1254 Application Security Jobs - Page 22

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

We are looking forward to hire Penetration Testing - Web Professionals in the following areas : : Experience required: 4-6 years Security Vulnerability Assessment based on the OWASP security standard. Web penetration testing API penetration testing Mobile Pen testing Assess the criticality of the vulnerability based on the CVSS scoring and prepare the report Security Vulnerability Assessment: Strong Knowledge on the manual pen testing tools and activities; Ability to assess the application security by understanding the business and assess the criticality. Level Extensive Experience: In-depth understanding of API security and vulnerabilities, with hands-on experience in testing and securing RESTful and SOAP-based APIs. In depth knowledge on web penetration testing Knowledge on Android and IOS penetration testing. Proven experience in exploiting vulnerabilities across web applications, with the ability to demonstrate and escalate critical security flaws. Knowledge on Bugbounty Extensive experience with Burp Suite and its various extenders for advanced vulnerability scanning, manual testing, and exploitation. Proficient in using Postman for API testing and security validation. Desirable Certifications and Qualifications: Burp Suite Certified or equivalent professional certification OSWA (Offensive Security Web Assessor), OSWE (Offensive Security Web Expert), HTB Application Security Expert, or EWPTx (INE) certification Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture

Senior Information Security Tech Consultant-I About Lumen Technologies Lumen Technologies is a global technology company that delivers innovative communication and network solutions. Our mission is to empower businesses and individuals to connect, grow, and thrive in the digital age. With a focus on customer experience and operational excellence, we strive to provide cutting-edge solutions that meet the evolving needs of our customers. Job Details: Experience: 8 to 12 years Location: Bengaluru Work Mode: Hybrid Qualification: Bachelor’s or master’s degree in Computer Science, Business ,Math or comparable field or comparable experience Mandatory Skills: VMware, Red Hat OpenStack, Linux, Unix Shell Scripting, Perl Roles and Responsibilities: Strong knowledge of Unix-based operating systems( Linux, Solaris) Experience with virtualization technologies (VMWare, Red Hat Openstack). Expert level knowledge of IP networking and troubleshooting with Ipv6 and protocols. Extensive knowledge of web application security, browser security models and application security vulnerabilities such as OWASP Top Ten. Mastery of security including confidentiality and integrity of data , authentication, authorization and cryptographic protocol. Deep understanding of network attacks, Ddos, malware, phishing ,email security ,encryption, authentication, log and forensic analysis, IP and device reputation and security policies. Hands on expertise operating managed security technologies: Firewalls( Cisco Asa,Check Point) ,IPS( Cisco),file Integrity Monitoring( Tripwire, Trend Micro Deep Security),SIEM,Web Application Firewalls( Imperva), Next-Generation Firewalls ( Palo Alto Networks, Cisco FTD),Security management tools. Understanding of REST API design concepts and standards. Experience with database technologies (MySQL/MariaDB,MSSQL,Postgres,NoSQL). Experience in creating tools to automate recurring tasks. Experience with log collection and analysis tools( Graylog ,Splunk). Experience with regulatory compliance audits, Business Continuity and Disaster Recovery efforts, etc. Mobile application security expertise. Programming /scripting abilities in Java, Javascript, Perl ,Unix/ Linux, Shell,PHP or similar programming languages "We are an equal opportunity employer committed to fair and ethical hiring practices. We do not charge any fees or accept any form of payment from candidates at any stage of the recruitment process. If anyone claims to offer employment opportunities in our company in exchange for money or any other benefit, please treat it as fraudulent and report it immediately."

