1254 Application Security Jobs - Page 26

Protects enterprise networks from cyber threats, manages security policies, and ensures compliance with industry standards.

Implement and manage cloud security policies. Ensure compliance and protect cloud environments from threats.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). You will be responsible for ensuring the successful execution of projects and maintaining the highest level of security governance. Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have influencing and Advisory skills.- Engage with multiple teams and responsible for team decisions.- Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems.- Lead the implementation and delivery of Security Services projects.- Leverage our global delivery capability (method, tools, training, assets) to ensure successful project execution.- Maintain the highest level of security governance.- Collaborate with multiple teams to make informed decisions.- Provide advisory services to stakeholders on security matters.- Identify and address security risks and vulnerabilities.- Develop and implement security policies and procedures.- Ensure compliance with regulatory requirements and industry best practices.- Lead incident response and investigation activities.- Conduct security audits and assessments.- Stay up-to-date with the latest security trends and technologies.- Train and educate employees on security awareness and best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of security frameworks and standards.- Experience in developing and implementing security policies and procedures.- Knowledge of regulatory requirements and industry best practices.- Experience in incident response and investigation.- Good To Have Skills: Experience with security risk assessment and management.- Familiarity with security technologies and tools.- Knowledge of cloud security principles and practices. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Governance.- This position is based at our Bangalore office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify potential vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and methodologies.- Experience with security testing tools and frameworks.- Knowledge of application security standards and compliance requirements.- Familiarity with threat modeling and risk assessment techniques. Additional Information:- The candidate should have minimum 3 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Application Security Architecture and Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the security architecture, ensuring that it meets the business requirements and performance goals. You will play a crucial role in safeguarding the organization's digital assets and ensuring data protection. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Lead security architecture design and implementation.- Conduct security assessments and audits.- Develop security policies and procedures.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Application Security Architecture and Design.- Strong understanding of cybersecurity principles.- Experience in threat modeling and risk assessment.- Knowledge of security frameworks such as ISO 27001 and NIST.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 5 years of experience in Application Security Architecture and Design.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Immediate Openings on SAP Security Pan India Hands on experience in SAP Security, for User and Role administration User administration activities, User account creation, modify, lock unlock & password reset Working with Profile Generator for Role Administration in Maintaining, Creating and Modifying existing Roles Worked on User information system (SUIM). Created mass users & Roles using the script GUI Scripting. Creating Single, Composite, Master and Derived Roles as per the business requirement. Resolving and troubleshooting SAP Security authorization issues. Assigning missing authorizations as per the users requirement Protected table using Authorization Groups and Authorization objects S_TABU_DIS. Worked on AGR* and USR* tables Hands on experience on SYSTEM trace and STAUTH trace Performed risk analysis for users and roles Creating and assigning Mitigation Controls to the High-level risks. Provided FF Id access to the consultants based the priority Hands on experience in SAP BI Security Reporting access authorizations and restrictions. Creation of analysis authorizations based on business requirement. Trouble shooting Authorization issues using RSECADMIN Knowledge on in User administration activities using HANA studio such as Creation, deleting users, granting roles, definition of roles and creating them, resetting user passwords etc., Creation of Users, Locking / Unlocking & copying of Users [15-11 13:20] Jayavardhini, Tanuku Worked on Incident and Change management issues. Created new roles and moving the role changes by using Transport Request across the land scape. Extensively Used SUIM (User Information System) to pull various reports. Created new roles and moving the role changes by using Transport Request across the land scape. Checking SU53 screen and assigning roles as per user request. Or analyzing missing authorization and providing solutions based on SU53 screenshot. Utilizing system trace (ST01), authority check (SU53) to analyze and fix Problems related to Security. Performing risk analysis based on the business requirements. Role imports from backend system to the GRC system. Providing Fire Fighter Access to perform the critical action in the production system. Created and maintained Parent and Child/Derived roles. Expertise in Security Upgrades, Roll outs, Implementations, Support and Role redesigning Projects Worked for Health care, Life Science, Retails client & Manufacturing Clients Ensure SLAs and Audit Compliance My Responsibilities included User administration & Role administration tasks, Effectively Analyzed trace files and tracked missed authorizations for user's access problems and inserted missing Authorizations, Generated authorizations using Profile Generator and assigned to authorization profiles and assigned to users Good exposer on providing security for SAP modules like (FICO AA, AP, AR, GL, CO & TX) and SCM (MM, PP, PM, WM, EWM, SD) and HR applications Worked on GRC Access Control modules (ARA&ARM). Experience on performing the Risk analysis at User level and Role level. Hands on experience on SAP FIORI Authorizations. Hands on experience on SAP S/4hana security. A motivated individual and a quick learner committed to teamwork. Able to communicate clearly and honestly .

