Staff Application Security Engineer

2 months ago• Pune, India

FloQast is a fast-growing SaaS company innovating how accounting teams close the books faster and more accurately. Our mission is to take manual, error-prone work out of financial close and give teams the tools they need to collaborate, automate, and scale. We're trusted by thousands of accounting teams, including some of the world’s most recognizable brands.

We are seeking a highly skilled Staff Application Security Engineer to serve as a Subject Matter Expert and expert technical contributor within our security team. This role is focused on driving the hands-on integration of the "Security by Design" philosophy across our product suite, ensuring our applications are resilient against modern threats. You will leverage deep technical expertise in software exploitation and defensive architecture to set secure standards, lead complex security projects, and mentor development teams on secure coding practices. The ideal candidate contributes significantly to technical strategy and architecture, focusing on building sustainable solutions that prevent security issues at scale.

What You’ll Do

Engineer, implement and monitor security measures for the protection of computer systems, networks, and information

Prepare, maintain and document standard operating procedures and protocols

Configure and troubleshoot security infrastructure systems

Develop and maintain technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks

Work closely with technical leads to collate, drive and deliver on a technical strategy and roadmap that encompasses product, cloud, and enterprise security

Assist with security reviews, threat modeling, code reviews

Assist with our vulnerability management efforts across functional teams (enterprise and application security) to ensure we meet our SLAs and help mitigate risks

Be an advocate for security best practices and the point of contact throughout the company

Any other tasks that may be assigned to help the company meet its goals

What You’ll Bring

8+ years of experience with auditing web applications.

3+ years using at least one high level programming language e.g. Node.js, Python, Go, Java, Ruby.

Experience utilizing web application security scanning software and penetration testing tools e.g. Burp Suite, ZAP, Nessus, Qualys, Metasploit, CANVAS, Nuclei, Cobalt Strike.

Experience and desire conducting Security training for developers and the security team.

Experience performing threat modeling and secure design review in order to assess the security implications and requirements of new systems and technologies.

Experience building or working with distributed multi-tier web server-client architectures.

Experience with cloud environments AWS or Azure.

Strong foundational understanding of network and application fundamentals and best practices; e.g. HTTP, DNS, VPN, SAML, OAuth, OpenID etc.

Strong understanding of OWASP Top 10 vulnerabilities in web applications, including XSS, SSRF, IDOR, RCE, CSRF vulnerabilities.

Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM)

Experience implementing security practices in automated CI/CD pipelines for application code, infrastructure, and/or serverless is a plus.

Strong sense of ownership, urgency and drive.

Strong ability to lead cross-team initiatives and communicate proposals and ideas concisely.

Preferred Qualifications:

Certifications: OSCP, OSWA, OSWE, or Burp Suite Certified Practitioner (BSCP).

Want more jobs like this?

Get Software Engineering jobs in Pune, India delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Programming: Strong programming skills in NodeJS, Python, and/or Go.

Cloud Fluency: Experience securing applications specifically within AWS environments (Lambda, ECS/EKS, DynamoDB security).

Compliance: Familiarity with mapping technical application controls to compliance frameworks like SOC 2, HIPAA, or PCI-DSS.

FloQast is the leading AI-powered Accounting Transformation Platform, uniquely built by former accountants for accountants. We automate complex, recurring accounting workflows—transforming preparers into strategic reviewers and relieving accountants from tedious manual work. Our cloud-based solution is trusted by over 3,500 world-class accounting teams, including Lululemon, Doordash, and the MLB, to drive collaboration and financial accuracy. Driven by a mission to continuously elevate the profession, FloQast is redefining both the practice and the perception of accounting on a global scale.

Our values act as a guiding compass, shaping every decision we make, and are non-negotiable, particularly in our hiring process. Alongside our employees, partners, and customers, we embody these values every day:

Unwaveringly Authentic

Ambitious with Integrity

Empowered to Grow

Committed to Collaboration

Customer Obsessed in All Ways

By applying for this position, you acknowledge and consent to FloQast’s collection, use, processing, and storage of your personal information and application materials in accordance with our privacy policy and applicable law, including, but not limited to, your resume, cover letter, contact information, employment history, references, and any other details or information provided during the application and interview process. Your information may be shared with hiring managers, HR personnel, and other employees involved in the hiring process, as well as authorized third-party service providers who assist with our hiring process. You have the right to access, correct or request the deletion of your personal information at any time. To exercise these rights, or for other questions related to our data practices, please contact us at recruiting@floqast.com. Your consent is voluntary, but please note that providing this consent is necessary for us to process your application and consider you for employment opportunities. For more details, please see our privacy policy at https://www.floqast.com/legal/privacy-policy.

FloQast, Inc is committed to operating fair and unbiased recruitment procedures allowing all applicants an equal opportunity for employment, free from discrimination on the basis of religion, race, sex, age, sexual orientation, disability, color, ethnic or national origin, or any other classification as may be protected by applicable law. We aim to recruit the right people for the jobs we have to offer, and to assess applications on the basis of relevant skills, education, and experience. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer and strive to provide a professional and welcoming workplace for all employees.

Client-provided location(s): Pune, India

Job ID: 2445cb58-7cfc-488b-8fb0-27f026aae8db

Employment Type: OTHER

Posted: 2026-03-31T13:03:45

Perks and Benefits

Health and Wellness
- Health Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short-Term Disability
- Long-Term Disability
- FSA
Parental Benefits
- Non-Birth Parent or Paternity Leave
- Birth Parent or Maternity Leave
Work Flexibility
- Remote Work Opportunities
Office Life and Perks
- Company Outings
- Casual Dress
- Happy Hours
- Snacks
- Some Meals Provided
Vacation and Time Off
- Leave of Absence
- Paid Holidays
- Unlimited Paid Time Off
- Paid Vacation
Financial and Retirement
- Relocation Assistance
- Performance Bonus
- Company Equity
- 401(K)
Professional Development
- Promote From Within
- Shadowing Opportunities
- Access to Online Courses
Diversity and Inclusion
- Diversity, Equity, and Inclusion Program

Want more jobs like this?

Perks and Benefits

Health and Wellness

Parental Benefits

Work Flexibility

Office Life and Perks

Vacation and Time Off

Financial and Retirement

Professional Development

Diversity and Inclusion