1249 Application Security Jobs - Page 2

As a Cybersecurity Penetration Tester at our organization in Hyderabad, you will play a key role in supporting our security initiatives on an On-Demand or Hourly Basis. Your primary responsibility will be to conduct penetration testing on web applications, networks, and infrastructure to identify security vulnerabilities. Utilizing tools like Metasploit, Burp Suite, and other industry-standard tools, you will assess and improve our systems" security posture. Your findings will be documented, and security risks will be reported with clear remediation strategies to ensure effective resolution. Collaboration with internal teams is essential to address identified vulnerabilities efficiently. You will also be required to perform security audits and provide actionable insights to enhance security controls across the organization. Proficiency in utilizing Wiz, a Vulnerability Management Tool, for identifying and managing security risks will be preferred. To excel in this role, you should have proven experience as a Penetration Tester or Security Analyst with a strong background in vulnerability assessment. Proficiency in penetration testing tools such as Metasploit, Burp Suite, and knowledge of Wiz or similar vulnerability management tools will be beneficial. A solid understanding of network security, application security, and system hardening is required. Excellent analytical, problem-solving, and communication skills are essential for effective collaboration with internal teams. Your ability to work independently and deliver high-quality results within deadlines will be crucial for success in this role.,

This position in the Managed Services organization involves supporting customers, applications, systems, and vendors in security operations, administration, and general maintenance. You will play a crucial role in CBTS's compliance strategy and objectives by performing various technical and functional tasks to mitigate physical and cyber risks, safeguarding customer information, systems, products, facilities, and assets. Your responsibilities will include operationalizing compliance policies, conducting day-to-day security operations, administering security applications and infrastructures, reviewing access to systems, applications, and facilities, performing vulnerability scans, patching and reporting on in-scope environments, providing vendor support, conducting maintenance activities, participating in incident/event response, assisting with documentation and policy creation, and collaborating with technology team leadership. Additionally, you will be expected to design innovative solutions using technologies and processes to mitigate risks to information, systems, products, facilities, and assets. Identifying and mitigating potential security risks, facilitating compliance with external regulatory requirements related to security, contributing to the development of policies and standards that mitigate risks, and ensuring the organization's adherence to these policies and standards will also be part of your role. The ideal candidate should have 4-6 years of experience, possess technical knowledge in security and compliance, including experience with network, compute, and/or application security technologies, a strong understanding of the OSI model, excellent communication and presentation skills, curiosity, motivation, creativity, effective planning and organizational skills, self-motivation, and initiative. This is a rotational shift role based in Chennai, and candidates who can join on short notice or immediately are preferred. Geetha Jeyabalan Senior Technical Recruiter geetha.jeyabalan@cbts.com,

As a SAP IAG/BTP Security Expert for SaaS solutions at Truviq Systems, you will be responsible for various aspects of cybersecurity, application security, network security, information security, and security operations. This full-time remote role based in Hyderabad requires a strong background in Cybersecurity and Information Security, along with proficiency in Application Security and Network Security. Your key responsibilities will include implementing SAP IAG Bridge Mode for integration with on-premise and cloud systems, onboarding target cloud systems in IPS proxy, enabling authentication and access management capabilities for IAG applications, configuring parameters for Cloud Integration, enabling Access Analysis Service, setting up required synchronization jobs (including access risk definitions and mitigating controls), as well as conducting user onboarding and training. If you possess the necessary skills and experience in the aforementioned areas, we encourage you to apply for this position and be a part of Truviq Systems" mission to help businesses digitally transform with our BPM and Pega Consulting Services. Join us in making Your Vision a reality with Our Tech. #WedoIT.,

You will be based in our Bengaluru or Gurugram office as part of our Growth, Marketing & Sales team. You will be aligned primarily with Periscopes technology team. Periscope By McKinsey enables better commercial decisions by uncovering actionable insights. The Periscope platform combines world-leading intellectual property, prescriptive analytics, and cloud-based tools to provide more than 25 solutions focused on insights and marketing, with expert support and training. It is a unique combination that drives revenue growth both now and in the future. Customer experience, performance, pricing, category, and sales optimization are powered by the Periscope platform. Periscope has a presence in 26 locations across 16 countries with a team of 1000+ business and IT professionals and a network of 300+ experts. To learn more about how Periscopes solutions and experts are helping businesses continually drive better performance, visit http://www.periscope-solutions.com. You will be a core member of Periscopes technology team with responsibilities that range from developing and implementing our core enterprise products to ensuring that McKinseys craft stays on the leading edge of technology. In this role, you will be involved in leading software development projects in a hands-on manner. You will spend about 70% of your time writing and reviewing code and creating software designs. Your expertise will expand into database design, core middle-tier modules, performance tuning, cloud technologies, DevOps, and continuous delivery domains over time. You will be an active learner, tinkering with new open-source libraries, using unfamiliar technologies without supervision, and learning frameworks and approaches. You will have a strong understanding of key agile engineering practices to guide teams on improvement opportunities in their engineering practices. You will provide ongoing coaching and mentoring to the developers to improve our organizational capability. Your Impact A degree in Computer Science or a related field (or equivalent practical experience) is beneficial. 5+ years of professional experience building complex backend systems, including at least 3 years with Golang. Strong knowledge of PostgreSQL and experience tuning queries and managing larger datasets. Hands-on experience with Elasticsearch. Skilled in designing and building RESTful APIs, solid understanding of protocols, and unit tests. Solid background in CI/CD best practices and knowledge of Jenkins, Gitlab, Docker, Sonarqube. In addition to backend skills, familiarity with frontend development in React and experience with AG Grid is a plus. Proficient in modern engineering practices including code refactoring, application of design patterns, design-driven development, continuous integration, scalability of applications, and application security. Familiar with the agile software development methodology and proficient with performance optimization and application profiler tools. Experience with using GenAI coding assistants (e.g., GitHub Copilot, Claude Code, or similar) to enhance productivity and code quality is beneficial. Excellent analytical and problem-solving skills, with a proven track record of developing innovative and efficient solutions. Capable of working effectively under pressure and managing client expectations.,