BMC is looking for a Assoc Product Developer to join our amazing IZOT team! In this role, you will be responsible for developing products and solutions according to design specifications. This is an amazing role that will allow you to work on a broad array of critical, unique issues and complex programs and solutions. You will also build prototypes and use other techniques to achieve product definition and design goals. So, if youre looking for a development role with a lot of opportunities and challenges. If you love programming for complex products. If you love working with people from all around the world BMC is the place for you! In this role, you will: Successfully develop and deliver products, product lines, and solutions, using various languages Design, code, and fix defects of increasingly complex, multi-tier software solutions. Produce a range of high-quality design options, reflecting a wide breadth of technical knowledge and insight. Evaluate new technologies/innovations and processes that could impact products/solutions including 3rd party releases. Work directly with global clients on complex product issues/escalations. Requirements: 0-2 years of experience with z/OS Processing Environment (academic experience can also be relevant). 0-2 years of experience in Assembler development, using 64-bit Assembler and 31-bit Assembler (academic experience can also be relevant). Experience/knowledge in IBM Mainframe environment (TSO/ISPF, JCL etc.). Knowledge of z/OS structure and logic including knowledge of z/OS operating system internals. Understanding of zLinux and Unix System Services. Excellent troubleshooting & problem-solving skills. Self-starter with ability to work both independently and as a part of a team. Fluent English (written and verbal) Nice to have: Experience in C / C++ development Experience with TCP/IP and related networking protocols. Experience with monitoring tools for systems and subsystems in z/OS environments

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional : Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Immediate Openings on Security Consultants with Vulnerability _Contract_Pan India 6+ Years Security Consultants with Vulnerability Pan India Period :Immediate. Type Contract Description 7 + Years Security Consultants with Vulnerability tools exp like Qualys or Tenable (prefer Qualys) and ServiceNow. Experience with Vulnerability tools such as Qualys or Tenable (prefer Qualys) and ServiceNow .

Key Responsibilities: Perform in-depth penetration testing, vulnerability assessments, and security reviews of applications, infrastructure, and networks. Identify, exploit, and document security vulnerabilities across systems and provide remediation recommendations. Simulate sophisticated attacks to test the strength of security controls and identify potential areas of compromise. Collaborate with development, infra, and DevOps teams to integrate security into the development lifecycle and Infrastructure-as-Code (IaC) security. Develop comprehensive security test plans, methodologies, and tools to ensure effective assessment of systems. Create detailed reports that outline vulnerabilities, risks, and recommended mitigations. Perform threat modeling and risk assessments to prioritize testing efforts. Monitor network traffic for threats and respond to security incidents. Ensure security best practices in Cloud environments, security controls for cloud workloads, IAM policies, and network security. Monitor and respond to cloud security incidents using SIEM and cloud-native security tools. Integrate and automate security testing and compliance checks into CI/CD pipelines using tools like SAST, DAST, and IAST . Experience Range: 3 - 5 years Educational Qualifications: -B.Tech/B.E in Computers , -B.Tech/B.E in IT Job Responsibilities: Required Skills & Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or related field . 2-3 years of experience in cybersecurity with a focus on Penetration testing or Ethical Hacking , Application Security, Cloud Security, and DevSecOps . Experience with security tools such as Burp Suite, Metasploit, Nessus, Wireshark, SonarQube, AWS WAF, Google WAF, Kali Linux, and other vulnerability scanning tools, etc. Knowledge of SIEM , EDR , NIST, CIS, and OWASP security frameworks. Proficiency in scripting (Python, Bash, PowerShell) for security automation. Industry certifications like CEH, Security+, AWS/GCP Security, or any DevSecOps-related certification (preferred but not mandatory). Excellent written and verbal communication skills to effectively report vulnerabilities and collaborate with stakeholders.Qualifications: Bachelors degree in computer science . Skills Required: DevOps , Linux , PHP , Python

: Job Title- Business Control Officer, AVP Location- Pune, India Role Description DWS Group (DWS) is one of the world's leading asset managers. Building on more than 60 years of experience and a reputation for excellence in Germany and across Europe, DWS has come to be recognized by clients globally as a trusted source for integrated investment solutions, stability, and innovation across a full spectrum of investment disciplines. We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management as well as our deep environmental, social and governance focus complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically. DWS wants to innovate and shape the future of investingwith approximately 3,500 employees in offices all over the world, we are local while being one global team. We are investors entrusted to build the best foundation for our clients future. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities This role will support India DCO office with activities as outlined below: Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have CertificationsCRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives. How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

