1254 Application Security Jobs - Page 24

Responsibilities Define and enforce secure coding standards and best practices. Perform threat modeling, security architecture reviews, and code analysis. Design and implement secure CI/CD pipelines with integrated security controls. Automate security testing (SAST, DAST, IAST, SCA, container scanning) in SDLC process. Evaluate and integrate security tools and platforms Lead DevSecOps program in collaboration with DevOps, Operations and Engineering teams Build automation focused on efficiency (eg increase triaging efficiency, manage false positives etc) Leverage ASPM and build workflows and reports Evaluate and integrate security tools and platforms Implement Infrastructure as Code (IaC) security and cloud-native security controls. Monitor and respond to security incidents in development and production environments. Collaborate with development teams to remediate vulnerabilities and design secure applications. Develop and deliver secure coding training and awareness programs. Stay current with emerging threats, vulnerabilities, and security technologies. Ensure compliance with industry standards (eg, OWASP, NIST etc). Requirements Overall 10+ years of experience in application security, software development, or related roles. 6+ years of work experience in Application security, preferably in a fintech or financial services domain Strong understanding of web, mobile, API and cloud application architectures. Experience of code reviewing or code contributing in Java, Java Script, .Net. C#, Python, or IaC scripting. Hands-on experiences running SCA, SAST, DAST, IAST, SBOM, ASPM, Apigee, WAF etc, with approaches or optimizations for the tools to efficiently enforce the enterprise S-SDLC policies. Deep understanding of DevSecOps practices and experience in CI/CD automation for one of the popular platforms, such as Gitlab, GitHub or Azure DevOps. Knowledge of cloud platforms (AWS, Azure) and container orchestration (Kubernetes, Docker). Perspective of supporting developer tools as a security professional (eg integrating security tools with IDE, PR checks etc) The experiences in building security controls for a system that follows NIST CSF and SSDF frameworks and performing the risk-based security reviews that meet the OWASP, SOC2, GDPR requirements. Ability to identify and summarize practical operational procedures, write standards or SOPs, and provide security scan reports. A good understanding of full stack software development and best practices for developing software (version control, branching, automation, IaC, documentation, testing, etc) Ability to collaborate cross-functionally and communicate effectively with highly technical teams and provide written assessment reports as needed. Certifications such as CSSLP, OSWE, or CEH.

Product Security is Shifting Everywhere and improving the testing coverage of the Products. The team ensures Security of the Platform and Applications and committed to finding Security Vulnerabilities across the Products. What you get to do in this role: Identify the important strategic product security focus areas for the team Help lead security discussions with the other engineering teams Participate in research to identify new attack vectors and adopt new methodologies Perform product security testing on ServiceNow products Audit source code of the platform and applications Identify, communicate, and recommend remediation of Security Vulnerabilities To be successful in this role you have: Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AIs potential impact on the function or industry. A passion for Security 8+ years of experience in an application security testing role Coding experience and developer proficiency in at least one language: Java, Python or Javascript In-depth knowledge of application security vulnerabilities and testing methodologies Experience with manual source code review in languages such as: Java, JavaScript, Python, Ruby or PHP Deep understanding of web application architecture and design principles Worked in a Product Security team is a plus. Knowledge of ServiceNow Scripting is an advantage.

EMERSON INNOVATION CENTER is looking for Product Security Engineer to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

Flipkart is looking for Senior Security Engineer - Cyber Defense to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