Technology @Dream11: Technology is at the core of everything we do. Our technology team helps us deliver a mobile-first experience across platforms (Android & iOS) while managing over 700 million rpm (requests per minute) at peak with a user concurrency of over 16.5 million. At Dream11, we have over 190+ micro-services written in Java and backed by a Vert.x framework. These work with isolated product features with discrete architectures to cater to the respective use cases. We work with terabytes of data, the infrastructure for which is built on top of Kafka, Redshift, Spark, Druid, etc. and it powers a number of use cases like Machine Learning and Predictive Analytics. Our tech stack is hosted on AWS, with distributed systems like Cassandra, Aerospike, Akka, Voltdb, Ignite, etc. We don t just create for the users of today, but are driven to innovate for the sports fans of tomorrow. If you like to build with clean, resilient, and scalable code, this is the place for you. Check out some of our recent developments, all built with the same philosophy in mind. Your Role: Embed security across the SDLC by working closely with development, DevOps, and product teams. Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps. Conduct manual and automated vulnerability testing, including penetration tests. Promote secure coding and threat modeling through training and best practice guidance. Build and automate security tools/workflows, ideally using GenAI. Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations Qualifiers: 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews. Participation in bug bounty programs, CTFs, or open-source security projects. Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies. Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails. Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows. About Dream Sports: Dream Sports is India s leading sports technology company with 280 million+ users, housing brands such as Dream11 , the world s largest fantasy sports platform, FanCode , a premier sports content & commerce platform and DreamSetGo , a sports experiences platform. Dream Sports is based in Mumbai and has a workforce of close to 1,000 Sportans . Founded in 2008 by Harsh Jain and Bhavit Sheth, Dream Sports vision is to Make Sports Better for fans through the confluence of sports and technology. Dream11 is the world s largest fantasy sports platform with 260 million+ users playing fantasy cricket, football, kabaddi, basketball, hockey, volleyball, handball, rugby, futsal, American football & baseball, on it. Dream11 is the flagship brand of Dream Sports, India s leading Sports Technology company and has partnerships with several national & international sports bodies and cricketers. Checked out Dream Locker Room yetHead over to our official blog to get a glimpse into our culture, and how we Make Sports Better , together.

Are you ready to make an impact at DTCC Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional developmentAt DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. Pay and Benefits: Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance and well-being benefits, based on location Pension / Retirement benefits Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact you will have in this role: Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture. Your Primary Responsibilities: Set up, customize, and maintain SAST tools (e.g., SonarQube, Fortify, Checkmarx, Veracode) to align with project-specific requirements. Perform manual and automated code reviews to identify and advise on secure coding issues. Integrate SAST tools into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.) to support shift-left security. Work with development teams to fine-tune SAST rules, reduce false positives, and ensure meaningful results. Assist developers in understanding and fixing security issues by providing actionable feedback. Implement basic security checks for Infrastructure as Code (IaC) and secrets detection in repositories. Collaborate with DevOps teams to ensure security tooling is seamlessly embedded into build and deployment workflows. Qualifications: Minimum of 4 years of related experience Bachelors degree preferred or equivalent experience Talents Needed for Success: Fosters a culture where honesty and transparency are expected. Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date. Collaborates well within and across teams. Communicates openly with team members and others. Resolves disagreements between colleagues effectively, minimizing the impact on the wider team. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. Please contact us to request accommodation .

Technology @Dream11: Technology is at the core of everything we do. Our technology team helps us deliver a mobile-first experience across platforms (Android & iOS) while managing over 700 million rpm (requests per minute) at peak with a user concurrency of over 16.5 million. At Dream11, we have over 190+ micro-services written in Java and backed by a Vert.x framework. These work with isolated product features with discrete architectures to cater to the respective use cases. We work with terabytes of data, the infrastructure for which is built on top of Kafka, Redshift, Spark, Druid, etc. and it powers a number of use cases like Machine Learning and Predictive Analytics. Our tech stack is hosted on AWS, with distributed systems like Cassandra, Aerospike, Akka, Voltdb, Ignite, etc. We don t just create for the users of today, but are driven to innovate for the sports fans of tomorrow. If you like to build with clean, resilient, and scalable code, this is the place for you. Check out some of our recent developments, all built with the same philosophy in mind. Your Role: Embed security across the SDLC by working closely with development, DevOps, and product teams. Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps. Conduct manual and automated vulnerability testing, including penetration tests. Promote secure coding and threat modeling through training and best practice guidance. Build and automate security tools/workflows, ideally using GenAI. Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations Qualifiers: 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews. Participation in bug bounty programs, CTFs, or open-source security projects. Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies. Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails. Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows. About Dream Sports: Dream Sports is India s leading sports technology company with 280 million+ users, housing brands such as Dream11 , the world s largest fantasy sports platform, FanCode , a premier sports content & commerce platform and DreamSetGo , a sports experiences platform. Dream Sports is based in Mumbai and has a workforce of close to 1,000 Sportans . Founded in 2008 by Harsh Jain and Bhavit Sheth, Dream Sports vision is to Make Sports Better for fans through the confluence of sports and technology. Dream11 is the world s largest fantasy sports platform with 260 million+ users playing fantasy cricket, football, kabaddi, basketball, hockey, volleyball, handball, rugby, futsal, American football & baseball, on it. Dream11 is the flagship brand of Dream Sports, India s leading Sports Technology company and has partnerships with several national & international sports bodies and cricketers. Checked out Dream Locker Room yetHead over to our official blog to get a glimpse into our culture, and how we Make Sports Better , together.