Job Summary - As a Security Analyst, you will work on an SAP Security team along with other Security Analysts to analyze, build and maintain the Enterprise SAP Security Roles in a quality manner to support multiple divisions of the business within John Deere. This level operates with moderate autonomy on a team, with access to senior team members or Scrum Master when guidance is needed. In addition, you will; • Administer (Create/Maintain) SAP Security Roles • Participate and follow documented Change Management Processes • Engage in peer reviews of SAP Security role Changes • Use Information Security tools for analysis of Information Security events and data with some understanding of the interactions between access patterns and expected outcomes • Deliver the basic tasks and activities related to cyber security and get exposure to information security patterns with some complexity • Understand and apply current Information Technology (IT) security policies to ensure adherence to standards established by GSEC SAP security • Understand and apply knowledge of security system parameters and tables utilized within existing security tools and various applications • Follow routine techniques and processes to resolve administrative issues. Use analytical skills to resolve low to moderate level security issues • Take part in projects directly related to existing processes and tools • Follow processes and actively look for ways to improve the process • Perform some decision making when requests fall outside of the normal processes • Work on tasks and projects that are low to moderate risk and of low to moderate complexity in nature • Supports SoD/SOX reviews and initiatives Mail to - singh.garima@orcapod.work

SailPoint IIQ Sailpoint IIQ Have experience in SailPoint with development/support background. Have experience in connector management, workflows, life cycle events, Rules, custom reports, Certification, custom scheduled tasks & reconciliation. Have knowledge on Application On-boarding for built-in and custom connectors including development of application rules, before and after provisioning rules. Have experience in developing/executing SQL queries. Knowledge on Java , J2EE (Servlet, JSP and JDBC), HTML. Expertise in Customizing and upgrading SailPoint Identity IQ. Good to have knowledge in IdentityAI SaaS application Support for production deployment and bug fixes Have working knowledge of Unix, WebLogic & SSL certificates. Have strong communication skills & can independently handle calls with customers Knowledge on incident/problem management processes Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

"Location: Pan-India, NOT Hyderabad Design, develop and support application solutions with focus on SAP BTP Development. Design and develop Database models and queries using CAPM Develop SAP CAP Application on SAP BTP Custom development and extensions Application Security Development using SAP Business Application studio (BAS) - (Catalog, SQL Console, Trace) Cloud Application Programming Model(CAP) using NodeJS NodeJS & Strong JavaScript Knowledge Core Data Services (CDS) Good understanding of the standard services / libararies of the SAP Cloud Platform. Familiarity with use of App routers Security using XSUAA Expertise in SAP BTP Administration / Development Experience with SQL Script, PL/SQL, Stored Procedures, Function Calls, Designing tables, data loads, calculation views Cloud Foundry & DB Security concepts (Roles, Privileges etc) Strong Java/J2EE and Spring experience Debugging (Logs / Traces Experience on SAP Fiori Apps activation and SAP Ui5 custom development on premises"