!!Hiring for CMM5 Level Organization!!Collaborate with IT security teams to develop and implement effective security policies and procedures, SOP and supporting documents.Create and deliver cyber security awareness training programs Required Candidate profile Designation: Cyber Security awareness Experience:6 Month to 1 Year Location:Ghansoli Qualification:Graduation Contact:snehapawar@peshr.com/7021769496

Responsibilities Serve as a security SME by leading architecture reviews, threat modeling, and design assessments. Integrate automated security tools (SAST, DAST, SCA) into CI/CD to deliver actionable insights. Build custom security tools and platforms to fill gaps in security posture. Perform deep code reviews and lead SCA and secret management strategies. Lead end-to-end execution of major security projects across the company. Requirements Proficient in coding (Python, Go, Java, JS). Experience in threat modeling and code reviews. Hands-on with security in CI/CD (DevSecOps). Perks & Benefits Medical Insurance Internet Reimbursement

Lead, mentor, and grow a high-performing penetration testing team while fostering an engaging, inclusive, and collaborative work environment. Grow and manage a team of security engineers, offering guidance, performance feedback, and career development opportunities. Collaborate with cross-functional teams, including Engineering, Product Management, and other Security teams, to embed security testing at the right times during the product development process. Act as a thought leader in security testing, representing Atlassian in external forums, conferences, and engagements. Oversee the design, execution, and automation of penetration testing processes. Stay ahead of emerging security threats and industry trends, driving innovation in security testing approaches and tools. Provide expert guidance on complex security vulnerabilities, risks, and mitigations to stakeholders at all levels. Establish and track meaningful metrics to measure the success and impact of the security testing program. ","qualifications":" Extensive experience in security engineering: 10+ years in application security, penetration testing, or related fields, with at least 3+ years in a leadership or managerial role. Leadership skills: Proven experience leading and mentoring security engineers, with a track record of building and scaling high-performing teams. Technical expertise: In-depth knowledge of secure software development practices, common vulnerabilities (e.g., OWASP Top 10, CWE), and testing tools (e.g., Burp Suite and SAST/DAST tools). Cloud security knowledge: Strong understanding of cloud-native security testing methodologies, including AWS, GCP, or Azure environments. Collaboration communication: Excellent interpersonal and communication skills, with the ability to influence and build rapport with technical and non-technical stakeholders. Problem-solving mindset: Ability to think critically, identify gaps, and implement creative and scalable solutions. It s Great, But Not Required, If You Have: Experience with DevSecOps and integrating security testing into CI/CD pipelines Experience with running a penetration testing function in large enterprises Delivered industry presentations or written research papers Contributions to open source security or penetration testing tools Experience in performing penetration testing on AI products CVE s to Benefits Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit

In this role you will be responsible for Penetration Testing and Manual Code Review across Atlassians vast products and systems. You will lead and support others in technically validating the state of Atlassian s technical security, working closely with our security teams and engineering groups. Day-to-day this person will be: Highly experienced in offensive security, penetration testing and application security Providing SME knowledge and guidance to engineering teams Skilled with common exploitation frameworks such as Metasploit, Core Impact Canvas Working knowledge of KALI Linux or other testing distributions and most of the tools within Able to automate pen testing/code review testing workflows and tasks Analysing vulnerability data for trends, gaps Assessing Atlassian s estate and products for potential pen testing scope items On your first day, well expect you to have: The ability to complete a penetration test and code review of a modern cloud application Worked in a senior penetration testing/application security role Experience in automating a testing workflow Experience leading security projects or complex penetration tests Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and awareness of legal considerations Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams Experience working with security operations teams to develop detection logic Comfortable operating in and reviewing modern cloud technologies from providers such as AWS, Azure and GCP Its great, but not required, if you have: CVE s to Contributions to open source security software or penetration testing tools Delivered industry presentations Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN

Job Description Responsibilities: Collaborate with engineering teams on architecting, implementing technologies, processes, and improvements around product security by performing threat models, penetrations tests, and sharing security expertise. Develop security testing plans to identify misconfigurations, vulnerabilities, and visibility shortfalls. Assist, mentor, and educate about internal secure development methodologies and CyberArk "Security Champions" program. Critical skills: 4+ years of experience working in the software development industry as a test engineer or an engineer with responsibilities relating to security. Background in Whitebox penetration testing. Bachelor s degree in Computer Science, Computer Information Systems, Software Engineering, or Mathematics or a related field, or its equivalent. Programming experience in one or more languages (Java, JavaScript, Python, Shell/BASH, C/C, C#). #LI-HK01 Qualifications Desirable skills: OSCP certification a huge plus. Experience with web application scanning tools (e.g. Static / Dynamic, Interactive, etc.) including Qualys WAS, Appspider, Acutenitx, Ve