OPENTEXT - THE INFORMATION COMPANY OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. AI-First. Future-Driven. Human-Centered. At OpenText, AI is at the heart of everything we do powering innovation, transforming work, and empowering digital knowledge workers. Were hiring talent that AI cant replace to help us shape the future of information management. Join us. OPENTEXT OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. Your Impact As part of the Product Security team, you must have a strong understanding of information security processes across product development lifecycle including secure coding principle, static code / dynamic scanning, application penetration testing, container security, cloud security, supply chain security and threat modelling the applications. You should be familiar with the industry best practices for information security policies and product security. standards. You will have the opportunity to collaborate with the product stakeholders such as product development, cloud operation, system architects, security champions, Global Information Security on the Product security process and customer escalations/support What The Role Offers Please review the below write up and highlight for any corrects Strategic Planning Align application security initiatives with business goals; refine Product Security processes and tools. Technical Leadership Stay updated on the latest trends and advancements in application security and apply them to continually improve the organization s security program. Recommend mitigations for vulnerabilities; manage third-party and open-source software risk. Architecture and Design Review application designs for security best practices. Design, enhance, and advocate for the threat modelling process. Conduct threat modelling and advise product teams on implementing appropriate security controls. Security Reviews Conduct security assessments throughout the development lifecycle. Collaborate with development teams to remediate security vulnerabilities. Code Review and Analysis Conduct code reviews and implement automated code analysis tools. Secure Development Practices Enforce secure coding practices, train developers in secure coding. Incident Response/Customer Escalations Lead incident response efforts related to application security incidents. Work with cross-functional teams to investigate and remediate security breaches. Policy and Standards Develop and enforce application security policies; ensure compliance with industry standards. Security Testing Oversee the implementation of security testing methodologies Conduct Penetration Testing activity for applications/systems Security Awareness Promote security awareness across engineering; conduct training for development teams on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Collaboration Collaborate with cross-functional teams, including development, operations, GIS, etc., to integrate security into all aspects of the software development lifecycle and improve security maturity. Documentation and Reporting Maintain comprehensive documentation of security processes/policies; produce maturity status reports for senior management. Generate reports and conduct peer reviews. Research and Innovation Stay informed on emerging threats and vulnerabilities, and proactively implement innovative security solutions. Vendor and Tool Evaluation Evaluate and recommend security tools/technologies; Manage vendor relationships What You Need To Succeed 5 - 8 years of experience with the relevant technologies Bachelor s degree in engineering, computer science or equivalent is preferred Industry standard best practices on application security controls, requirements, features, and specifications Application security issues, weaknesses, vulnerabilities, threats, risks, and impacts of exploitation Familiarity with Security Standards and groups (OWASP, PCI, SANS, OSSTMM etc.) Strong vulnerability assessment experience of web, mobile and thick client applications, RESTful & JSON APIs, web servers, databases, and hosting environments (cloud, off-cloud, Containers) Strong experience in manual vulnerability assessment and penetration testing Hands on experience on Application Security tools such as Fortify, WebInspect, Burp, etc. Experience in planning, researching and developing security policies, standards and procedures in line with industry best practices A natural curiosity to learn how things work, and more importantly, how they can be made to work outside of their intended purposes, (i.e. the ethical hacker mentality) Preferably to have application security penetration testing related certifications, (e.g. GWAPT, OSWE, OSCP, GPEN, CPTE, CEH, GWEB, GCIH, etc.) Highly desirable to have general information security related certifications, (e.g. CISSP, CISM, GSEC, CCSP, etc.) Should have excellent team playing and collaborative skills, to work with multiple stake holders. Strong analytical, troubleshooting, writing, communication, and consultancy skills Possess a commitment to quality and a thorough approach to work OpenTexts efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. . Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenTexts vibrant workplace.

Where Software Engineering - Staff Engineer (C++) Bengaluru, Karnataka, India Engineering Employee Apply Save Job Share Email LinkedIn X Facebook Jump to Overview Job Description Benefits Culture How We Hire Overview Synopsys software engineers are key enablers in the world of Electronic Design Automation (EDA), developing and maintaining software used in chip design, verification and manufacturing. They work on assignments like designing, developing, and troubleshooting software, leveraging the state-of-the-art technologies like AI/ML, GenAI and Cloud. Their critical contributions enable world-wide EDA designers to extend the frontiers of semiconductors and chip development. Play Video Job Description Category Engineering Hire Type Employee Job ID 8818 Remote Eligible No Date Posted 20/04/2025 We Are: At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation. Job Description The candidate in this position will be part of the R&D efforts for implementing and supporting software security and licensing initiatives at Synopsys. Responsibilities include working on new releases of the Synopsys Common Licensing code from inception to deployment while ensuring that the resultant product works in a heterogeneous environment. The candidate is expected to identify and formulate the key problems to be solved and develop state-of-the-art solutions. Must be able to balance multiple demands in a fast-paced environment, should act quickly using good judgment, and be self-motivated. The candidate should help achieve tangible results, demonstrate accuracy, thoroughness, and display commitment to excellence in product performance, reliability, and robustness. They should exhibit the ability to learn and apply new skills. Also, be tuned to current developments and trends in licensing technologies and security concepts. Job Requirements The candidate should possess a minimum of 6-10 years of software development experience in C with an emphasis on systems-level programming on Unix. Experience with Unix signals, multi-threading, synchronization mechanisms, socket programming, Unix system calls, Unix shell scripting, Perl scripting, use of debuggers, and proficiency in developing software on many variants of Unix is required. Preference will be given to candidates having prior experience in Application Security/Cryptography and exposure to assembly programming. Experience developing applications using FLEXlm is desirable, though not a requirement. Experience with licensing and other security systems will be of added advantage. Key Qualifications Technically strong in C/C++ with emphasis on system-level programming on Unix Proficient in data structure and algorithms Good understanding of software intricacies with respect to Unix signals, multi-threading, synchronization mechanisms, socket programming, Unix system calls, and use of software debugging tools Proficient in Unix shell scripting, Python, Perl, etc. Knowledgeable in software security and cryptography algorithms Desired Skills Sound understanding of Machine Learning models and their application to solving problems Familiarity in designing cloud-native applications and solutions on AWS, Azure, Google, etc. Exposure to various database technologies like NoSQL, Relational, Distributed, etc. Ability to solve Bigdata problems The Team You ll Be A Part Of: You will join a dedicated team responsible for designing & delivering advanced profiling, and telemetry solutions to enhance Synopsys product productivity. Our team focuses on providing tools and solutions that empower our product R&D teams to innovate and excel. We foster a collaborative and inclusive environment where every team members contribution is valued and essential to our success. Rewards and Benefits: We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process. At Synopsys, we want talented people of every background to feel valued and supported to do their best work. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, age, military veteran status, or disability. Apply Save Job test Share Email LinkedIn X Facebook Benefits At Synopsys, innovation is driven by our incredible team around the world. We feel honored to work alongside such talented and passionate individuals who choose to make a difference here every day. Were proud to provide the comprehensive benefits and rewards that our team truly deserves. Visit Benefits Page Health & Wellness Comprehensive medical and healthcare plans that work for you and your family. Time Away In addition to company holidays, we have ETO and FTO Programs. Family Support Maternity and paternity leave, parenting resources, adoption and surrogacy assistance, and more. ESPP Purchase Synopsys common stock at a 15% discount, with a 24 month look-back. Retirement Plans Save for your future with our retirement plans that vary by region and country. Compensation Competitive salaries. *Benefits vary by country and region - check with your recruiter to confirm Get an idea of what your daily routine around the office can be like Explore Bengaluru View Map Hiring Journey at Synopsys Apply As an applicant your resume, skills, and experience are being reviewed for consideration. Phone Screen Once your resume has been selected a recruiter and/or hiring manager will reach out to learn more about you and share more about the role. Interview You will be invited to meet with the hiring team to measure your qualifications for the role. Our interviews are held either in person or via Zoom. Offer Congratulations! When you have been selected for the role, your recruiter will reach out to make you a verbal offer (a written offer will follow your conversation), and we hope you accept! Onboarding There will be some steps you need to take before you start to ensure a smooth first day, including new hire documentation. Welcome! Once you ve joined, your manager, team, and a peer buddy will help you get acclimated. Over the next few weeks, you ll be invited to join activities and training to help you ramp up for a successful future at Synopsys!

