1254 Application Security Jobs - Page 31

Job Description Responsibilities: Collaborate with engineering teams on architecting, implementing technologies, processes, and improvements around product security by performing threat models, penetrations tests, and sharing security expertise. Develop security testing plans to identify misconfigurations, vulnerabilities, and visibility shortfalls. Assist, mentor, and educate about internal secure development methodologies and CyberArk "Security Champions" program. Critical skills: 4+ years of experience working in the software development industry as a test engineer or an engineer with responsibilities relating to security. Background in Whitebox penetration testing. Bachelor s degree in Computer Science, Computer Information Systems, Software Engineering, or Mathematics or a related field, or its equivalent. Programming experience in one or more languages (Java, JavaScript, Python, Shell/BASH, C/C, C#). #LI-HK01 Qualifications Desirable skills: OSCP certification a huge plus. Experience with web application scanning tools (e.g. Static / Dynamic, Interactive, etc.) including Qualys WAS, Appspider, Acutenitx, Veracode, Burp Sui

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Software Engineering In this role, you will: Design and develop robust, scalable, and high-performance backend services using Spring Boot. Implement RESTful APIs and gRPC services for seamless communication between microservices. Implement RESTful APIs and gRPC services for seamless communication between microservices. Utilize Spring Data JPA and PostgreSQL for efficient data management and persistence. Ensure application security by implementing Spring Security best practices. Collaborate with cross-functional teams to define, design, and ship new features. Write unit and integration tests to ensure code quality and reliability. Implement 12-Factor App principles to enhance application maintainability and deployability. Participate in code reviews, providing constructive feedback and fostering a culture of continuous improvement. Stay up-to-date with emerging technologies and industry trends to ensure our solutions remain competitive Requirements To be successful in this role, you should meet the following requirements: 19 years or more overall IT experience with Strong proficiency in Java 11/17 and J2EE. Experience with distributed computing and Cloud Computing (Public GCP, AWS and Private Cloud). Extensive experience with Spring Boot and its ecosystem (Spring Data JPA, Spring Security, Spring Integration, Spring Cloud). Deep knowledge of Hibernate and ORM concepts. Experience with PostgreSQL and database design. Familiarity with Microservices Architecture and design patterns, development experience with 12-Facot App Principle. Skills and capabilities in API Architecture and API Engineering with in-depth knowledge of key technologies such as REST, API Gateways. Experience with gRPC and Protocol Buffers is a plus. Familiarity with containerization technologies (Docker, Kubernetes) is advantageous. Knowledge of CI/CD pipelines and DevOps practices. Experience with version control systems (Git). Strong problem-solving skills and the ability to work in a fast-paced environment. Excellent communication and collaboration skills. Good interpersonal and communication skills as he/she has to work in global environments. Demonstrated ability to rapidly build relationships with key stakeholders Strong interpersonal skills and ability to work in a team and in global environments Should be proactive, have learning attitude & adjust to work in dynamic work environments. Demonstrated ability to lead and coach technologically as well as geographically diverse teams

":" Same Business development manager / execute role for SMB This is a full-time role for a Sales Specialist 1-3 years of experience in selling Cybersecurity, IT Networking, Servers, and Storage. Note: The role wont suit cyber security \u201canalysts\u201d & typical distribution \u201cchannel experience\u201das it involves end to end managing of direct End Customers. Minimum 1 year of direct B2B selling experience, preferably managing internet accounts. Direct experience selling network security , Cloud security and/or CDN / Application Security solutions and services preferred Direct consultative selling of cybersecurity and a proven track record in end-to-end customer success. Develop and execute sales strategies to meet revenue targets. Manage sales pipelines, forecasting, and account success. Build and maintain strong client relationships. Stay updated on industry trends, market shifts, and competitor activities. Requirements Same Business development manager / execute role for SMB Requirements Deep knowledge of latest cybersecurity technologies. Strong negotiation, closing, and analytical skills. Ability to thrive in a fast-paced, competitive environment. Excellent presentation and communication skills. (Verbal & Written) Benefits Flexible Work Environment (leave benefits, remote options) Health & Accident Insurance Coverage Remuneration above par with industry standards for performers Attractive performance based incentives PF / ESI / Gratuity Benefits Company-paid CUG SIM card Skill Development & Growth Opportunities POSH Certified Organization ","Job_Type":"Full time" , "Job_Opening_Name":"Business Development Manager - SME","State":"Tamil Nadu" , "Country":"India" , "Zip_Code":"600034" , "id":"75805000011098690" , "Publish":true , "Date_Opened":"2025-06-03" , "Keep_on_Career_Site":false}]);