Contract We are seeking a Senior DevOps Engineer with over 8 years of experience in automating build, test, and deployment processes. You will take ownership of designing and maintaining robust CI/CD pipelines (preferably using Azure DevOps ) and manage cloud infrastructure using Infrastructure as Code (IaC) with Terraform . The role requires deep technical expertise, strong collaboration skills, and hands-on experience with security, monitoring, and service management processes. Key Responsibilities Automate build, test, and deployment processes for applications and services Design, implement, and manage CI/CD pipelines using tools like Azure DevOps Collaborate closely with development teams to streamline DevOps practices Implement security best practices (SAST, DAST, Container Scans, Code Scans) within the CI/CD pipeline Manage and provision infrastructure using Infrastructure as Code (IaC) , preferably with Terraform Monitor, troubleshoot, and resolve issues across CI/CD pipelines, infrastructure, and applications Support and enhance observability using tools like Grafana Work with Service Management tools and follow IPCC (Incident, Problem, Change, Configuration) processes Required Skills & Experience 8+ years of proven DevOps engineering experience Strong experience with CI/CD tools , especially Azure DevOps Solid understanding of cloud infrastructure , particularly Azure Expertise in Terraform or similar IaC tools Familiarity with application security practices in DevOps (e.g., SAST, DAST, container scanning ) Experience with monitoring and logging tools like Grafana Working knowledge of ITSM processes including Incident, Problem, and Change Management Nice to Have Experience with other CI/CD tools (e.g., Jenkins, GitLab CI/CD) Knowledge of Docker, Kubernetes, and container orchestration Exposure to multi-cloud environments