OPENTEXT - THE INFORMATION COMPANY OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. AI-First. Future-Driven. Human-Centered. At OpenText, AI is at the heart of everything we do powering innovation, transforming work, and empowering digital knowledge workers. Were hiring talent that AI cant replace to help us shape the future of information management. Join us. OPENTEXT OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. Your Impact As part of the Product Security team, you must have a strong understanding of information security processes across product development lifecycle including secure coding principle, static code / dynamic scanning, application penetration testing, container security, cloud security, supply chain security and threat modelling the applications. You should be familiar with the industry best practices for information security policies and product security. standards. You will have the opportunity to collaborate with the product stakeholders such as product development, cloud operation, system architects, security champions, Global Information Security on the Product security process and customer escalations/support What The Role Offers Please review the below write up and highlight for any corrects Strategic Planning Align application security initiatives with business goals; refine Product Security processes and tools. Technical Leadership Stay updated on the latest trends and advancements in application security and apply them to continually improve the organization s security program. Recommend mitigations for vulnerabilities; manage third-party and open-source software risk. Architecture and Design Review application designs for security best practices. Design, enhance, and advocate for the threat modelling process. Conduct threat modelling and advise product teams on implementing appropriate security controls. Security Reviews Conduct security assessments throughout the development lifecycle. Collaborate with development teams to remediate security vulnerabilities. Code Review and Analysis Conduct code reviews and implement automated code analysis tools. Secure Development Practices Enforce secure coding practices, train developers in secure coding. Incident Response/Customer Escalations Lead incident response efforts related to application security incidents. Work with cross-functional teams to investigate and remediate security breaches. Policy and Standards Develop and enforce application security policies; ensure compliance with industry standards. Security Testing Oversee the implementation of security testing methodologies Conduct Penetration Testing activity for applications/systems Security Awareness Promote security awareness across engineering; conduct training for development teams on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Collaboration Collaborate with cross-functional teams, including development, operations, GIS, etc., to integrate security into all aspects of the software development lifecycle and improve security maturity. Documentation and Reporting Maintain comprehensive documentation of security processes/policies; produce maturity status reports for senior management. Generate reports and conduct peer reviews. Research and Innovation Stay informed on emerging threats and vulnerabilities, and proactively implement innovative security solutions. Vendor and Tool Evaluation Evaluate and recommend security tools/technologies; Manage vendor relationships What You Need To Succeed 5 - 8 years of experience with the relevant technologies Bachelor s degree in engineering, computer science or equivalent is preferred Industry standard best practices on application security controls, requirements, features, and specifications Application security issues, weaknesses, vulnerabilities, threats, risks, and impacts of exploitation Familiarity with Security Standards and groups (OWASP, PCI, SANS, OSSTMM etc.) Strong vulnerability assessment experience of web, mobile and thick client applications, RESTful & JSON APIs, web servers, databases, and hosting environments (cloud, off-cloud, Containers) Strong experience in manual vulnerability assessment and penetration testing Hands on experience on Application Security tools such as Fortify, WebInspect, Burp, etc. Experience in planning, researching and developing security policies, standards and procedures in line with industry best practices A natural curiosity to learn how things work, and more importantly, how they can be made to work outside of their intended purposes, (i.e. the ethical hacker mentality) Preferably to have application security penetration testing related certifications, (e.g. GWAPT, OSWE, OSCP, GPEN, CPTE, CEH, GWEB, GCIH, etc.) Highly desirable to have general information security related certifications, (e.g. CISSP, CISM, GSEC, CCSP, etc.) Should have excellent team playing and collaborative skills, to work with multiple stake holders. Strong analytical, troubleshooting, writing, communication, and consultancy skills Possess a commitment to quality and a thorough approach to work

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute to achieving the teams goal. Responsibilities Direct Responsibilities Strong expertise in application security concepts and activities like Source Code Review (SAST) & Dynamic application vulnerability scanning (DAST). Good understanding of Information Security concepts and strategies. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like Apisan, WebInspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Experience in Process Improvement, Controls Enhancement and Reporting. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Providing independent expert advice to the IT areas on application & data risk issues. Engaging with organization wide risk and control groups, including internal audit and territory control teams. Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulate appropriate remediation strategies based on a full understanding of business exposure and compensating controls. Contributing Responsibilities Monitoring and oversight of existing IT risks, working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate. Managing relationships with Business and IT teams, chairing periodic meetings and being a point of contact for escalating to wider team members. Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders. SPOC for security architecture meetings. Technical & Behavioral Competencies Excellent Interpersonal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills. Specific Qualifications (if required) CEH, SSCP, OSCP certified. Technical Graduate (Computer Science) Preferable.