. Job Title Cyber Risk Mgmt - Advisor I What does a successful Cyber Risk Management Advisor do at Fiserv: Identifying information security and emerging technological requirements and effective risk mitigation actions. Manage key accounts/customers from a Cybersecurity service perspective. Successfully leading and supporting the delivery of Cybersecurity projects and services for our customers by working directly with key business stakeholders and technology SMEs. What will you do: Provide Cybersecurity support for network security products and services (new deployments, hardware refresh/upgrades, migrations, and feature implementation). Support the implementation of security concerns with new and emerging technologies with particular focus on SaaS, PaaS and IaaS specifically the major Cloud providers. Support and guide other teams in the organization on Cybersecurity best practices, security vulnerabilities and implementation/enforcement of the compensating controls. Assist with creating security designs and configure security controls within the Cybersecurity portfolio. Support activities to ensure that risk and controls are in compliance with regulatory requirements and remain in line with company risk appetite. Use metrics to track security risks and awareness. Ensure compliance and governance for data security. Possess expert knowledge in Cybersecurity in the financial services industry to provide guidance on business operations, policies and practices. Involved in or respond to information security incidents as needed. What will you need to know: 15 or more years of cybersecurity and technology risk experience in a large MNC. Minimum of 10 years of experience in Cybersecurity Program Management & Governance, including technical background (networks, servers, encryption, application security, infosec tool, etc). Possesses progressive experience in leading multiple projects in a complex international financial services organization, preferably Financial Technology. Excellent written and verbal communication skills with the ability to negotiate and influence multiple stakeholders, driving positive changes through awareness, understanding, acceptance and commitment to relevant information security topics. Excellent customer management skills with min 8 years of experience with managing large enterprise customers preferably from financial services industry. Relevant professional certification, such as CISSP, CEH, CRISC, CGEIT. What would be great to have: A minimum of 10 years of hands-on experience with multiple security disciplines preferred. Preferred industry certifications are: CISM, CISSP. We welcome and encourage diversity in our workforce. Fiserv is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protector veteran. Explore the possibilities of a career with Fiserv and Find your Forward with us ! Thank you for considering employment with Fiserv. Please: Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable). Our commitment to Diversity and Inclusion: Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. Note to agencies: Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions. Warning about fake job posts: Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address. Share this Job Email LinkedIn X Facebook

The IZOT product line includes BMCs Intelligent Z Optimization & Transformation products, which help the worlds largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications security, while reducing operational costs and risks. We acquired several companies along We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles and Responsibilities: Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

Must to Have Overall, 8 - 14 Years of Experience out of which minimum 3 years in software architecture Have managed a full life cycle of application (Conception to design to implementation to productization) Expertise in software development (Full stack developer) and Native applications Specialization architecture modeling and design, business process modelling Experience in development and maintenance of .Net/C# Applications Sound working knowledge in Angular10 and above Hands-on experience with RESTful API Knowledge of unit testing frameworks like NUnit Expertise in client-server application development (both Windows and web applications) Provide solution to migrate the traditional web applications to cloud native architecture (Azure/AWS), digital and sustainable development. Exposure to infrastructure and application security technologies and approaches Supports in Threat, Safety and Risk Analysis Supports in Security concept development Good to have: Know how on Springs framework (Spring MVC, Spring security, spring boot) Knowledge on Automotive/ Diagnostic domain Protocol knowledge on CAN, J2534..etc Experience in Database design - Oracle / SQL Server / MySQL . Qualifications B.E/B.tech/MCA/M.Tech

About Us Endor Labs is building the Application Security platform for the software development revolution. Modern software is complex and dependency-rich, making it increasingly difficult to pinpoint the risks that truly matter. Endor Labs solves this challenge by building a call graph of your entire software estate enabling teams to clearly identify, prioritize, and fix critical risks faster. Trusted by companies that are one or one hundred years old, Endor Labs secures code whether it was written by humans or AI, and whether its 40-year old C++ code or cutting edge Bazel Monorepos. Endor Labs was founded by serial entrepreneurs Varun Badhwar and Dimitri Stiliadis, and is backed by leading VC firms such as Dell Technology Capital, Lightspeed, and Sierra Ventures. Sound interestingLet s talk if you want to be part of the next big leap in security innovation! About the Role At Endor Labs, we believe security is a first-class engineering discipline not a checklist or afterthought. As our first Principal Security Engineer, you ll define and drive the technical foundation of our security program across our product, infrastructure, and company operations. This is a hands-on role for a builder who thrives at the intersection of secure architecture, software development, and organizational protection. You ll work across teams to ensure that everything we do from how we write code to how we manage employee devices is secure by design and by default. We re not looking for a compliance or policy-focused candidate. We re looking for someone who s lived in the dev and infrastructure world and knows how to build a secure, high-growth startup the right way. Responsibilities Engineering & Product Security Partner with engineering teams to design secure-by-default systems and infrastructure. Lead secure SDLC practices, and runtime hardening efforts. Shape developer-friendly security standards, patterns, and educational materials. Organizational Security & Threat Protection Own security for corporate infrastructure: identity, email, Slack, SaaS apps, endpoints, and cloud accounts. Stand up effective monitoring for external threats (phishing, supply chain, brand impersonation). Implement modern DLP strategies across code, data, and AI tooling. Define and drive secure usage of GenAI tools across teams, balancing innovation with data safety. Lead incident response, from containment to root cause and future-proofing. Lead customer engagements on security related topics. What w e re Looking For Hands-on engineer: You ve written production code, dabbled with infrastructure, and secured modern systems. Full-spectrum mindset: You can think like an attacker, protect like an architect, and communicate like a leader. Experience with cloud-native stacks (Azure, GCP), endpoint management, identity systems (SSO, MDM), and secure SaaS use. Experience securing internal and external AI/ML usage is a major plus. Strong understanding of real-world threat models and how to pragmatically reduce risk without slowing velocity. Excellent collaborator across engineering, IT, and exec stakeholders. Why Join Endor Labs Work with a world-class team dedicated to pushing the boundaries of security research. Directly influence the security of modern software supply chains. A culture that values innovation, collaboration, and continuous learning. Competitive compensation, flexible work environment, and a generous benefits package. Opportunity to present groundbreaking research and contribute to the global security community. If you are excited about making a real impact in cybersecurity and shaping the future of software supply chain security, we d love to hear from you! Apply now to join our team of world-class security experts!