Say hello to possibilities. It s not everyday that you consider starting a new career. We re RingCentral, and we re happy that someone as talented as you is considering this role. First, a little about us, we re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We re a $2 billion company that s growing at 30+% annually. We are currently looking for a Security Operations Center Analyst , and the key responsibilities are the following: Security Operations Center Analyst Job Type: Full-Time Location: Bangalore Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 2+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Redefine the future of customer experiences. One conversation at a time. We re changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service , our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you re in the right place. Build Amazing - Deliver Amazing - Live Amazing - Be Amazing The AI Data Protection and Compliance Engineer will design, implement and manage AI-specific data protection strategies by defining the security architecture and applying security best practices, policies and controls in collaboration with data scientists, developers and security staff. As part of the AI data protection strategy, the engineer will lead efforts to safeguard sensitive data across AI models, agents, and user interfaces by implementing robust classification, segregation, and access control mechanisms. The engineer will tune DLP policies for AI environments, ensuring proper governance and security of both inputs and outputs, including LLM and ML training data. The engineer will be responsible for deploying and managing protective tools across cloud platforms such as AWS, Azure, and GCP to mitigate advanced threats like model poisoning and data exfiltration. The engineer will support audits, monitor evolving AI risks, and help maintain a secure operational environment in line with regulatory and contractual obligations. Key Responsibilities As part of the data protection strategy, the engineer will: Implement data classification, segregation, access controls, and other appropriate controls to the inputs and outputs and models throughout the application, including AI models, agents, UI s and LLM and ML training and tuning data. Develop and tune DLP policies specifically for AI environments to ensure all sensitive data is accurately tracked, managed, and protected. Establish access controls, limitations and guardrails on usage and prompts for AI inputs and API s and ensure proper access controls on API s and processing pipelines, and segregation of data. Ensure that the appropriate data protection tools are deployed and operating in cloud environments, including AWS, Azure and GCP to protect AI systems against potential threats such as those in the OWASP AI Top Ten, including supply chain and model poisoning threats and attempts to access, modify, and exfiltrate confidential information. Assess and improve AI data protection controls to meet evolving technology and business requirements. Support audit and compliance processes by providing necessary documentation and metrics related to AI data protection practices. Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer, regulatory, and contractual obligations. Maintain current knowledge of AI risks, threats, and AI testing tools and techniques. Perform other duties to support the technical and operational security of the organization as required. Qualifications Bachelor s degree in an IT related field or equivalent experience and 3-5 years of experience in working in data protection or developing solutions incorporating ML/LLM solutions. Desired certifications - one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+. Strong knowledge of data protection principles, particularly in AI and generative AI systems, including DLP and data classification. Understanding of Application Security and Data Security for applications and AI, such as the OWASP Top 10 and the OWASP Top 10 for Generative AI. Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT. Experience and understanding of threats and risks related to web applications and API s, particularly with AI based applications. Experience deploying AI models and solutions in production environments. Experience with cloud technologies, such as AWS, Azure, GCP, Docker, Kubernetes, and infrastructure as code, such as Terraform. General knowledge of security implications of threats and vulnerabilities related to networks, servers, operating systems, applications, and databases. Flexibility to work off-hours to support global project teams and maintenance windows. Competencies Exceptional analytical skills, with the ability to communicate complex ideas clearly and effectively to varied audiences. Strong problem-solving skills and attention to detail. Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes tasks and projects in an efficient and productive manner. Ability to form productive relationships across the organization to accomplish information security objectives. Ability and willingness to learn all aspects of the information security field. Professional verbal and written communication skills in English. Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat. Nextiva DNA (Core Competencies) Nextiva s most successful team members share common traits and behaviors: Drives Results: Action-oriented with a passion for solving problems. They bring clarity and simplicity to ambiguous situations, challenge the status quo, and ask what can be done differently. They lead and drive change, celebrating success to build more success. Critical Thinker: Understands the "why" and identifies key drivers, learning from the past. They are fact-based and data-driven, forward-thinking , and see problems a few steps ahead. They provide options, recommendations, and actions, understanding risks and dependencies. Right Attitude : They are team-oriented, collaborative, competitive, and hate losing. They are resilient, able to bounce back from setbacks, zoom in and out, and get in the trenches to help solve important problems. They cultivate a culture of service, learning, support, and respect, caring for customers and teams. Total Rewards Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses. Medical - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity. Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means. Coverage Type - Employee Only Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000 Free Cover Limit - 1.5 Crore Work-Life Balance - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays Financial Security - Provident Fund & Gratuity Wellness - Employee Assistance Program and comprehensive wellness initiatives Growth - Access to ongoing learning and development opportunities and career advancement At Nextiva, were committed to supporting our employees health, well-being, and professional growth. Join us and build a rewarding career! Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what s going on at Nextiva, check us out on Instagram , Instagram (MX) , YouTube , LinkedIn , and the Nextiva blog . #LI-RQ1 #LI-HYBRID

Job Title: Full Stack Developer (Angular + .NET) Location: Pune/ Hybrid Experience Level: 5-10 years Job Summary: We are seeking a highly skilled and motivated Full Stack Developer with strong experience in Angular for frontend development and .NET (C#) for backend development. The ideal candidate will be responsible for designing, developing, and maintaining scalable web applications, ensuring high performance to requests from the front-end. Required Skills & Qualifications: 5+ years of experience in full stack development. Strong proficiency in Angular (v10+) , TypeScript, HTML5, CSS3, and JavaScript. Solid experience with .NET Core / .NET 6+ , C#, and ASP.NET MVC/Web API. Experience with relational databases such as SQL Server . Familiarity with version control systems like Git . Understanding of RESTful API design and integration. Knowledge of Agile/Scrum methodologies. Roles and responsibilities: Should contribute via coding as well as mentoring the team. Architect the design approach for the implementations. Enforce coding standards and best practices across the team. Participate in project planning, estimations, scoping and execution. Ensure application security, performance and scalability.