Knowledge of scripting languages (Perl, Python, HTML, Java, Shell). Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10 and vulnerability scanning if have any certificate ( CEH, ethical hacking

The Commercial Engineering Boomi team within CIO organization is responsible for designing and implementing integration solutions for commercial platforms (such as Adobe Experience Manager, Salesforce and SAP) that supports key business capabilities 'go to market' and 'customer experience' for Thomson Reuters. Our integration platform Boomi provides support to both real-time and scheduled business transactions by orchestrating hundreds of APIs, connecting many to many applications and data. About The Role: Strong understanding of integration design patterns, integration points and business systems and develops integrations with SAAS, AWS or on-prem systems. Abilityto analyse and interpret logs (Process/Atom Logs). Deliver high quality code and ability to provide test payloads. Hands-on experience in troubleshooting API requests, SFDC connectors/listeners, SAP connectors/listeners, Database Connectors, and Web services Connectors/Listener, complex scripts (Java or Groovy scripts), process/ sub-processes interdependencies and scheduled data jobs, performance issues. Creating and managing RESTful APIs, configuring and deploying API proxies, implementing security measures, working with Apigee policies, and monitoring API performance using analytics tools. Thorough understanding of REST, SOAP, Web services and API Communication protocols S/FTP/S, HTTP/S, File I/O etc. Good understanding on Integration patterns and Agile Framework. Participated in requirement gathering, knowledge transfer sessions and created integration flow documents. Knowledge on Message Queueing and troubleshooting experience. Strong experience with enterprise application security (API/Messaging) and Boomi-APIGEE code vulnerabilities. Knowledge on Boomi Process building, development and good understanding of various data formats XML, JSON, CSV, Database is an add-on. Mentor and guide others by reviewing the code of more junior software engineers as well as encourage others to grow their technical skillset. About You : Bachelors degree in computer science, Information Technology, or a related field. Total 10+ years of experience dominantly in integration development (preferably Boomi and APIGEE). Strong knowledge and hands-on expertise in Boomi and APIGEE integration platform, including API development, APIGEE proxy creation, shared flows, create policies, Boomi connectors, data mapping, error and exception handling and process design. Proficiency in various integration patterns and data exchange formats (e.g., REST, SOAP, JSON, XML). Experience developing large volume and high velocity enterprise integrations. Ability to lead routine projects with manageable risks and resource requirements. Proficiency in at least one programming language like Java, JavaScript, or Python. Experience working with APIGEE platform features, including API proxies, policies, developer portals, and management console. Well versed with tools like DataDog, Postman, AzureDevops etc. #LI-PP1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