About Flexmoney: Flexmoney s mission is to Re-imagine Consumer Finance for the mobile-first digital consumer. Our omni-channel digital affordability platform enables merchants, brands and other partners to seamlessly embed contextual affordability options across all customer touchpoints and sales channels to drive the highest conversion and increase customer satisfaction and loyalty. We work with trusted lending partners (Banks, NBFCs, FinTechs) to develop and offer RBI-compliant, digital credit products embedded in consumer journeys. Flexmoney was instrumental in creating and establishing the Cardless EMI payment category enabling lenders to offer a fully-digital transacting EMI instrument to their users without the need for a credit card. Our market-leading Online Digital EMI platform powers affordability for over 68,000 online merchants (including direct integration with marquee merchants Flipkart , Amazon and MakeMyTrip ) across categories such as travel, insurance, home, fashion, sports, electronics, mobiles, health and wellness amongst others. We offer the largest supply of pre-approved digital EMI credit lines (64M+) helping drive best-in-class digital affordability coverage and conversion for our merchants and brand customers. To power the next phase of Flexmoney s growth we have expanded our platform capabilities dramatically. In addition to our market-leading Online Digital EMI platform, InstaCred TM 360, Flexmoney s NEW omni-channel Affordability Suite now enables sales associate-assisted affordability journeys across all channels - in-store, via tele-callers and also for face-to-face agent sales . The InstaCred TM 360 Affordability Suite will enable Flexmoney to deliver omni-channel affordability solutions to merchants for finance-led segments such as Edtech, Travel, Home, Insurance, Mobiles, Home, Health & Wellness etc Job Role: We are looking for smart, passionate, humble Engineer with an independent mindset to join our team and help build, improve & manage the network security infrastructure of the Organization Key Responsibilities: Own the end-to-end process of conducting security audits, obtaining and maintaining various certifications including PCI DSS, ISO 27001 etc. and report to internal board, external partners, and regulators Conduct regular security audits and assessments to identify gaps and provide recommendations for remediation Support the end-to-end client security audits conducted by external stakeholders Contribute to the development and implementation of security policies, procedures, and guidelines Work with internal teams to set up, manage, and operate security platform integrations across different systems and platforms Keep up-to-date with the latest security trends, threats, and vulnerabilities to identify potential security risks, propose measures and rollout to mitigate them Requirements & Qualifications: 3+ years of experience with enhancing the security of infrastructure, application and IT hardware, conducting security audits, and setting up internal processes Prior experience with cloud security and architecture across AWS, GCP or Azure Strong communication skills to effectively interact with technical and non-technical individuals internally as well as our external stakeholders Passion for learning and growing Ability to prioritize and independently manage multiple tasks independently

Description & Requirements Introduction: A Career at HARMAN Digital Transformation Solutions (DTS) We re a global, multi-disciplinary team that s putting the innovative power of technology to work and transforming tomorrow. As a member of HARMAN Lifestyle, you connect consumers with the power of superior sound. Contribute your talents to high-end, esteemed brands like JBL, Mark Levinson, and Revel Unite your passion for audio innovation with high-tech product development Create pitch-perfect, cutting-edge technology that elevates the listening experience About the Role This position is responsible for SAP Hybris development mainly in payment gateways and e-commerce. What You Will Do Design, develop, and maintain microservices-based eCommerce applications using Java and Hybris. Lead technical design discussions and create low-level technical designs. Write clean, efficient, and maintainable code adhering to API standardization. Participate in code reviews and contribute to the development of coding standards. Mentor junior engineers and foster a strong engineering culture within the team. Design and develop APIs to support digital experiences using open source and cloud technology. Collaborate with Product Owners, Business Analysts, and Solution Architects. Conduct design reviews to ensure solutions adhere to our architecture, security, scalability, and maintainability guidelines. Provide squad-level engineering leadership and contribute to our engineering community and standards. Ensure solutions are fit for purpose, performant, secure, accessible, and conform to our architectural principles. Implement a test-first approach and clean architecture principles What You Need to Be Successful 5+ years of experience in software engineering, focusing on large-scale, complex systems. 3+ years of experience in the SAP Hybris Commerce platform. Strong experience with Java 11, 17, and Spring Boot. Strong experience with unit testing and integration testing. Experience in developing microservices-based applications. Experience with API standardization. Experience building RESTful web services and GraphQL. Development experience using TDD in Java. Experience designing microservices architecture. Good understanding of CI/CD pipelines using tools like Jenkins. Good understanding of Agile software development methodologies. Experience with AWS, Azure. Experience with frontend development, including React, JavaScript, Flutter. Knowledge of web security, application security, web services security, common vulnerability remediation, and certificate management. DevOps experience. Good knowledge of different testing suites Bonus Points if You Have Bachelor s degree required. What Makes You Eligible Work Mode: Hybrid Work location: Bangalore. What We Offer Flexible work environment, allowing for full-time remote work globally for positions that can be performed outside a HARMAN or customer location Access to employee discounts on world-class Harman and Samsung products (JBL, HARMAN Kardon, AKG, etc.) Extensive training opportunities through our own HARMAN University Competitive wellness benefits Tuition reimbursement Be Brilliant employee recognition and rewards program An inclusive and diverse work environment that fosters and encourages professional and personal development You Belong Here HARMAN is committed to making every employee feel welcomed, valued, and empowered. No matter what role you play, we encourage you to share your ideas, voice your distinct perspective, and bring your whole self with you - all within a support-minded culture that celebrates what makes each of us unique. We also recognize that learning is a lifelong pursuit and want you to flourish. We proudly offer added opportunities for training, development, and continuing education, further empowering you to live the career you want. About HARMAN: Where Innovation Unleashes Next-Level Technology Ever since the 1920s, we ve been amplifying the sense of sound. Today, that legacy endures, with integrated technology platforms that make the world smarter, safer, and more connected. Across automotive, lifestyle, and digital transformation solutions, we create innovative technologies that turn ordinary moments into extraordinary experiences. Our renowned automotive and lifestyle solutions can be found everywhere, from the music we play in our cars and homes to venues that feature today s most sought-after performers, while our digital transformation solutions serve humanity by addressing the world s ever-evolving needs and demands. Marketing our award-winning portfolio under 16 iconic brands, such as JBL, Mark Levinson, and Revel, we set ourselves apart by exceeding the highest engineering and design standards for our customers, our partners and each other. If you re ready to innovate and do work that makes a lasting impact, join our talent community today ! HARMAN is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or Protected Veterans status. HARMAN offers a great work environment, challenging career opportunities, professional training, and competitive compensation. ( www.harman.com ) Important Notice: Recruitment Scams Please be aware that HARMAN recruiters will always communicate with you from an @harman.com email address. We will never ask for payments, banking, credit card, personal financial information or access to your LinkedIn/email account during the screening, interview, or recruitment process. If you are asked for . HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Apply