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Hire Top Talents from Largest Talent Network | TESTQ. TQUKI0402_4410 - Security Strategy and Architect Summary Shape the Future of Global Security Engineering. Join our Security Engineering team, reporting to the Snr. Director of IT Security Architecture and Engineering, and play a pivotal role in shaping our security posture. You ll collaborate with all IT functions to establish consistent and effective security approaches spanning cloud (AWS, Azure, ADO) , on-premises infrastructure , and end-user computing . From adopting robust frameworks and architectural blueprints to pioneering the integration of new security technologies, you ll be instrumental in ensuring the resilience and high performance of our security solutions with the exciting opportunity to contribute directly to the organizations overarching security strategy. Responsibilities Description Define and guide the implementation of security architectures and engineering standards for global cloud environments (AWS, Azure, ADO) to ensure a robust security posture.Collaborate with Development, Operations, Enterprise Architecture, and Security teams to align security strategy with business objectives and regulatory requirements.Contribute to technical security discussions and working groups, promoting best practices and architectural patterns across environments.Architect, implement, and maintain secure cloud infrastructure and services using automation tools (Terraform, Snyk, AppCheck, security-as-code).Monitor and troubleshoot cloud security performance, availability, and incidents using cloud security monitoring platforms and SIEM integrations.Optimize security, resilience, scalability, and cost-effectiveness of cloud environments through design principles and best practices.Champion the security vision, strategy, policies, and capabilities with IT leadership, ensuring security enables business outcomes.Define long-term strategic direction for cloud security services and architectures in collaboration with IT leadership and partners.Define and maintain security-focused SLAs with partners and vendors.Ensure consistent adherence to organizational and regulatory security requirements across environments.Identify, review, and securely implement new IT solutions with security embedded throughout the lifecycle.Lead proactive threat protection efforts by architecting secure solutions, enforcing policies, and mitigating attack vectors.Maintain project and production schedules for cloud-related security initiatives and deployments. Education Requirement Completion of a bachelor s degree in Information Systems/Technology or equivalent combination of education and work experience. Knowledge and Skills Extensive knowledge in designing, deploying, and supporting secure AWS and/or Azure cloud environments. Expertise in Infrastructure-as-Code (IaC) using Terraform . Solid understanding of secure CI/CD pipelines and integration within Azure DevOps using tools such as Snyk , AppCheck , and Wiz . Proficiency in threat modeling, risk assessment, and system analysis techniques. Strong knowledge of secure networking principles in cloud environments (network segmentation, firewalling, connectivity). Ability to explain complex security concepts clearly to both technical and non-technical stakeholders. Experience collaborating with cross-functional teams to integrate security practices. Expertise in analyzing workflows and defining security tasks to ensure compliance and efficiency. Strong understanding of security attack vectors and mitigation strategies across IT environments. In-depth knowledge of relevant security frameworks (NIST CSF, CIS Benchmarks) and compliance standards (ISO 27001, SOC 2, GDPR). Proven experience evaluating and implementing emerging security technologies. Experience Required Minimum 3 years of experience in security architecture and engineering. Strong experience in securing cloud platforms: AWS: IAM, Security Groups, NACLs, WAF, KMS, CloudTrail, Security Hub, GuardDuty, Inspector VPC security, Lambda security, S3/RDS security, CloudFormation Azure: Azure AD, Microsoft Defender for Cloud, Azure Firewall, NSGs, Key Vault, Monitor Azure Policy, Sentinel, VNet, Azure Functions, Storage/SQL/ARM security Application Security: Snyk, Wiz, AppCheck Decision Making / Interaction Requirements Contribute to the development of Crawford s security strategy and cloud service adoption plans. Define and enforce security architecture standards and best practices. Align global cloud team efforts with business objectives and project timelines. Manage relationships with cloud providers and vendors to ensure optimal service levels. Identify and mitigate security risks, vulnerabilities, and compliance issues. Special Requirements / Certifications AWS and/or Azure certification preferred , but not mandatory. Apply NOW We can only accept MS Word and PDF format under 10 MB