The Commercial Engineering Boomi team within CIO organization is responsible for designing and implementing integration solutions for commercial platforms (such as Adobe Experience Manager, Salesforce and SAP) that supports key business capabilities 'go to market' and 'customer experience' for Thomson Reuters. Our integration platform Boomi provides support to both real-time and scheduled business transactions by orchestrating hundreds of APIs, connecting many to many applications and data. About the role In this opportunity as a Software Engineer, you will: Strong understanding of platform architecture, integration points and business systems and develops integrations with SAAS, AWS or on-prem systems. Abilityto analyse and interpret logs (Process/Atom Logs). Deliver high quality code and ability to provide test payloads. Hands-on experience in troubleshooting SFDC connectors/listeners, SAP connectors/listeners, Database Connectors, and Web services Connectors/Listener, complex scripts (Java or Groovy scripts), process/ sub-processes interdependencies and scheduled data jobs, performance issues. Thorough understanding of REST, SOAP, Web services and API Communication protocols S/FTP/S, HTTP/S, File I/O etc. Good understanding on Integration patterns and Agile Framework. Participated in knowledge transfer sessions and created integration flow documents. Knowledge on Message Queueing and troubleshooting experience. Strong experience with enterprise application security (API/Messaging) and Boomi code vulnerabilities. Knowledge on Boomi Process building, development and good understanding of various data formats XML, JSON, CSV, Database is an add-on. About you: Youre a fit for the role of Software Engineer if you: Bachelors degree in computer science, Information Technology, or a related field. 5+ years of experience as Integration Developer (Mulesoft, Oracle SOA etc) with at least 1+ year in Boomi with professional developer certification. Strong knowledge and expertise in Boomi's integration platform, including API development, connectors, data mapping, and process design. Proficiency in various integration patterns and data exchange formats (e.g., REST, SOAP, JSON, XML). Experience developing large volume and high velocity enterprise integrations. Experience in building integrations that are stable, reliable and supportable. Strong attention to detail and ability to prioritize work effectivelyand independently. Ability to write clean, readable code that is easy to understand. Excellent written and verbal communication skills (ability to communicate effectively with technical staff, business analysts, management). Proficiency in at least one programming language like Java, JavaScript, or Python. Understanding of Boomi environments and configurations, preferably for Boomi on AWS. Experience working with APIGEE Edge, including API proxies, policies, developer portals, and management console. Well-versed with tools like DataDog, Postman, AzureDevops etc. #LI-PP1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Summary : As a Senior Product Security Engineer, you will join our team of talented professionals dedicated to embedding continuous and seamless security into our engineering processes. You will contribute to the development and implementation of our Secure Software Development Lifecycle (S-SDLC), working across multiple technical teams to enhance our security posture. About the role : Promote secure-by-design architectures and implementations across all phases of our S-SDLC. Define product security standards, best practices, and processes with built-in governance and metrics. Develop new security capabilities, patterns and automation to integrate security throughout our development practices. Lead threat modeling sessions and secure code reviews (including of AI-based systems and products). Collaborate with cross-functional teams, including software engineering, platform engineering, QA, and operations. Accelerate security remediation through data analysis and support for product engineering teams. This central role will allow you to have maximum impact ensuring our products and applications meet the highest security standards to protect our customers. About you : Bachelor's degree in computer science or equivalent education experience. 7+ years of hands-on experience in software engineering or application security. Experience conducting security-focused threat modeling and code reviews across multiple technology stacks and programming languages. Experience with security tools (SAST, SCA, DAST, fuzzers a plus) and analyzing their findings. Proven analytical skills with ability to develop innovative solutions to complex security challenges. Both defensive and offensive mindset. Strong understanding of security principles (cryptography, authentication, authorization, etc.) and common vulnerabilities applicable to applications (web, desktop or mobile), APIs and cloud environments. Ability to identify, analyze, and mitigate common security vulnerabilities at both design and implementation levels. Knowledge of software engineering principles with experience designing and implementing secure systems, aligned with secure by design and secure by default principles Proficiency in writing code, tests, deployment logic, and API integrations. Any language welcomed. Python, GoLang, Java preferred. Excellent written and verbal communication skills with ability to articulate complex security concepts to diverse and cross-functional audiences. Preferred Qualifications Experience with a major cloud provider (AWS, Azure, Oracle Cloud or GCP). Experience with Infrastructure as Code (e.g., CDK, Terraform, ). Experience securing or developing systems using Large Language Models, RAG, and AI Agents. Experience with common authentication and authorization standards (SAML and OAuth). Experience with containerized application and container orchestration (Kubernetes, ECS, ). Knowledge of industry security frameworks and maturity models such as OWASP Application Security Verification Standard, CIS Benchmarks, NIST Cybersecurity Framework, OWASP SAMM or BSIMM. Relevant security certifications (e.g., OSCP, OSWE). Experience contributing to open-source security projects. Experience in security research, presenting at conferences, or publishing articles. #LI-SP1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role Our support application team performs application vulnerability assessments and document vulnerabilities which were found and provides recommendations for remediation according to BFSI guidelines and industry best practices. As an Application Security Manager, you will provide guidance to the application team on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. You will work along with cross functional business teams to get closure of identified gaps and utilize escalation matrix effectively wherever necessary. You will conduct application security assessment results review and mitigation approval. You will keep abreast of new technologies to ensure that the organization remains at the forefront of security. Key Responsibilities Support and Testing: Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets with security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc. Analysis: Perform in-depth analysis of VAPT results, Review assessment reports to provide risk mitigation & recommendations on that basis. Collaboration: Collaborate with the application team and provide them guidance on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with relevant experience Certifications: OSCP Compliance: Knowledge of cyber security trends & hacking techniques, MITRE ATT&CK framework with hacker mindset. Network Security: Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Key Technologies: Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance, Knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends. About the Business Group ICICI Banks Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

At Tarana, you will play a crucial role in the development of a cutting-edge cloud product - a management system for wireless networks that is designed to scale to millions of devices. The project utilizes modern cloud-native architecture and open-source technologies. Your primary responsibility will involve designing and implementing distributed software within a microservices architecture. This encompasses various tasks such as requirements gathering, high-level design, implementation, integrations, operations, troubleshooting, performance tuning, and scaling. As a key member of the team, you will provide technical and engineering leadership to an R&D team responsible for multiple microservices end-to-end. Your role will involve working on Proof of Concepts (PoCs), customer pilots, and production releases within an agile engineering environment. Expect daily challenges that will push you to enhance your skills continuously and meet high standards of quality and performance. Rest assured, we will provide the necessary mentoring to support your success. This position is based in Pune, requiring your in-person presence in the office to collaborate effectively with team members. **Job Responsibilities:** - Hold a Bachelor's degree (or higher) in Computer Science or a closely-related field from a reputable university. A Master's or Ph.D. is preferred. - Possess at least 15 years of software development experience, with a minimum of 5 years working on large-scale distributed software projects. - Demonstrate expertise in product architecture, design, and providing technical leadership to engineering teams. - Have experience in developing SaaS product offerings or IoT applications. - Experience in not only developing but also operating and managing complex systems would be advantageous. **Required Skills & Experience:** - Proficiency in software design and development using Java and its associated ecosystem (e.g., Spring Boot, Hibernate, etc.). - Strong knowledge of Microservices and RESTful APIs including design, implementation, and consumption. - Comprehensive understanding of distributed systems, clustering, asynchronous messaging, scalability, performance, data consistency, and high availability. - Familiarity with distributed messaging systems such as Kafka/Confluent, Kinesis, or Google Pub/Sub. - Mastery of databases (relational, NoSQL, search engines), caching mechanisms, and distributed persistence technologies. Experience with Elastic Search or any time series databases is beneficial. - Experience with cloud-native platforms like Kubernetes and service-mesh technologies like Istio. - Proficient in network protocols (TCP/IP, HTTP), standard network architectures, and RPC mechanisms (e.g., gRPC). - Knowledge of secure coding practices, network security, and application security best practices. Join us at Tarana, a company founded in 2009 with a mission to accelerate the global access to fast and affordable internet services. With over a decade of research and significant investment, we have developed a groundbreaking fixed wireless access technology, exemplified by our commercial platform, Gigabit 1 (G1). G1 has revolutionized broadband economics and has been adopted by over 160 service providers worldwide. Headquartered in Milpitas, California, with additional R&D operations in Pune, India, we are seeking talented individuals to contribute to our innovative solutions and uphold our commitment to customer satisfaction and innovation. If you are a problem solver passionate about making a meaningful impact on the world, apply now and be part of our dynamic and rapidly growing team at Tarana.,