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Spring Boot Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where your primary focus will be on reviewing and integrating all application requirements, particularly those related to security. Your typical day will involve collaborating with various teams to ensure that security considerations are embedded in the application architecture, providing insights that influence key decisions, and ensuring that the technical architecture aligns with security best practices. You will play a crucial role in shaping the security posture of applications, ensuring that they meet both functional and security requirements effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Spring Boot.- Good To Have Skills: Experience with application security frameworks and tools.- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with regulatory requirements related to application security. Additional Information:- The candidate should have minimum 7.5 years of experience in Spring Boot.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Solution Architecture Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where you will review and integrate all application requirements, focusing on security aspects. Your typical day will involve collaborating with various teams to ensure that security requirements are seamlessly integrated into the application architecture, providing critical input into final decisions regarding application security, and ensuring that the technical architecture aligns with security protocols and standards. You will play a vital role in safeguarding applications by ensuring that security is a fundamental component of the development process. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on application security best practices.- Conduct regular assessments of application security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Solution Architecture.- Strong understanding of application security frameworks and methodologies.- Experience with threat modeling and risk assessment techniques.- Familiarity with secure coding practices and application security testing tools.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 7.5 years of experience in Solution Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Who we are: R1 is a leading provider of technology-driven solutions that help hospitals and health systems to manage their financial systems and improve patients experience. We are the one company that combines the deep expertise of a global workforce of revenue cycle professionals with the industry's most advanced technology platform, encompassing sophisticated analytics, Al, intelligent automation and workflow orchestration. R1 is a place where we think boldly to create opportunities for everyone to innovate and grow. A place where we partner with purpose through transparency and inclusion. We are a global community of engineers, front-line associates, healthcare operators, and RCM experts that work together to go beyond for all those we serve. Because we know that all this adds up to something more, a place where we're all together better. R1 India is proud to be recognized amongst Top 25 Best Companies to Work For 2024, by the Great Place to Work Institute. This is our second consecutive recognition on this prestigious Best Workplaces list, building on the Top 50 recognition we achieved in 2023. Our focus on employee wellbeing and inclusion and diversity is demonstrated through prestigious recognitions with R1 India being ranked amongst Best in Healthcare, Top 100 Best Companies for Women by Avtar & Seramount, and amongst Top 10 Best Workplaces in Health & Wellness. We are committed to transform the healthcare industry with our innovative revenue cycle management services. Our goal is to make healthcare work better for all by enabling efficiency for healthcare systems, hospitals, and physician practices. With over 30,000 employees globally, we are about 16,000+ strong in India with presence in Delhi NCR, Hyderabad, Bangalore, and Chennai. Our inclusive culture ensures that every employee feels valued, respected, and appreciated with a robust set of employee benefits and engagement activities. Program Leader We are looking for a Program Leader, IT Security within Identity and Access Management. The Program Manager will use their hands-on technical skills, strong leadership ability and eagerness to design solutions to complex problems as a leader within a larger global team. The Program Manager must be comfortable with communicating to stakeholders, performing security assessments, and prioritizing security risks, as well as creating/presenting high quality deliverables. The position will have a team of direct reports and align under the Director of IAM, Client Identity and Access. Responsibilities Operate as a People Leader responsible for a team of 30+ global resources, including 2 supervisors Build, lead, and execute IAM strategies to enhance the productivity of R1 operational workforce while also enhancing security posturing. Act as a leader with extensive subject matter expertise to shape the Client Identity and Access team. Work collaboratively with peers and stakeholders to influence technical and business projects to enhance IAM strategies. This included but is not limited to transitional work, integrations, and stead state organization initiatives. This role will identify and execute on strategies core to internal business processes as well as partnering with external providers and business partners to securely enable R1 user access. Complete unbiases analysis of technology options and develop a practice to determine, approve and manager preferred technologies; maintain a list of approved technologies; create communication strategies that will guide the organization to standard technologies or create new standards as development needs arise. Communicate access management security goals and new programs effectively with other department managers within the organization. Ensure fulfillment of legal and contractual IT security, compliance, and privacy mandates. Partner with internal cross-function teams and external customers on technology improvement opportunities. Skills and Experience: 10 years of experience, or combined 5 years in Senior Management and 5 years in IAM or adjacent IT Security framework(s) Experience with inventory management, ticketing workflows, and production and quality oversight Excellent interpersonal and communication skills to work with all levels of management, employees, peers, and vendors Excellent analytical and problem-solving skills to solve/manage complex technical problems Ability to maintain enterprise relationships with internal, external stakeholders, and teams Experience in developing and running multiyear, complex technology initiatives and teams Tenacity, grit, and ability to perform under pressure to achieve deliverables Education Bachelors Degree in Computer Science, Information Technology, Information Security, Healthcare Science, or Business Management Preferred - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar industry recognized certification. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals and physician practices. Headquartered in Chicago, R1 is a publicly-traded organization with employees throughout the US and international locations. Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients and each other. With our proven and scalable operating model, we complement a healthcare organizations infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience. We are looking for a self-motivated Cybersecurity Analyst to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more in patient care; in turn, this allows us to continue to grow our company and your career. The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring. Responsibilities : Monitoring various security tools (e.g., Crowdstrike, Proofpoint, MS Sentinel, Azure VM ) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of R1s architecture and information systems are protected Reviewing and analyzing log files to report any unusual or suspect activities. Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating. Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open-source intelligence (OSINT) Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents. Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy. Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the R1s network, and assessments for High Value Assets. In this role, the successful candidate will maintain and monitor compliance with enterprise change management policies and procedures. Develop and maintain metrics & reports on the status of the R1 cyber security operations program. Attend and participate in Cyber security projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning. As part of the overall Cybersecurity Operations Team, work in tandem with the security operations center (SOC), incident responders (when anomalous activity and host compromise occurs), and technology infrastructure and development team members. Participate in established incident response procedures to ensure proper escalation,analysisand resolution of security events and incidents. Managing and maintaining change detection and auditing tools Researching technology and application processing environments, operation, and associated user workflow to design, build, configure, implement, and document change compliance and audit rules within designated technologies. Reconciling changes detected by the system to authorized changes documented in service desk and change management applications. Analyzing large volumes of security event data from a variety of sources to identify suspicious and malicious activity. Documenting, logging and investigating security incidents. Performing case management throughout the incident lifecycle for moderately complex security incidents Design, build, and documenting security technology standards, processes, and operational workflows Operating and maintaining physical security monitoring systems Review, investigate, track, and monitor viruses and malware propagation and eradication throughout the enterprise. Monitoring compliance with enterprise security, compliance, and change management programs, policies, and processes Researching Threat Intelligence sources on the latest malware, trends, patches in order to keep the Security Program up-to-date. Providing metrics & reports on the status of tools, environments, and assets within the organization. Database and Application security to prevent attacks via Input Validation, Cross-Site Scripting, Buffer Overflowetc Required Qualifications : A minimum of 4 years of professional experience in an IT-related field Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols and standards Knowledge of security policy, programs, process, and metrics CompTIA Security+ certification or equivalent professional experience in security operations Intermediate or advanced security, networking, or audit certification Recent experience with static and/or dynamic code review process Strong drive and passion to deliver distinctive end-products, a quick learner with a strong attention to detail and quality. Excellent interpersonal and communication skills Desired Qualifications: A Bachelors degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.) Certification (or ability to obtain certification) in at least one of the following areasGeneral Security (CISSP), Incident Handling (GCIH), Cloud Security (GCLD, Cloud+, CCSK), and Ethical Hacking (CEH) Experience with advanced cyber security tools, network topologies, intrusion detection, and secured networks In-depth understanding of NIST SP 800-61,SOC 2 AICPA controls and frameworks. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit:R1RCM.com. R1 RCM Inc. (the Company) is committed to the principles of equal employment opportunity. The Companys practices and employment decisions, including those regarding recruitment, hiring, assignment, promotion, compensation, benefits, training, discipline, and termination shall not be based on any persons age, color, national origin, citizenship status, physical or mental disability, medical condition, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status or any other characteristic protected by federal, state or local law. Furthermore, the Company is committed to providing a workplace free from harassment based on any of the foregoing protected categories. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