Description & Requirements About the Role The Application Security Expert plays a role in ensuring the security of our Software Products as we handle applications for Automotive OEMs. The Application Security Expert will perform formal vulnerability assessment and penetration tests on Cloud platforms, networks, webservices and APIs. The candidates should have knowledge of open source penetration tools and test procedures. Your Team The role APPLICATION SECURITY EXPERT will report to Alexander Ashkinazi, Head of Cyber Security for Software Products. Number of direct reporters to APPLICATION SECURITY EXPERT - 0 (zero) What You Will Do We are seeking a highly skilled Application Security Expert to join HARMAN Automotive Software Products and play a role in ensuring the security of our Software Products. Our customer security culture is of critical importance, as we are delivering software to numerous Automotive OEMs on a daily basis. The successful candidate will face a multitude of security-related challenges and will be responsible for implementing Secure Software Development Lifecycle (SSDLC) processes, owning security tasks, guiding development teams, analyzing penetration tests, and managing vulnerabilities. Additionally, the candidate shall be responsible for the application security reviews, work closely with the development teams across Software Products business unit. Candidate shall also have extensive expertise into product security solution, Application/API security, databases security, infrastructure vulnerabilities assessment and management, vulnerability assessment and penetration testing (VAPT) services for applications (white/gray/black box concept of penetration testing and corresponding tools). The job entails planning & tracking of tasks for the product and project in order to achieve the timely delivery of committed services to customer. Ready to travel approx. 15% of his work position domestically or international. What You Need Collaborate with development teams to consistently implement and enforce the Secure SDLC process, ensuring security is embedded throughout the software development lifecycle. Review the existing security measures and propose and implement enhancements to strengthen our security posture. Conduct post-event analysis of security incidents and implement necessary improvements to prevent future occurrences. Lead vulnerability management efforts, including analyzing customer penetration test reports and vulnerabilities reports, and overseeing remediation efforts. Implement, test, and operate advanced software security techniques in alignment with a technical reference architecture. Conduct ongoing security testing and code reviews to enhance the security of our software solutions. Troubleshoot and debug security-related issues that may arise during development or production phases. Provide engineering designs for new software solutions, ensuring they are fortified against security vulnerabilities. Contribute to architectural decisions with a strong focus on security considerations. Maintain comprehensive technical documentation related to security measures and processes. Offer guidance and training to team members on secure coding practices and security best practices. At least 2 years of proven experience as a software security engineer, demonstrating a strong background in application security. Profound knowledge of all stages of the Secure SDLC process. Deep expertise in authentication, authorization, applied cryptography, security vulnerabilities, and remediation techniques. Important Notice: Recruitment Scams Please be aware that HARMAN recruiters will always communicate with you from an @harman.com email address. We will never ask for payments, banking, credit card, personal financial information or access to your LinkedIn/email account during the screening, interview, or recruitment process. If you are asked for . HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Apply