Job Description At AadiSwan, we are driving digital transformation in the financial services sector by specializing in lending solutions. Our innovative technology platforms empower financial institutions to streamline operations, enhance decision-making, and meet evolving market needs with precision. Our suite of products, including CredPro, CADPro, EWSPro, and ESMSPro, address critical aspects of financial management, from underwriting and risk assessment to regulatory compliance and ESG management. These solutions, built by experts with deep domain knowledge, are not only tech-driven but also rooted in a profound understanding of industry challenges and opportunities. With successful implementations across India and the Middle East, AadiSwan combines advanced automation with deep industry insights to enable clients to boost operational efficiency, reduce costs, and achieve faster time-to-market. The flexibility and scalability of our platforms ensure support for a wide range of business models, making us a trusted partner for institutions aiming to enhance their lending portfolios and expand their digital capabilities. Committed to empowering clients with the tools needed for nation-building, bridging the credit gap, and fostering sustainable growth, we invite you to join us on this journey towards redefining financial excellence and resilience. Role Description This full-time on-site role as a SAS Application Security Architect based in Delhi, India, entails overseeing the security aspects of SAS applications. Responsibilities include ensuring data integrity and confidentiality, implementing security measures against cyber threats, collaborating with cross-functional teams for designing and implementing security solutions, conducting risk assessments, and providing recommendations to enhance the security posture of SAS applications. Qualifications - Proficiency in SAS software and experience in application security - Knowledge of security protocols, encryption techniques, and vulnerability assessment - Strong understanding of cybersecurity best practices and industry standards - Ability to analyze security risks and develop appropriate solutions,

You will be joining ATMECS Global Inc, a technology startup established in 2013, with its headquarters in Santa Clara, California, USA, and an R&D Center in Hyderabad, India. We specialize in providing Product Engineering, QA Automation, Infrastructure, Data, and Market Research services. As a trusted partner, we help organizations innovate and embrace Next Gen technologies with a dedicated team of over 500 professionals. Your role as an Azure Security Engineer will be based in Hyderabad on a full-time on-site basis. Your primary responsibilities will include ensuring the security of applications, networks, and information systems, implementing cybersecurity measures, and managing security engineering tasks specifically on Azure platforms. To excel in this role, you should possess a strong background in Application Security and Information Security, along with expertise in Network Security and Cybersecurity. Previous experience in Security Engineering and a solid understanding of Azure Security are essential. You should be capable of effectively implementing and managing security measures to safeguard our systems. Ideal candidates will hold certifications in Azure Security, such as Microsoft Certified: Azure Security Engineer Associate. Additionally, strong problem-solving skills, analytical abilities, excellent communication, and a collaborative mindset are highly valued traits in this role.,

As an Application Security Engineer at UKG, you will have the opportunity to join our internal Global Security Research & Architecture team, focusing on driving the remediation of application security vulnerabilities within UKG product lines. Your role will be crucial in ensuring the security of software applications throughout the Software Development Life Cycle. This position requires a strong technical background and expertise in software development and security. Your primary responsibilities will include identifying, reporting, and prioritizing application security vulnerabilities, collaborating with development teams to remediate them, and supporting the adoption of the internal Security Champions program. You will also provide guidance on secure coding standards, conduct code reviews, create and maintain documentation for security processes, procedures, and guidelines, as well as participate in security audits and assessments. In addition, you will be tasked with continuously improving Secure Software Development Life Cycle (S-SDLC) processes and environments, assisting in the investigation and resolution of security incidents related to applications, and ensuring optimal performance of all tools supporting the security of the Software Development Lifecycle (SDLC), such as SAST, DAST, SCA, MAST, among others. To qualify for this role, you should hold a Bachelor's degree in computer science or software engineering, with at least 8 years of proven experience in application security and software development. Additionally, experience with application security tools and techniques, a strong understanding of security frameworks and standards, and proficiency in programming languages such as Java, C#, or JavaScript/TypeScript are essential. Preferred qualifications include experience with cloud security (e.g., GCP, Azure), familiarity with container security, and knowledge of DevSecOps practices and tools. Join UKG's award-winning team and be part of our mission to inspire every organization to become a great place to work through our innovative HR technology solutions. Apply online today and contribute to a brighter tomorrow with us. UKG is proud to be an equal opportunity employer that promotes diversity and inclusion in the workplace, including the recruitment process. If you require disability accommodation during the application and interview process, please reach out to UKGCareers@ukg.com.,

As the Single Point of Contact (SPOC) for the solutions and applications being developed, you will collaborate with the product team to come up with milestone plans, key deliverables, and other project details. Your role will involve developing a web application strategy aligned with the product goals and ensuring timely and quality delivery of assigned projects. You will be responsible for managing the team, providing technical guidance, and overseeing testing and project delivery. In this role, you will monitor project baselines to track progress, participate in Agile ceremonies such as Sprint Grooming and Planning, and define best practices and code review processes for the team. Your expertise will be crucial in identifying process improvements, guiding the team in various tasks from requirements closure to verification/validation, and making critical technical decisions to meet product expectations. Additionally, you will collaborate with subject matter experts to define best practices and benchmarks, conduct code reviews, and ensure the team maintains a high level of competence and operational excellence. You will also be responsible for publishing status reports with metrics, proactively identifying risks and dependencies, and establishing strong relationships with stakeholders. Furthermore, you will be involved in generating and executing onboarding, training, knowledge transfer, and skill-building plans. Your role may also include assisting in the recruitment of suitable talent for the organization. Requirements for this position include a minimum of 10 years of experience in Java/J2EE within IT Service Organizations, with at least 2 years of experience in Project Management and Agile methodologies. You should possess strong expertise in enterprise Java frameworks such as Java, Spring, Spring Boot, and microservices, as well as experience in managing enterprise applications with multiple teams. Knowledge of version control and CI/CD tools, UI technologies, NoSQL databases, caching technologies, RDBMS, application security, cloud platforms, Docker, Kubernetes, and test-driven development principles is also required. The ideal candidate will have a proven track record of delivering projects with high quality and zero defects, along with excellent analytical and communication skills.,