Educational Master Of Technology,Master Of Engineering,Bachelor Of Technology,Bachelor of Engineering Service Line Engineering Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to lead the engagement effort of providing high-quality and value-adding consulting solutions to customers at different stages- from problem definition to diagnosis to solution design, development and deployment. You will review the proposals prepared by consultants, provide guidance, and analyze the solutions defined for the client business problems to identify any potential risks and issues. You will identify change Management requirements and propose a structured approach to client for managing the change using multiple communication mechanisms. You will also coach and create a vision for the team, provide subject matter training for your focus areas, motivate and inspire team members through effective and timely feedback and recognition for high performance. You would be a key contributor in unit-level and organizational initiatives with an objective of providing high-quality, value-adding consulting solutions to customers adhering to the guidelines and processes of the organization. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Experience in at least one of the following fieldsembedded security, secure design and hardware security Detailed knowledge of PKI and cryptography Knowledge of automotive vehicle systems, architecture, and automotive communication protocols (CAN, Ethernet etc.) would be considered an asset Work with different teams across the business to ensure development and implementation complies with legislation R155 vehicle cyber security, according to ISO21434 process. Participate in implementing process to comply with R155 for Polestar. Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling. Preferred Skills: Domain-Automotive-Engine / Power Train Domain-Automotive-Infotainment System Domain-Automotive-Connected Car Domain-Automotive-Electric Vehicles (EVs)-EV