About the role: This role offers the opportunity to provide oversight of technology risks across Swiss Re s global digital estate, with a particular focus on modern IT architectures, cloud platforms, and engineering practices. You ll conduct deep dives into areas of concern, influence how controls are embedded, and support the continuous evolution of our operational risk framework in line with emerging technology. With regular exposure to senior stakeholders and strategic programmes, this is a visible and impactful position at the interface between risk, technology, and innovation Key Responsibilities: Perform technology risk reviews and thematic assessments across digital platforms, IT operations, and transformation programmes. Provide an independent view on the design, implementation, and effectiveness of controls related to infrastructure, architecture and development. Assess risks linked to cloud platforms, digital service models, and emerging technologies, offering insight into architectural and engineering-related risk exposures where applicable. Collaborate with enterprise architects, platform leads, and cyber security teams offering constructive challenge while maintaining independence. Prepare & communicate risk dashboards, reports, and presentations for senior management and governance bodies, translating technical risk insights into business-relevant recommendations. Support the implementation and continuous improvement of Swiss Re s Operational Risk Management framework, including RCSA reviews, issue tracking, and incident response. Maintain awareness of regulatory, cyber, and technology trends, helping anticipate and manage emerging threats. About the team: The Digital & Technology Risk Management (DTRM) team acts as the 2nd Line of Defence for all digital and technology-related risks at Swiss Re. We provide independent oversight, challenge, and insight across Swiss Re s global digital landscape. Serving as an independent partner to the business, we help shape the Group s risk posture across various technology domains, ranging from infrastructure and application security to digital innovation and AI. Our commitment lies in driving high standards of resilience, informed risk-taking, and sound control practices through strong engagement and credible challenge. From reviewing control frameworks to assessing emerging risks, we help shape responsible innovation and build resilience into every layer of our technology environment About you: We are looking for a confident and forward-thinking risk professional who excels at bridging the gap between intricate technical details and overarching enterprise risk management. Experience & Capabilities Experienced with at least 7 years record in information technology/security risk management or risk consulting. Proven experience conducting risk assessments, spot checks , and thematic reviews in a complex, regulated environment. Experience of supporting and challenging Risk & Control Self-Assessments (RCSA) and scenario analysis and with risk appetite articulation. Technical & Tooling Familiarity with IT governance frameworks , secure architecture principles, and regulatory expectations (e.g. ISO27001, NIST, OWASP). Practical understanding of modern IT environments, including cloud platforms (Azure, AWS, AliCloud) and enterprise technologies such as Microsoft 365. Exposure to risk considerations across software development, platform engineering, or infrastructure is highly valued. Behavioural & Interpersonal Comfortable working independently , including collaboration with managers or stakeholders in different time zones. Strong stakeholder engagement and communication skills with the ability to influence and challenge at all levels. Demonstrated ability to balance business enablement with effective risk management . Clear communicator with the ability to convey complex concepts to both technical and business audiences. Certifications (Desirable) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) Other cloud/architecture/security or risk-related qualifications are an advantage. About Swiss Re Swiss Re is one of the world s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime. We cover both Property & Casualty and Life & Health. Combining experience with creative thinking and cutting-edge expertise, we create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 14,000 employees across the world. If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134392

Number of Openings 2 ECMS ID in sourcing stage 530771 Assignment Duration 12 Months Total Yrs. of Experience 5-8 + experience in the Technology industry. Relevant Yrs. of experience 5+ years Application Security SCA Mandatory skills Regular patching and upgrading of SAST servers. Act as the primary point of contact with the vendor for resolving any issues related to Fortify. Support for Server Patching; - Collaboration with the Wintel/Unix teams during server patching activities to ensure minimal disruption Manage the onboarding and offboarding of applications and users to the platform. Maintain documentation Maintain Standard Operating procedures (SOPs), runbooks, and support documentation to ensure up to date and accessible information. Good verbal and written communication skills. Enthusiasm to learn and develop new technical and professional skills. Build and maintain automation with CI/CD tools (mainly Jenkins) and scripting languages (mainly Python) Secondary Skills Fortify with DevSecOps Domain Security Max Vendor Rate in Per Day (Currency in relevance to work location) 7000 INR Work Location given in ECMS ID Hyderabad and Pune Preferred WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO No

Application Security SCA - Total Yrs. of Experience 5-8 + experience in the Technology industry. Relevant Yrs. of experience 5+ years Application Security SCA Mandatory skills Regular patching and upgrading of SAST servers. Act as the primary point of contact with the vendor for resolving any issues related to Fortify. Support for Server Patching; - Collaboration with the Wintel/Unix teams during server patching activities to ensure minimal disruption Manage the onboarding and offboarding of applications and users to the platform. Maintain documentation Maintain Standard Operating procedures (SOPs), runbooks, and support documentation to ensure up to date and accessible information. Good verbal and written communication skills. Enthusiasm to learn and develop new technical and professional skills. Build and maintain automation with CI/CD tools (mainly Jenkins) and scripting languages (mainly Python) Secondary Skills Fortify with DevSecOps Domain Security Work Location given in ECMS ID Hyderabad and Pune Preferred WFO/WFH/Hybrid WFO Hybrid Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO No Location- Hyderabad/Pune Yrs of Exp-5+Yrs