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. F5 optimizes and secures applications and APIs across multi-cloud, on-premises, and edge environments, ensuring high-performance and secure digital experiences. As a Digital Adoption Platform Content Creator and Administrator at F5, you will play a crucial role in enhancing user experiences by creating and managing content that guides users through F5s advanced application optimization and security solutions. You will collaborate closely with cross-functional teams to ensure that the content is both informative and engaging, ultimately driving adoption and improving the performance and security of applications and APIs across various environments. Qualifications Proven experience in utilizing digital adoption platforms to enhance user engagement and productivity Hands-on expertise with Walkme for creating interactive user guidance and support solutions Skilled in developing and curating digital content that facilitates user onboarding and training Collaborative approach to working with cross-functional teams to produce comprehensive and effective content for guides and shoutouts Proficient in integrating digital adoption solutions with web platforms and applications Strong analytical skills to assess user needs and optimize content for better digital experiences Excellent written and verbal communication skills to convey complex information clearly and concisely Ability to manage multiple projects simultaneously and meet tight deadlines Keen attention to detail and a commitment to delivering high-quality content Passionate about technology and committed to staying current with trends in digital adoption and user experience Responsibilities Develop and maintain high-quality, engaging content for F5s Digital Adoption Platform to enhance user onboarding and training experiences Collaborate with product managers, technical writers, and subject matter experts to ensure content accuracy and relevance for F5s multi-cloud, on-premises, and edge environments Design and implement interactive learning paths and tutorials that guide users through the setup, configuration, and optimization of F5 solutions Administer and manage the Digital Adoption Platform, including user management, content organization, and performance monitoring Create and update documentation, FAQs, and help guides to support users in effectively utilizing F5s application and API security features Analyze user engagement data to identify areas for content improvement and to inform the development of new content strategies Conduct regular content audits to ensure all materials are up-to-date and aligned with the latest F5 product releases and industry best practices Facilitate the integration of user feedback and analytics into the content creation process to continuously improve the user experience Support the training and onboarding of new F5 customers and internal teams by creating tailored content and resources Stay informed about industry trends and best practices in digital adoption and e-learning to ensure F5s content remains cutting-edge and effective The is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com ) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates . Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud.You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What you will be doing: Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, andnotification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of theSDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What we'll want you to have: You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for DASTBurp Suite, OWASP Zap, Invicti, AppScan SAST/SCAFortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface ManagementOWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful securityinitiatives. Understanding of software development; how applications and systems are designed, built, and break is critical. UnderstandDevSecOpscultural mindsets, and an engineering-focused approach to solvingcomplexsecurity problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes. The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Role Profile Senior Application Security Engineer Department Information Security/ Cybersecurity Reports ToManager / Lead Security Engineer Location :Hyderabad (WFO) Role Summary: The Security Engineer will play a critical role in strengthening the security posture of applications and infrastructure by implementing secure development practices, performing vulnerability assessments, and integrating security into the SDLC. The ideal candidate will have hands-on experience with OWASP ASVS, security testing tools like ZAP, and a solid understanding of Python-based backend systems. Key Responsibilities: Implement and enforce security policies aligned with OWASP ASVS 4.0.3. Conduct Static and Dynamic Application Security Testing (SAST/DAST) using tools such as ZAP, Fortify, Burp Suite, and GitHub security. Collaborate with DevOps teams to embed security in CI/CD pipelines. Perform threat modelling and risk assessments for applications and APIs. Identify and remediate security vulnerabilities in Python-based services. Prepare and support documentation for STQC audits and other compliance processes. Create and maintain secure coding guidelines for developers. Track and manage vulnerabilities using centralized dashboards or ticketing systems. Collaborate with developers and QA teams during SDLC to ensure secure code deployment. Required Qualifications & Skills: 810 years of Overall experience in IT . 56 years of hands-on experience in Application Security. Strong knowledge of OWASP Top 10 and OWASP ASVS frameworks. Practical experience with ZAP, Fortify, Burp Suite, or similar tools. Good understanding of Python backend services and typical security flaws. Knowledge of CI/CD security integration tools and methodologies. Familiarity with STQC security processes and regulatory compliance documentation. Knowledge of SAST/DAST/IAST methodologies and modern DevSecOps practices. Bachelors degree in computer science, Cybersecurity, or related discipline. Soft Skills: Strong analytical and problem-solving abilities. Excellent written and verbal communication skills. Collaboration and team orientation. High attention to detail and documentation. Strong stakeholder management across development, DevOps, and compliance teams. Preferred Qualifications: Certifications such as OSCP, CISSP, CEH, or GWAPT. Exposure to cloud security (AWS/GCP/Azure). Scripting knowledge for automation using Python or Bash. Experience with container and Kubernetes security tools. Key Relationships: InternalDevelopment Teams, DevOps Teams, QA Teams, Compliance Team, Product Owners ExternalAuditors, Regulatory Authorities (e.g., for STQC), Security Vendors Role Dimensions: Team Size: Individual contributor or small security team lead Scope: Application security coverage across all internal and external apps Impact: High directly impacts risk mitigation, compliance, and secure software delivery Success Measures (KPIs): % of vulnerabilities resolved within SLA Number of applications onboarded to security tools Security issues found in pre-production vs post-deployment Developer adoption rate of secure coding practices STQC and other audit clearance rates Mean time to detect and remediate vulnerabilities Competency Framework Alignment: Technical Expertise Deep understanding of of AppSec tools and practices Results Orientation Works cross-functionally with technical teams Problem Solving Strong in analysing and resolving security issues Communication Explains complex security concepts to non-tech teams Adaptability Takes ownership of vulnerabilities and resolutions