TitleSecurity Test Engineer Key Responsibilities Core Skills Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore

Educational Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key contributor to building efficient programs/ systems and if you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Security testing(3-5 years exp) - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMIndividual should be open to learn new technology as needed and should work independently. Strong in ST with key ST related skills with good in driving a team and must be able to do client interaction. Preferred Skills: Technology-Application Security-Application Risk Profiling Threat Modeling-Microsoft Threat Modelling Technology-Application Security-Penetration Testing (Black/White/Grey Box Testing) Technology-Application Security-Vulnerability Management Technology-Infrastructure Security-Cloud Security Technology-Mobile Testing-Mobile Security Testing Technology-Security Testing-Security Testing - ALL Technology-Application Security-DevSecOps

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Architect, Design and Review Application Security Architecture in distributed web applications, thick clients, mobile and cloud platforms.Perform Attack Surface Analysis, Threat Modeling using STRIDE, PASTA and Arrive at Threats, Risks, Vulnerabilities and propose re- mediatory, compensatory controls.Experience in tools like Threat Modeler, Microsoft Threat Modeling tool, Threat Dragon and similar tools.Application Security/ Threat Assessment with/without tools and RecommendationWork with Development/ Architecture team ensuring secure design principlesLead development team during design and build phaseExposure to Application Security threat modelsProgramming Skills - Java, C++, Python, Ruby, .Net, HTML, JSIn-depth understanding of Software development technologies and CI/CD pipelines. Technical and Professional : Architect, Design and Review Application Security Architecture in distributed web applications, thick clients, mobile and cloud platforms.Perform Attack Surface Analysis, Threat Modeling using STRIDE, PASTA and Arrive at Threats, Risks, Vulnerabilities and propose re- mediatory, compensatory controls.Experience in tools like Threat Modeler, Microsoft Threat Modeling tool, Threat Dragon and similar tools.Application Security/ Threat Assessment with/without tools and RecommendationWork with Development/ Architecture team ensuring secure design principlesLead development team during design and build phaseExposure to Application Security threat modelsProgramming Skills - Java, C++, Python, Ruby, .Net, HTML, JSIn-depth understanding of Software development technologies and CI/CD pipelines. Preferred Skills: Technology-Application Security-Application Security - ALL Technology-Application Security-Vulnerability Management Technology-Application Security-DevSecOps

