12 Acunetix Jobs

The role of the Sr. DevOps Engineer is tomanage a dynamic DevOps environment backed by Azure Cloud infrastructure andservices, supporting a robust CI/CD ecosystem powered by Azure DevOps (ADO).You will be part of a large technical team responsible for maintaining andimproving CI/CD pipelines, release orchestration, and infrastructure automationacross multiple projects. Whatyou will do: Support CI/CD pipelines and manage release deployments, including production rollouts across multiple projects. Build and maintain automated pipelines in Azure DevOps for code integration, testing, and deployment. Implement Infrastructure as Code (IaC) using Terraform and ARM/Bicep templates for provisioning Azure services. Schedule and monitor regular static and dynamic security scans as part of the SDLC. Automate and standardize release processes using GitOps methodologies and best practices. Provide technical support, troubleshooting, and continuous improvements for internal DevOps users and stakeholders. Whoyou are: Education& Experience: Bachelors or masters degree in computer science, Information Technology, or a related field. 5 8 years Azure DevOps. TechnicalSkills: RequiredSkills: 5+ years of experience in DevOps engineering and CI/CD implementation. Primary Skills: DevOps, CI/CD pipelines, automation, release engineering. CI/CD Tools: Azure DevOps (ADO) Repos, Pipelines, Artifacts, Boards; Git, Bitbucket, SVN, Artifactory (JFrog). Issue Tracking & Reporting: Azure Boards, Jira, or any similar ticketing systems. Security Scanning (Mandatory): Acunetix, Veracode. Security Scanning (Preferred): SonarQube, MEND (WhiteSource), Fortify. Desired Skills: Containerization: Docker, Podman. Azure services: AKS (Azure Kubernetes Service), App Services, Azure Functions, Load Balancer, Blob Storage, Azure Container Registry (ACR), Azure Key Vault, Azure API Management, Azure Monitor, Application Gateway, Azure DNS, Event Grid. Kubernetes, Ansible, Terraform. Cloud/DevOps certifications (Azure preferred). Database knowledge: Oracle DB, MySQL. Middleware: WebSphere, WebLogic, JBoss. Build Tools: Maven, Ant, Gradle. Scripting & Automation: Shell/Bash, PowerShell, Python, Jenkins Shared Library, YAML, JSON, XML. Utilities/Tools: Postman, Microsoft Graph API, VS Code, VI/VIM/Text Editors. Operating Systems: Linux, Windows. Functional/Operational Knowledge: REST/SOAP/GraphQL APIs, Regular expressions, data parsing, reporting, disk/memory management, documentation. SoftSkills: English Language proficiency is required to effectively communicate in a professional environment. Excellent communication skills are a must. Strong problem-solving skills and a creative mindset to bring fresh ideas to the table. Should demonstrate confidence and self-assurance in their skills and expertise enabling them to contribute to team success and engage with colleagues and clients in a positive, assured manner. Should be accountable and responsible for deliverables and outcomes. Should demonstrate ownership of tasks, meet deadlines, and ensure high-quality results. Demonstrates strong collaboration skills by working effectively with cross-functional teams, sharing insights, and contributing to shared goals and solutions. Continuously explore emerging trends, technologies, and industry best practices to drive innovation and maintain a competitive edge.

Job Description -: Experience of 4+ years • Hands-on experience of conducting security assessments of Web Applications, Mobile Applications, Web Services/APIs, Thick-clients. • Experience in tools such as burpsuite, nessus, nmap, acunetix, metasploit, checkmarx, etc. • Experience with Open Web Application Security Project (OWASP),SANS, Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. • Ability to explain technical vulnerabilities to both technical and non technical audience highlighting business risk. • Knowledge of at least one cloud technology (AWS, Azure,GCP) is desirable, preferrably AWS and Azure. • Good understanding of coding best practices and standards. • Good knowledge of at least one of the following programming/scripting languages viz. python, ruby, C#, powershell, C/C++, Java • Good communication skills. • Critical thinking and good problem-solving abilities. • Organized in planning and time management skills are preferred. • Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable. Roles & Responsibilities -: Conduct vulnerability assessment and penetration testing for application, and other infrastructure Conduct application security assessment of web applications, mobile applications, thick-client application and API. Conduct configuration reviews for Operating System, Database, Middleware, Firewall, Routers, Switches and other infrastructure. Conduct red-team assessments Conduct cloud security assessments Conduct source-code review using automated and manual approaches Ensure timely execution of projects, delivery of status updates and final reports. Stay abreast of the latest updates in technology, security trends, vulnerabilities, exploit techniques and security news. Proficient in Ms-Excel and Powerpoint.

