using software composition analysis tools. The consultant should be adept at researching CVEs to assess exploitability factors and perform reachability analysis to determine whether a vulnerable library poses an actual risk.
  • Strong understanding of build tools (Maven, Gradle) and package managers (npm, pip), with the ability to navigate project structures and dependency configurations during review.
  • Proven ability to work effectively with developers and application stakeholders, providing clear remediation guidance and contextual explanations for identified vulnerabilities.
  • Ability to train and mentor developers on understanding, describing, and remediating vulnerabilities identified during engagements.

Minimum Qualifications:

  • Minimum of two years of hands-on secure code review experience across multiple languages and frameworks, with proficiency in analyzing source code against established secure coding guidelines.
  • Knowledge of exploiting web applications and understanding of the OWASP Top 10 issues, including ability to identify and remediate vulnerabilities in source code.
  • Bachelor’s degree in computer science/engineering or equivalent.

Preferred Qualifications:

  • Experience in detecting, analyzing, and providing recommendation guidance on security vulnerabilities in at least one of the following languages: Java, C#, PHP, Python, Perl, C/C++, SQL, JavaScript.
  • Hands-on experience conducting security focused static analysis using commercial SAST tools such as Veracode, Checkmarx, Semgrep, AppScan Source, Coverity, Fortify, or SonarQube.
  • Professional programming experience in at least one server-side programming language.
  • Ability to explain risk and business impact of security vulnerabilities in source code to variety of audience.
  • Master’s degree in computer science/ engineering or equivalent.
Share job
Similar Jobs
View All
1 Day ago
Net Web Developer
Information Technology
  • 50000 - 50000 INR - Monthly
Must be an expert/advanced developer in .net UI (C# is a must and VB.Net desirable) and corewith a minimum 4 years’ experience in developing thick clients using .net stack, WPF, Winforms do deliver complex UI (complex grids, pivots, components, nav...
decor
1 Day ago
Sr. Software Engineer - Java+AWS
Information Technology
Date: Jul 6, 2026 Job Requisition Id: 65330 Location: Pune, IN Pune, MH, IN #job-location.job-location-inline { display: inline; } .buttontext47d030a40eb4ac5c a{ border: 1px solid transparent; } .buttontext47d030a40eb4ac5c a: focus{ border: 1px das...
decor
1 Day ago
Senior Software Engineer - C#, .Net or Azure
Information Technology
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data an...
decor
1 Day ago
Cloud & Infrastructure Platform Engineer
Information Technology
We are seeking an infrastructure-focused technical professional to help shape and support the environments that power engineering analytics, remote monitoring and diagnostic systems, and data-driven decision making across our power plant equipm...
decor
1 Day ago
Senior Staff AI Engineer
Information Technology
As a Senior Staff AI Engineer, you’ll lead enterprise full stack and AI platform development at scale for multiple initiatives across the company. You’ll design and ship microservices and REST APIs, build RAG and multimodal LLM features, and se...
decor
1 Day ago
Wireless QA Engineer (WiFi 6 / WiFi 7 Testing)
Information Technology
SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company, ensuring our partners and their customers are never alone in the fight against cybercrime. With the ability to build, s...
decor
1 Day ago
AI Full Stack Developer
Information Technology
Role-AI Fullstack EngineerExperience-7+years onlyLocation HyderabadSkillsReact,Node,Aws,Typescript,Graphql,LLM,AI, AI ToolsWork Location: In person...
decor
1 Day ago
Staff Software Engineer II - Java, Microservices & Springboot
Information Technology
Scope: Core responsibilities to include Architecting and designing (along with counterparts and distinguished Architects) a ground up cloud native (we use Azure) SaaS product in Order management and micro-fulfillment. The team currently comprises of ...
decor

Talk to us

Feel free to call, email, or hit us up on our social media accounts.
Social media