The resource will be responsible to develop new enhancements/modules in the current application and provide closure to SIT/UAT defects raised. He will also be responsible to provide resolution to any application defects raised on production environment. Resolve any production level bugs and application security observations reported on the application within defined SLAs Skill set Java mandatory Springboot Spring webflow mandatory Angular mandatory PL SQL mandatory Additional Skill set Rest services API integration

Software developers at IBM are the backbone of our overall strategy, and software development is the essential activity that drives the success of IBM and our clients worldwide. At IBM, you will use the latest software development tools, techniques and technologies and work with leading minds in the industry to build products, path-breaking technologies, and solutions that you can be proud of. Do you have the skills and passion for building the futureIf yes, join a niche team at IBM Software Labs focused on building an AI-driven Digital Labor platform, Watson Orchestrate, an AI platform that offers digeys (aka digital employees) with custom skills that can automate today’s businesses. Look for more details at https://www.ibm.com/products/watson-orchestrate We are seeking senior UI developers with hands-on experience developing and supporting software products and services on cloud platforms. The ideal candidate would have rich experience building SaaS products/services, and incrementally deploying them on cloud environments with a deep understanding of platform development, system design, associated tools, technologies, and best practices. Experience in Test-driven development, quality through automation, application security etc., would be a plus. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 6-8 years of programming experience Strong experience with React.js and TypeScript Proficiency in HTML5, CSS3 (including pre processors like SASS). Solid understanding of Redux or equivalent state management tools. Working knowledge of Node.js and integrating front-end with backend services. Good understanding of micro-front ends Should be familiar with bundling tools preferability webpack or vite. Experience with Containers, Docker, Kubernetes, Linux. Experience building distributed and scalable SaaS offerings based on REST APIs, microservices, and containers. Experience in system design and supporting cloud services Ability to learn and be productive on new technologies independently & quickly Experience in technically coaching and guiding junior developers covering system design, code reviews etc. Good communication skills and technical leadership qualities Preferred technical and professional experience Good understanding of latest AI technologies would be an added advantage.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As Security Architect ability to provide Enterprise Security Strategy, Enterprise security design, performing threat modeling for building a Secure Application and Infrastructure for enterprise (Cloud, On-prem, hybrid model). Thorough understanding of IT and its security architecture principles, methodologies and designs patterns. Good working knowledge of current IT risks and experience in implementing security solutions. Experience in designing and reviewing security controls for IT infrastructure (Cloud and on-prem applications). Ability to assess and evaluate different security products as per the security design requirements. Work as Trusted Security Advisor for various clients. Roles & Responsibilities:- Minimum of 8 years of professional experience, preferably with a minimum of 3 years of hands-on involvement in security architecture and threat modeling.Demonstrate a profound comprehension of security architecture, capable of creating, assessing, and revising secure solutions that promote scalability, adaptability, and reusability.Act as the subject matter expert (SME) responsible for guiding and making security architecture decisions across all aspects of Accenture client presales, proposal design, and integration within client ecosystems.Develop and uphold reusable security architecture and design patterns for utilization.Create, devise, and troubleshoot intricate security implementations, overseeing the development of High-Level Design (HLD) and Low-Level Design (LLD) documents.Conduct design and implementation assessments and engage in threat modeling as necessary, adhering to established standards and best practices (e.g., STRIDE, PCI DSS, CSA CCM).Possess experience in cloud architectures and security controls, encompassing network security, Identity and Access Management (IAM), data protection, application security, and logging, among others.Proven track record in security frameworks and processes, including CIS, NIST, PCI/DSS, CCM SOCI/II, ISO/IEC 27001, NIST 800-53, OWASP, ISM, etc.Support Sales Leads by serving as a consultant during pre-sales activities, which involve assessing client requirements, defining project scopes, and preparing proposals and project plans.Demonstrate a robust understanding of potential attack vectors and the ability to design and articulate agile security controls to safeguard against them.Thorough comprehension of security principles and tools, including certificates, Data Loss Prevention (DLP), Web Application Firewalls (WAF), Security Information and Event Management (SIEM), firewalls, Distributed Denial of Service (DDoS) prevention, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), privileged access management, encryption, SSL, VPN, IPSec, TCP/IP, DNS, and web security architecture, among others. Professional & Technical Skills: Strong Network & Cyber Security Architecture Experience in architecting and developing security solutions on one or more cloud platform (AWS, GCP or Azure) and applying the cloud native security services.Cloud Security certifications (CCSP, AWS, Azure, Google Cloud etc.)Good to have Industry / academic accreditations / certifications in Security, Architecture, Network Security, Cloud or Technology disciplines preferred (e.g., CISSP, TOGAF, SABSA, CISM, CCIE etc.) Bonus if you have experience in DevSecOps, DevOps, Additional Information:- The candidate should have minimum 5 years of experience in Security Architecture Design.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