Job Title Security Delivery Senior Analyst Management Level: 10 - Senior Analyst Location: Bengaluru Must have skills: Node.js, PostgreSQL, AWS, Azure DevOps, Agile, CI/CD, Strong Communication, Estimation (for level 8/9) Good to have skills: Application Security, AWS Fargate, Google BigQuery Job Summary : The ISD backend developer will be responsible for writing code for the upcoming changes and operational tasks. The application is built in AWS Cloud Native architecture. The application is written in AngularJS, Node.js, both in TypeScript. The developer must be skilled in Node.js, PostgreSQL, AWS and be familiar with agile concepts and automated CI/CD including unit testing. Roles & Responsibilities: The backend developer will be responsible for supporting a custom-built dashboard in AngularJS and Node.js. Level 9/8 developers must prioritize work, estimate work, and assist other developers. The Developer will also take part in future project planning and estimation. Professional & Technical Skills: Technical Experience: The backend developer must be skilled in NodeJS and PostgreSQL and have working knowledge of TypeScript and PostgreSQL. The Developer must also be experienced in Continuous Integration/Continuous Deployment (CI/CD) to automate builds and deployments. Professional Experience: The backend developer must be self-motivated with excellent communication skills. The developer should be able to work with the lead(s) to solve complex development challenges, perform peer/quality reviews and maintain the teams code repository and deployment activities. Additional Information: Qualification Experience: Minimum 4+ years of experience is required Educational Qualification: Any Degree