Role & responsibilities Strong App Sec Background, Preferred candidate profile OSCP Certification Mandatory Preferred candidate profile

Information security, Cyber Security, Data Privacy Security Analysis, Network Security , Information Security Projects, Audit assessment, GRC Security Project Audit Perform Risk Assessment .share resume info@Servingskill.com/whats app 9819832570 Required Candidate profile Information Security Project Audits, assessments appsec Perform Technology Risk Assessments for processes, technology (Information security, Cyber Security, Data Privacy) Security Analysis ISO/CEH

We are seeking a motivated and detail-oriented individual to join our team as an associate C ram consultant. As an associate C ram Consultant, you will be responsible for supporting the implementation and maintenance of the C ram software platform, which is widely used in social services, healthcare, and other government programs. This entry-level position is ideal for candidates with a strong interest in social services, healthcare, and J2EE technology. Primary Responsibilities Work as part of a matrix team, alongside other Consultant s and technical SMEs, to implements solutions which meet the customer needs. Work with business and technology stakeholders to model business requirements into technical solutions. Establish and maintain a positive working relationship with fellow employees, partners and customers, and to promote Merative s technical credibility as a capable and trusted partner. Design, develop, code and test C ram extensions in a JEE environment. Learn and grow your skills related to C ram implementations including mobile application development, reporting and analytics, cloud, data migration, web services and application security. Understanding of key business flows and ability to document workshop discussions and outcomes in a supporting role. Produce simple business requirements documentation. Able to elicit reasonably framed and bounded problems with a proposed approach and develop solutions. Required Professional and Technical Expertise : Experience in Java/JEE/XML development. Experience in web service development (REST and SOAP) Experience in agile methodologies. Experience with relational databases (DB2 or Oracle) and SQL Experience with application servers ( Websphere or Weblogic ) Preferred Professional and Technical Expertise : At least 2 years experience in Java and JEE enterprise architecture. Knowledge of Rational Tools such as Rational Software Architect (RSA) Knowledge of Extensible Markup Language (XML) and the eclipse integrated development environment (IDE) Knowledge on JavaScript technologies such as ReactJS Knowledge in DevOps technologies such as CI/CD, Jenkins, etc Required Education - bachelor s degree in computer science from a reputed university / college. MS is preferable.

Job Title: Lead Consultant- Trust by Design Engineers Career Level: E Introduction to role Are you ready to disrupt an industry and change lives? As a Lead Consultant in Trust by Design Engineering, youll play a pivotal role in embedding security controls and processes into our business systems and products. Your work will directly impact our ability to develop life-changing medicines by ensuring privacy, security, and trust are foundational to our solutions. Collaborate with engineering, product, compliance, and risk teams to enable secure innovation and drive exponential growth. Accountabilities Partner with development and architecture teams to integrate robust security and privacy controls throughout the product lifecycle. Conduct security-by-design reviews, threat modelling, and risk assessments for new and existing solutions. Contribute to the creation, adoption, and continuous improvement of secure development standards, patterns, and reusable components. Recommend and support the implementation of security controls aligned with business objectives and regulatory requirements. Collaborate on incident response plans and support root cause analysis for vulnerabilities or breaches. Promote awareness and adoption of trust-by-design principles across engineering and business teams. Essential Skills/Experience Experience in cyber security, application security, secure architecture, or related roles. Solid understanding of risk management, privacy by design, secure SDLC, and industry security frameworks (e.g., NIST, ISO 27001). Familiarity with cloud platforms (e.g., Azure, AWS, GCP) and implementing their security features. Excellent communication and stakeholder engagement abilities. Relevant certifications (e.g., CISSP, CCSP, CSSLP) are a plus. At AstraZeneca, youll be part of a dynamic environment where innovation thrives! Our work has a direct impact on patients, transforming our ability to develop life-changing medicines. With cutting-edge science combined with leading digital technology platforms and data, we empower the business to perform at its peak. Join us at a crucial stage of our journey in becoming a digital and data-led enterprise. Here, youll have the opportunity to explore new technologies in hackathons, challenge yourself with large data sets, and push new boundaries. Be part of a team that has the backing to innovate, disrupt an industry, and change lives. Ready to make a meaningful impact? Apply now and be part of our journey! 23-Jun-2025