Primary Skills Design, develop, and deploy cloud-based applications using .NET Core / .NET Framework on Microsoft Azure. Build and maintain scalable APIs and microservices hosted on Azure App Services, Azure Functions, or Azure Kubernetes Service (AKS). Integrate Azure services such as Azure SQL, Blob Storage, Key Vault, and Service Bus into application architecture. Implement CI/CD pipelines using Azure DevOps for automated builds, testing, and deployments. Ensure application security using Azure Active Directory, OAuth, and role-based access control (RBAC). Optimize application performance and scalability using Azure Monitor, Application Insights, and caching strategies. Collaborate with architects and DevOps teams to design cloud-native solutions and infrastructure. Write clean, maintainable, and testable code following SOLID principles and industry best practices. Participate in code reviews and provide technical guidance to peers and junior developers. Troubleshoot and resolve issues in development, staging, and production environments. Secondary Skills Assist in migrating on-premise applications to Azure cloud infrastructure. Support infrastructure automation using ARM templates, Bicep, or Terraform. Stay current with Azure updates, .NET advancements, and emerging cloud technologies. Participate in Agile ceremonies such as sprint planning, daily stand-ups, and retrospectives. Collaborate with QA teams to ensure comprehensive testing and quality assurance. Contribute to internal knowledge sharing, documentation, and technical workshops. Help optimize cloud costs by analyzing resource usage and recommending improvements. Provide support during UAT, production releases, and post-deployment monitoring. Work with cross-functional teams to align cloud solutions with business goals. Assist in developing internal tools and reusable components to accelerate development.

Prudent Technologies and Consulting is hiring for a fast-growing Cybersecurity team that supports a customer base including the world s largest organizations. We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelor s degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology

We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelors degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities:- Expected to be an SME in Security Architecture Design.- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Architecture Design.- This position is based in Mumbai.- A 15 years full-time education is required. Qualification 15 years full time education

The candidate must have strong skills and hands-on experience in the following areas: Penetration testing of applications and networks beyond simply analysing tool outputs, with a focuson manual testing expertise Solid understanding of shell and Python scripting Strong OS (Linux, Windows)understanding Deep understanding of TCP/IP, DNS, DHCP, HTTP/HTTPS, andother protocols Familiaritywith OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) Knowledge of firewalls,IDS/IPS, VPNs, proxies

Job Description As a Technical Writer on our Enterprise Applications team, youll create, maintain, and enhance documentation for our suite of IT services. This role requires a deep understanding of Enterprise application concepts and the ability to translate complex technical information into clear, concise, and user-friendly documentation for both Business and IT professionals. Create training content for a wide range of audiences with varying degrees of knowledge and experience. We expect you to have a proven track record of producing effective help content that drives business adoption by empowering users to effectively self-serve their learning objectives. We re looking for an individual who shares our passion about technical documentation and customer education. Help us train the next generation tech professionals with clear and crisp writing on technical topics that are elaborated in a simple and easy to understand way. What you will do ! Create technical setup guides, operational runbooks, handbook pages, FAQs, and technical white papers for client products and services. Incorporate structured content principles for single-source of truth. Create end-user documentation for new product launches and features across the teams for Enterprise Applications. Identify and close knowledge gaps alongside our application & Product teams. Contribute your product and content expertise to the development of eLearning materials including training videos, brochures, infographics, and other content. Effectively communicate and collaborate with internal stakeholders and subject matter experts to deliver engaging customer-facing content. Review success metrics across content delivery methods. What you will need 5+ years of Enterprise Application, security, and IT tech writing experience. 5+ years of experience in a writing role focused on end-user documentation for a technology company. Bachelors degree in English, Technical Communication, Computer Science, Information Technology, or a related field. Proven experience as a technical writer in the IT industry, with a strong portfolio of documentation samples. Technical proficiency : Strong understanding of IT concepts, systems, and technologies. Proficiency in writing structured content that uses variables and metadata to serve context-sensitive material to unique audiences. Experience supporting product release cycles in a fast-paced, ambiguous environment. Excellent writing skills : Content is clear, succinct, logical, and easy to understand. Strong organizational skills : ability to manage expectations and maintain focus. Curiosity is a bias to constantly question, dig deeper, and learn. Nice to have Experience writing Wiki style articles on wide range of tech topics.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Primary Skills : Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cybersecurity, Security Configuration Review, Source Code Review Job Description: 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API & Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms. Notice: Immediate to 15 days Location: ENBD Bangalore or ENBD Chennai or Dubai Location: Bangalore/Chennai/Dubai Experience: 4-6 Years Thanks & Regards, Ankita Ghosh