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

Position 1: Consultant - MAST Vanguard Requirements: Mandatory technical & functional skills •Strong knowledge on manual secure code review against common programming languages (Java, C#) •Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. •Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs •Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. •Preferred one year of experience in development of web applications and/or APIs. •should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. •One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following a plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

*ONLY IMMEDIATE JOINERS PREFERRED* Job Title: Consultant - MAST Vanguard Experience: 4-7 Years Location: Bangalore (WFO 5 days) Work timings 12PM to 9PM Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages ( Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and leading remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Job Title: Security Tester/Security Test Engineer Location: Chennai/Hyderabad Mode: Hybrid Notice Period: Immediate/Currently Serving 6+ years of experience only (relevancy) Role Summary: This job is responsible for assisting in application security testing, including source code review, automating application security testing process and developing application security solutions to influence organizational efficiency and security. Assists in evaluating security risk assessments and presenting security information to workforce and management. Serves as a resource to the workforce regarding security-based questions and problems. ESSENTIAL RESPONSIBILITIES SAST & DAST Level 1 scan SAST & DAST Level 2 scans after getting approval/certification. Triaging of scan findings Document identified vulnerabilities from scans and review with application teams. Participate in peer reviews. Assist with API Security testing. Pull and complete non-testing related stories from the team backlog (Update documentation, complete research, POCs, process improvement items, documentation of automation components etc...) Collecting security requirements. Educational Qualification Any Degree Must Have 7 - 10 years of experience in Application Security testing Proficiency with Web application and API security testing process. Deep knowledge of Web technologies (i.e How web application works, Authentication, Authorization, HTTP Response & HTTP Request). Thorough understanding of SAST & DAST process. Experience in Burp suite/Acunetix/ Sonarqube or any other security testing tools. Proficiency in Vulnerability reporting process and Remediation process. Ability to handle meetings with Development team to share and explain about vulnerabilities and its remediations. Good to Have: Development experience using Java technologies. Knowledge of GIT, Eclipse, and experience in working with Agile methodology. Good written and verbal communication along with logical thinking and problem-solving abilities Ability to learn new things quickly. Always keen to learn about latest security risk. Any Certifications - Added Advantage

Dear Candidate, We are hiring a Penetration Tester to simulate attacks and discover security vulnerabilities in critical systems. Perfect for professionals skilled in offensive security techniques. Key Responsibilities: Conduct penetration tests on web, mobile, and network systems Document vulnerabilities and remediation recommendations Develop exploits and custom testing tools Collaborate with developers to address findings Required Skills & Qualifications: Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap) Strong understanding of application and network security Experience writing exploit scripts (Python, Bash) Bonus: OSCP, OSWE, or CEH certification Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Dear Candidate, We are hiring an Application Security Developer to integrate security into software development. Ideal for developers who understand both coding and security risks. Key Responsibilities: Perform secure code reviews and static analysis Implement security features in web and mobile applications Collaborate with DevOps to automate security in CI/CD Conduct developer training on secure coding Required Skills & Qualifications: Experience with static/dynamic analysis tools (SonarQube, Checkmarx) Knowledge of web security standards (OWASP, CWE) Strong programming skills (Java, Python, JavaScript) Bonus: Familiarity with DevSecOps practices Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Senior information security engineer Job Name: Senior information security engineer Job Role: Sr. IT Security Engineer Industry:IT, Software, Bpo Job Location:Udaipur (Rajasthan) Experience:5- 10 yearSkills:Team Handling, information security controls, VPN, Cloud Server Salary:Best in the Industry Education:BCA, MCA, B.tech(CS/IT) Job Summary: Looking for Sr.information security engineer. Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time. About The Role :: Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time.To develop and maintain the information security policy and accompanying standards, procedures, and guidance. Research and stay informed of potential information security threats, breaches, industry trends, emerging technologies, and response alternatives. Conduct research and provide insight to identify, assess, and deploy security technology solutions and partners including but not limited to encryption, firewalls, authorization, authentication, intrusion detection, and gateway security controls. To develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed. Engage in regular assessment of the current IT security environment to identify cybersecurity gaps in systems, processes and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage and deploy devices including firewalls, IPS and IDS to improve our ability to prevent and detect intrusions in real-time. Monitor and proactively recommend solutions for correcting issues related to security technology performance and capabilities of vendors. Collaborate on critical technology projects to ensure that security issues are addressed throughout the project life cycle. Develop and implement recommendations for security technology solutions, which may include technology for encryption, firewalls, authorization, authentication, intrusion, detection, and gateway security controls. Work in an advisory role in application development or acquisition projects to assess security requirements and implement controls as planned. Perform day- to- day security log review and analysis in adherence to company requirements and industry security best practices. Do static scanning (code, open-source libraries) and dynamic scanning. The log reviews include:operating systems, databases, applications, networks and security applications. Work with auditors to demonstrate processes and ensure appropriate levels of access are applied throughout the information lifecycle. Lead the design, development, and delivery of security training programs. 24x7 on-call availability as required. Knowledge of trends and developments in technology relating to security and risk management. Strong understanding of information security controls, risks and threats. Strong knowledge of enterprise security technologies, e.g., Virtual Private Network (VPN), Encryption, Firewalls, Intrusion Detection/ Prevention, and Anti- Virus. Working knowledge of Linux, Windows,Cloud Server, and other enterprise- wide applications. Knowledge of information security standards (ISO, SOC), data privacy laws, computer crime laws, and federal data protection laws, etc. Knowledge of vulnerability analysis tools, OWASP Zap, Veracode, Qualys, Sonarqube, Acunetix, Burp Suite, etc. Knowledge of information security audit and assessment methodologies, policies, standards, procedures and best practices. Ability to conduct risk management assessments; provide assistance in identification, prioritization and remediation of information systems vulnerabilities. Strong technical depth and passion for security. Experience working with 3rd party vendors and service providers.