You should ideally possess an MBA (preferably with a BE/BTech & Security Certifications) from a reputed institute along with 5 - 10 years of working experience in IT Security Consulting / Implementation. Your knowledge and skills should include understanding of information security protocols and standards, technology infrastructure, regulatory and audit requirements, and business processes. As an ideal candidate, you must have the ability to read, analyze, and interpret technical procedures, business periodicals, financial reports, and documents. You should be proficient in presenting information effectively and responding to queries from senior management, business counterparts, and cross-functional teams. Additionally, you are expected to have expertise in dealing with numbers and business data, and applying principles of logic or scientific thinking to solve a wide range of business problems. Your responsibilities will revolve around information security, where you will lead and manage the identification and management of Cyber Risks, ensuring CARM/SOX Controls in the IS space, developing/adapting Policies, Standards, and Guidelines globally, and benchmarking USL's Information Security maturity. You will also be accountable for driving improvements in IT Security and Controls to enhance the performance of business processes. Moreover, your role will involve working collaboratively with the extended teams from USL IT, GDBS team, and outsourced partners to achieve business goals. It is crucial to display leadership qualities such as Customer Focus, Accountability, Bias for Action, and Stakeholder Management. You will be responsible for application security, Governance, Compliance, and initiating safe practices and industry standards. Furthermore, you will be required to design and deploy a company-wide security awareness program, ensure its adoption within the organization, prepare dashboards and reports, and report them to all concerned stakeholders. Your performance will be measured quantitatively and qualitatively based on the effectiveness of IT Security and Controls, compliance with regulatory requirements, and the overall protection against risks. In conclusion, as a key enabler for the business to grow, diversity is highly valued at Diageo, and the unique contribution of each individual is respected. The role is based in Bangalore, and it is a regular position.,

As a Senior Software Engineer at KONE Cybersecurity in Pune, you will play a crucial role in enhancing the application security solutions that support over a thousand applications across 60 countries globally. Your expertise in application security will be instrumental in ensuring that KONE's customer-facing and internal applications are developed and monitored securely, in alignment with KONE IT guidelines and architecture principles. Your main responsibilities will include collaborating with Application Owners and Security & Compliance teams to understand their application security requirements, designing and implementing application security services, and contributing to ongoing and upcoming projects within your area of responsibility. You will also be involved in exploring and coordinating improvements to the DevOps and Agile working model, especially in the context of automated application security testing using tools like Azure DevOps, Jenkins, and GitHub. To excel in this role, you are expected to have a deep understanding and experience in application security within an international context. Proficiency in code analysis tools such as Coverity and Black Duck Hub, as well as experience with fuzzing tools for application security evaluation, will be essential. Additionally, familiarity with DAST vulnerability assessment scanning tools is desired. At KONE, we are committed to fostering an innovative and collaborative working culture that values individual contributions. Employee engagement and sustainability are key pillars of our organizational ethos, and we actively promote a culture of trust, respect, and recognition for good performance. By joining KONE, you will have the opportunity to work in an environment that encourages personal and professional growth, while also prioritizing a healthy work-life balance. If you are passionate about enhancing application security and thrive in a multicultural environment that embraces challenges and innovation, we invite you to explore this exciting opportunity with us at KONE Cybersecurity in Pune. Visit www.kone.com/careers to learn more about our company and culture.,

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,

Greetings from Technogen !!! We thank you for taking time about your competencies and skills, while allowing us an opportunity to explain about us and our Technogen, we understand that your experience and expertise are relevant the current open with our clients. About Technogen : TechnoGen Brief Overview:- TechnoGen, Inc. is an ISO 9001:2015, ISO 20000-1:2011, ISO 27001:2013, and CMMI Level 3 Global IT Services Company headquartered in Chantilly, Virginia. TechnoGen, Inc. (TGI) is a Minority & Women-Owned Small Business with over 20 years of experience providing end-to-end IT Services and Solutions to the Public and Private sectors. TGI provides highly skilled and certied professionals and has successfully executed more than 345 projects. TechnoGen is committed to helping our clients solve complex problems and achieve their goals, on time and under budget. LinkedIn: https://www.linkedin.com/company/technogeninc/about/ Job Title :Application Security Lead Required Experience : 10+ years Location : Hyderabad. Job Summary :- Experience: Minimum of 7-10 years of professional experience in information security with 5+ years of experience in application security, software development, or related fields. Strong understanding of DevSecOps practices and secure software development lifecycle (SDLC). Proficiency in coding languages such as Java, Python, JavaScript, C#, etc., with expertise in secure coding practices. Hands-on experience with application security testing tools (e.g., Burp Suite, OWASP ZAP, Veracode). In-depth knowledge of common security vulnerabilities (e.g., OWASP Top 10) and how to mitigate them. Experience with DevSecOps practices and integrating security into the CI/CD pipeline. Skills: Deep knowledge of vulnerability scanning tools (e.g., Qualys, Nessus, Tenable, Rapid7). Expertise with application security tools (e.g., Snyk, Veracode, Checkmarx, Burp Suite). Ability to prioritize risks and present technical findings in business-friendly language. Exceptional problem-solving skills and attention to detail. Certifications such as OSCP, GWAPT. Familiarity with cloud platforms (e.g., AWS, Azure, Google Cloud) and securing cloud-native applications. Knowledge of container security and tools like Docker and Kubernetes. Experience with security automation and leveraging APIs for security tools integration. Strong analytical/problem-solving skills and excellent communication and collaboration abilities. Commitment to staying informed about security trends and emerging technologies. Best Regards, Syam.M | Sr.IT Recruiter syambabu.m@technogenindia.com www.technogenindia.com | Follow us on LinkedIn