JAVA Developer The Cloud Engineer is responsible for expanding, developing, implementing, and operationalizing our cloud implementation. We are looking for an experienced engineer with extensive knowledge in Java micro services and experience across a broad set of infrastructure and application technologies. The ideal candidate will have a vision for the future of these technologies and the ability to develop and execute the plan to get there. Responsibilities: Migrating from local server environments to GCP based Cloud Architecture GCP Cloud application intake automation. Working with compliance teams to ensure the design meets requirements. Monitoring and performance tuning Cloud environment. Sharing knowledge and awareness of alternative Cloud environments and services Identifying and proposing new work. Documenting and recommending best practices and articulating process improvements Developing automation and/or applications Automation of data transfer using file transfer technologies such as SFTP, etc. Day to day process, documentation, KPIs, and reporting. Basic Qualifications Bachelors degree Minimum of 3 yrs in a combination of Infrastructure, applications security knowledge with cloud experience Preferred Qualifications: Java micro services Must own ability to learn fast, adapt to new technology and keep current with industry Embrace and focus on emerging technology and evangelize to the rest of the team Experience with Google CloudExperience in Cloud run and similar technologies a strong plusExperience with Springboot programming language Experience supporting complex production application environments Mandatory Skills Openshift Kafka Kubernetis

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Node.js Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Implement security measures to protect systems and data- Conduct security assessments and audits- Develop security policies and procedures Professional & Technical Skills: - Must To Have Skills: Proficiency in Node.js- Strong understanding of cybersecurity principles- Experience with security tools and technologies- Knowledge of network security protocols- Familiarity with cloud security best practices Additional Information:- The candidate should have a minimum of 5 years of experience in Node.js- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Encryption Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while maintaining a focus on best practices and compliance standards. Roles & Responsibilities:-Certificate Lifecycle Management-Oversee the issuance, renewal, and revocation of digital certificates.-Implement and maintain processes for managing certificate requests, approvals, and deployments.-Monitor certificate expiration dates and ensure timely renewal to prevent service disruptions.-Maintain an accurate inventory of all certificates deployed across systems and applications.-Certificate Infrastructure Management-Configure and maintain certificate authorities (CAs) and registration authorities (RAs) to support secure certificate issuance and management.-Monitor the health and performance of certificate infrastructure components.-Troubleshoot issues related to certificate provisioning, validation, and revocation.-Documentation and Reporting-Maintain comprehensive documentation of certificate management processes, procedures, and configurations.-Generate regular reports on certificate usage, expiration status, and compliance metrics for stakeholders. Professional & Technical Skills: -Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. -Document the implementation of the cloud security controls and transition to cloud security-managed operations. -Must have skills :Public Key Infrastructure, Venafi- Good to have skills :Data Encryption, Sectigo Additional Information:- The candidate should have minimum 2 years of experience in Data Encryption.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to assess security risks, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive security assessments and work on developing strategies to mitigate potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies for vulnerability scanning and remediation.- Knowledge of compliance frameworks and regulations related to information security. Additional Information:- The candidate should have minimum 5 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education