Mandatory Skill Must Have : - Network Vulnerability Assessment + Testing Job Detail : - Job Description: VAPT Engineer Position: Security Analyst (U2) Employment Type: [Full Time] Experience: [2 5 years] Job Summary : We are seeking a skilled VAPT Engineer to identify, assess, and mitigate security vulnerabilities in our applications, networks, and IT infrastructure. The ideal candidate will be proficient in conducting manual and automated testing to uncover weaknesses, providing actionable recommendations for remediation, and ensuring the security of our systems against emerging threats. Key Responsibilities: Perform vulnerability assessments and penetration tests on networks, web applications, APIs, mobile applications, and cloud environments. Container Security on Cloud and On Prem Containers Use both automated tools (e.g., Nessus, Burp Suite, Metasploit, Qualys, Acunetix) and manual techniques to identify security vulnerabilities and exploit them in a controlled manner. Develop detailed technical reports on findings, including the severity of vulnerabilities and actionable mitigation strategies. Collaborate with development and IT teams to remediate identified vulnerabilities and enhance security configurations. Conduct post remediation testing to ensure vulnerabilities have been addressed effectively. Stay updated on emerging vulnerabilities, threats, and attack vectors to continuously refine testing methodologies. Coordinating with relevant stake holders/ Application owners for timely closure of vulnerabilities. Ensure compliance with applicable security standards and frameworks (e.g., OWASP Top 10, SANS 25, ISO 27001, PCI DSS). Contribute to the creation and enhancement of security policies and best practices. Required Qualifications: Bachelor degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). 2-5 years of hands on experience in Vulnerability Assessment and Penetration Testing. Strong knowledge of OWASP Top 10, SANS 25, and common security vulnerabilities and exploits. Proficiency in using penetration testing tools such as Nessus, Burp Suite, Metasploit, Qualys, Acunetix, and others. Familiarity with manual testing techniques, scripting, and basic programming skills (Python, Bash, or PowerShell). Solid understanding of network protocols, operating systems, and security concepts. Strong analytical and problem solving skills, with the ability to explain technical findings to non technical stakeholders. Preferred Certifications: Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) CompTIA PenTest+ Experience Range : - 2-5 Years

Employment Type: [Full Time] Job Summary: We are seeking a skilled VAPT Engineer to identify, assess, and mitigate security vulnerabilities in our applications, networks, and IT infrastructure. The ideal candidate will be proficient in conducting manual and automated testing to uncover weaknesses, providing actionable recommendations for remediation, and ensuring the security of our systems against emerging threats. Key Responsibilities: Perform vulnerability assessments and penetration tests on networks, web applications, APIs, mobile applications, and cloud environments. Container Security on Cloud and On Prem Containers Use both automated tools (e.g., Nessus, Burp Suite, Metasploit, Qualys, Acunetix) and manual techniques to identify security vulnerabilities and exploit them in a controlled manner. Develop detailed technical reports on findings, including the severity of vulnerabilities and actionable mitigation strategies. Collaborate with development and IT teams to remediate identified vulnerabilities and enhance security configurations. Conduct post remediation testing to ensure vulnerabilities have been addressed effectively. Stay updated on emerging vulnerabilities, threats, and attack vectors to continuously refine testing methodologies. Coordinating with relevant stake holders/ Application owners for timely closure of vulnerabilities. Ensure compliance with applicable security standards and frameworks (e.g., OWASP Top 10, SANS 25, ISO 27001, PCI DSS). Contribute to the creation and enhancement of security policies and best practices. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). 2 5 years of hands on experience in Vulnerability Assessment and Penetration Testing. Strong knowledge of OWASP Top 10, SANS 25, and common security vulnerabilities and exploits. Proficiency in using penetration testing tools such as Nessus, Burp Suite, Metasploit, Qualys, Acunetix, and others. Familiarity with manual testing techniques, scripting, and basic programming skills (Python, Bash, or PowerShell). Solid understanding of network protocols, operating systems, and security concepts. Strong analytical and problem solving skills, with the ability to explain technical findings to non technical stakeholders. Preferred Certifications: Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) CompTIA PenTest+