Hiring for Application Security role at Mumbai location !!! Job Title: Senior Manager Third Party Technology Risk Management Location: Mumbai Experience Required: 7 - 9 Years Industry: Financial Services / BFSI Job Type: Full-Time Work Mode: Hybrid Note: 2 levels of interview with client - 1st round - Virtual / 2nd round - F2F is Must . Job Overview: We are looking for a seasoned and driven Senior Manager to lead our Third-Party Technology Risk Management efforts. If you have strong experience in managing vendor risks, IT security frameworks, and global compliance standards in a financial services environment this opportunity is for you! Key Responsibilities: Conduct and lead Third-Party Risk Assessments for new and existing vendors. Evaluate IT security controls using industry frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.). Develop and manage vendor risk dashboards and reports for senior stakeholders. Collaborate with cross-functional teams across regions to ensure compliance and risk mitigation. Ensure vendors meet our cybersecurity, network, and cloud security expectations. Coordinate vendor audits, risk reviews, and maintain detailed documentation. Work effectively with multicultural, cross-time-zone teams. Communicate risk findings and remediation plans to senior management. Maintain high standards of confidentiality, integrity, and professionalism. Required Skills & Qualifications: Bachelor's degree in IT, Information Security, or related field. Certifications such as CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor. 1012+ years in Technology Risk, with strong focus on Third-Party Risk Management. In-depth knowledge of NIST, ISO 27001, PCI DSS, SOC 2, COBIT, GDPR. Strong grasp of cybersecurity, network, and cloud security principles. Experience working with compliance, procurement, and legal teams. Excellent verbal and written communication skills for senior stakeholder engagement. Proficient in Microsoft Word, PowerPoint, and Project. Proven ability to manage conflict, build strong vendor/client relationships, and influence decision-making. Preferred Skills (Nice to Have): Familiarity with GRC tools (e.g., Archer, ServiceNow, OneTrust). Experience working with cloud service providers (AWS, Azure, GCP). Knowledge of outsourced IT risk, data privacy, and regulatory trends.

Cyber Manager Joining Maersk will embark you on a great journey with career development in a global organisation. You will gain broad business knowledge of the companys activities globally, as well as understand how the complexity of IT supports the transport and logistics business. At Maersk we value the diversity of our talent and will always strive to recruit the best person for the job we value diversity in all its forms, including but not limited to: gender, age, nationality, race, sexual orientation, disability or religious beliefs. We are proud of our diversity and see it as a genuine source of strength for building high performing teams. The purpose of this role is to assist in delivering a DevSecOps transformation across Maersk by driving the processes, behaviours and culture necessary to enable successful implementation. You will be a key member of the team charged with delivering the tools, training, and methods necessary to support secure software development, and incentivising secure behaviour across the developer community and broader organisation. Were looking for a software developer who is passionate about security, who will work with our multi-disciplinary team to evangelize the importance of secure coding and design and deliver supporting initiatives. You will work with stakeholders across Maersk to assess the success of interventions and enable continuous improvement. In this role you will be exposed to a wide and challenging range of business issues through regular engagement with stakeholders across Maersk. You will work and communicate across geographical and cultural borders that will enable you to build a strong professional network. We will provide you with opportunities to broaden your knowledge and strengthen your technical and professional foundation. Key responsibilities: Identifying, analysing, and capturing requirements related to secure software development practices across Platforms and Enterprise brands. Designing and delivering user-centered interventions to enable secure software development awareness and practices. This will include writing actionable guidelines, developing and delivering application security training and awareness materials, and identifying opportunities to streamline and automate secure development practices. Collaborating with Developers to identify and develop good DevSecOps practices and assisting in embedding them as business as usual. Developing understanding of DevSecOps best practice in other sectors and extrapolating to Maersk initiatives as appropriate. Primary internal stakeholders Maersk Technology Organization including new platforms Maersk Brands & Supporting Function teams Other Cyber Security functions Primary external stakeholder Maersk customers Maersk suppliers Regulatory bodies Required experience & skills: Who we are looking: Software development experience Knowledge of application security principles and the ability to translate technical concepts to a diverse set of stakeholders. Excellent communication skills: the ability to effectively communicate with both technical and non-technical personnel. Excellent stakeholder management and interpersonal skills. Highly organized, with the ability to manage conflicting priorities and multiple tasks Able to work in a multi-disciplinary, collaborative environment. Strong presentation and storytelling skills. Strong self-starting and can-do attitude Experience: At least four years experience in software development. Experience implementing application security within CI/CD pipelines is strongly preferred. Strong stakeholder management experience with the ability to identify differing stakeholder views and build consensus. Experience working in an agile environment. Experience in an IT Operations environments along with an understanding of how it supports critical business outcomes is strongly preferred