Job Title: Software Dev Senior Engineer -Security & Cloud Engineering (Product) Location : Hybrid Hyderabad Experience : 9+ years Education Qualification : B.Tech(CSC/IT) Employment Type : Full-time We are looking for a lead developer having Security and Cloud Engineering efforts for our enterprise Java product with both On-Prem and SaaS deployments . This is a hands-on leadership role driving secure SDLC practices, DevSecOps automation, container security, and platform hardening. You will work closely with engineering, DevOps, QA, and compliance teams to protect the product and infrastructure from vulnerabilities and ensure compliance. Responsibilities Application & Infrastructure Security Lead secure coding practices and integrate SAST , DAST , Penetration Testing , and vulnerability scanning into the development lifecycle. Analyze and remediate findings from tools like SpotBugs , Polaris Synopsys , Acunetix , and custom security assessments. Threat Modeling & Risk Mitigation Perform threat modeling, assess security risks including SQL injection , XSS , CSRF, and privilege escalation. Guide teams on secure implementation patterns and anti-patterns. Cloud & Container Security Harden Docker , Kubernetes , and SaaS infrastructure for multi-tenant, secure-by-design deployments. Implement policies for image scanning, secrets management, network segmentation, and runtime security. Security Automation & DevSecOps Automate security checks in CI/CD pipelines using tools like GitLab CI , Jenkins , SonarQube , etc. Promote Infrastructure as Code (IaC) security and integrate tools for Terraform/Helm validations. Governance & Compliance Define and enforce security standards aligned with OWASP , CIS Benchmarks , and industry best practices. Maintain documentation and assist with security audits and compliance requirements. Mentoring & Collaboration Mentor engineers on secure design, coding, and deployment practices. Collaborate with product owners and engineering managers to drive secure feature development. Champion end-to-end test suites, including integration tests against multiple plugin types and configure post-deployment test execution. Trouble shooting: Integrate and troubleshoot SAML- and LDAP-based authentication mechanisms and replicated customer setups. Configure and manage network access rules, including port whitelisting, firewall exceptions, proxy settings, authentication endpoints and troubleshooting other networking issues. Qualifications 9+ years of experience in application security , DevSecOps , or cloud security within enterprise Java environments. Strong knowledge of penetration testing , static/dynamic analysis , and tools like SpotBugs , Polaris , Acunetix , OWASP ZAP , etc. Expertise in secure coding, vulnerability assessment, and remediating common issues like SQL injection , XSS , and insecure deserialization . Hands-on experience with Docker , Kubernetes , Helm , and cloud-native security tooling. Familiarity with SaaS security concerns: multi-tenancy, access isolation, data encryption, and secure APIs. Experience integrating security into CI/CD pipelines and using GitOps principles. Preferred Qualifications Certifications such as OSCP , CEH , CISSP , or CKS (Certified Kubernetes Security Specialist) . Prior experience with security automation , policy-as-code , or container scanning platforms (e.g., Trivy, Aqua, Prisma). Knowledge of threat modeling frameworks (e.g., STRIDE) and secure architecture principles. Exposure to Gen AI tools for secure code analysis, vulnerability triaging, or automated documentation. What We Offer Opportunity to influence product direction and architecture. A collaborative and learning-focused environment. Access to modern tools and Gen AI platforms. Competitive salary and performance bonuses Health insurance Hybrid work model Company Description At Quest, we create and manage the software that makes the benefits of new technology real. Companies turn to us to manage, modernize and secure their business, from on-prem to in-cloud, from the heart of the network to the vulnerable endpoints. From complex challenges like Active Directory management and Office 365 migration, to database and systems management, to redefining security, and hundreds of needs in between, we help you conquer your next challenge now. We re not the company that makes big promises. We re the company that fulfills them. We re Quest: Where Next Meets Now. Why work with us! -Life at Quest means collaborating with dedicated professionals with a passion for technology. -When we see something that could be improved, we get to work inventing the solution. -Our people demonstrate our winning culture through positive and meaningful relationship. -We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential. -Our team members health and wellness is our priority as well as rewarding them for their hard work. Quest is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. Come join us. For more information, visit us on the web at Quest Careers | Where next meets now. Join Quest. Job seekers should be aware of fraudulent job offers from online scammers and only apply to roles listed on quest.com/careers using our applicant system. Note: We do not use text messaging or third-party messaging apps like Telegram to communicate with applicants, so please exercise caution if you are approached in this way and only interact with people claiming to be Quest employees if they have an email address ending in @quest.com or @oneidentity.com #LI-SR1