ResponsibilitiesOwning significant architectural and product areas of the platformYoull make the key decisions and see them through to successful user engagementDelivering features that make a big impact on our growth journeyWriting high-quality, highly-performant codePushing changes every week dayParticipating in code reviews and architectural discussions - we want you to bring your expertise to the team and make us all better engineersBuilding Ad hoc scripts/tools using the technology of your choice to optimize organization operations using techTake full ownership of your work, and take responsibility for every last detail, every step of the way. Requirements4+ years of professional software development experience in consumer productsSomeone who spends time thinking about product experience as much as they do thinking about language frameworkHave an awareness about NextJS and Vercel, or intent to pick them up. Collaborative and want to see the team succeed in its goalsPractical about tradeoffs between speed and polishPassionate about showing others how to do something newProblem solving, proactive and solution oriented mindset, to spot opportunities and use code to fix itAbility to thrive in startups with a fast-paced environment and take ownership for working through ambiguityExcited to join a lean team in a big company that moves quickly

Security Architect -The selected Security Architect would be responsible for a specific project or several projects within an organization, focusing on the security aspects of software applications. They would be responsible for translating client security requirements into application features, ensuring the timely delivery of secure software applications, and protecting against potential threats. They would be responsible for understanding client security needs, designing secure prototypes, developing security protocols, performing security testing, and maintaining technical documentation related to security architecture. Location Bengaluru Educational Qualifications -BE/B Tech/ M.E/M Tech/MS/MCA/MSc Requirements . Work Experience 10+ Years Requirements Skills: Minimum 5 years of experience in IT security Knowledge on HSM architecture including application integration. Sound Knowledge of IT security and processes and best practices (eg.ITIL, ISO 27001). Excellent understanding of cryptographic algorithms with hands-on implementation experience. Good skills in any of the following Language : C,C++,JAVA,GO,RUST Job Profile/Duties a) Security Design and Architecture- Develop and implement enterprise-level security architecture. Design secure network solutions to protect systems and data. Create architectural frameworks that align with compliance and risk management requirements. b) Risk Assessment and Threat Modeling Identify potential threats, vulnerabilities, and risks to the IT infrastructure. Conduct regular risk assessments and develop mitigation plans. Lead threat modeling activities for critical systems and applications. c) Security Policies and Standards Define and enforce security policies, procedures, and best practices. Ensure compliance with regulatory standards (e.g., ISO 27001, NIST, GDPR). d) Collaboration and Advisory Work closely with IT, DevOps, and business teams to integrate security into systems and workflows. Provide technical guidance to security engineers and analysts. e) Security Awareness and Training Promote security awareness and training across the organization. Stay updated with the latest cybersecurity trends, threats, and technologies. f) Monitoring and Reporting Monitor the performance of security systems. Report on security incidents, metrics, and compliance status to senior management.

We are looking for a penetration tester, to join our security organization and work in collaboration with the software engineering teams, infrastructure, and product teams to create and maintain our solutions secure. Key Responsibilities Perform penetration testing of new and existing environments and products - Web applications, Infrastructure and thick clients Writing formal penetration testing reports to both technical and non-technical audiences Presenting findings and remediations to the system owners Documenting and improving our penetration testing process. Identify vulnerabilities in public cloud offers (GCP, Azure and AWS) Research emerging security vulnerabilities and the applicability within our realm Take technical lead on security related topics Support in source code review efforts Triage and validate findings from our bug bounty program Support red teaming exercises as required Requirements 3-5 years of professional experience penetration testing or Application security. Understanding of multiple platforms, operating systems, software, communications, and network protocols <