Job Summary This position provides input, support, and performs full systems life cycle management activities (e.g., analyses, technical requirements, design, coding, testing, implementation of systems and applications software, etc.). He/She participates in component and data architecture design, technology planning, and testing for Applications Development (AD) initiatives to meet business requirements. This position provides input to applications development project plans and integrations. He/She collaborates with teams and supports emerging technologies to ensure effective communication and achievement of objectives. This position provides knowledge and support for applications development, integration, and maintenance. He/She provides input to department and project teams on decisions supporting projects. Job Summary This position provides input, support, and performs full systems life cycle management activities (e.g., analyses, technical requirements, design, coding, testing, implementation of systems and applications software, etc.). He/She participates in component and data architecture design, technology planning, and testing for Applications Development (AD) initiatives to meet business requirements. This position provides input to applications development project plans and integrations. He/She collaborates with teams and supports emerging technologies to ensure effective communication and achievement of objectives. This position provides knowledge and support for applications development, integration, and maintenance. He/She provides input to department and project teams on decisions supporting projects. Responsibilities: Performs systems analysis and design. Designs and develops moderate to highly complex applications. Develops application documentation. Produces integration builds. Performs maintenance and support. Supports emerging technologies and products. Technology: Java, Spring Boot, Microservices/REST API,, Message Broker (AMQ, WMQ), JDBC, CI/CD Pipeline,Cloud Technologies, Application Security, Database, Linux and some shell scripting, Qualifications: Bachelors Degree or International equivalent Bachelor's Degree or International equivalent in Computer Science, Information Systems, Mathematics, Statistics, or related field - Preferred

Role & responsibilities The Solution designer drives the execution of the technical and architectural decisions made by the team, ensuring employment of the right practices, helping to problem solve and ensuring team members remain invested and collaborate. Collaborates with key stakeholders to analyze ideas and demands for architectural fit and translates detailed business requirements into implementable solution. Partners with business and IT on solution architecture design. Keeps the alignment between enterprise architecture blueprint and recommendations and solution implementation. Ensures technical integrity, consistency, and quality of the solution on every stage of its lifecycle The Solution designer often must help coach developers and may dive into work e.g. helping to pair program or teaching new practices or onboarding a new developer. The Solution designer collaborate with business users, product and enterprise teams, and IT development teams to design, develop and implement the product. Preferred candidate profile 12+ years of hands-on Design & Development experience Understands generally accepted software design principles, concepts and terminologies specifically but not limited to the following: Architecture design (C4 Modeling) Building Block Design Solutions Modeling Microservices Architecture Software Engineering Security User Interface (web/mobile) is Proficient with identifying & applying relevant Architecture & Design Patterns for performance. Must have experience in integrating with Legacy systems. Knowledge of Development best practices, like TDD, BDD. Knowledge in design, presentation, and prototyping tools. Experience in designing Cloud native applications & services deployed over AWS. Good to have experience in handling Application security and API Security. Good understanding of latest Industry standards and architectural patterns in Distributed Computing, Cloud, UI, and Database would be essential for success. Experience in coaching an agile technical team. Should have experience of DevOps practices - Continuous Integration tools (Jenkins), Configuration management tools (Git, Bitbucket), Unit testing (JUnit), Build configuration (Maven, Gradle), Code Quality (SonarQube) etc.

- Develop and maintain responsive web applications using React and Redux. - Integrate APIs and manage data flow between the frontend and backend systems. - Implement WebSocket connections for real-time data updates. - Collaborate with UI/UX designers to ensure technical feasibility and optimal user experience. - Optimize applications for maximum speed and scalability. - Utilize AWS services for deployment and management of frontend applications. - Implement CI/CD pipelines using Jenkins and optionally CloudBees for efficient deployment processes. - Ensure application security by integrating Snyk and other security best practices. - Troubleshoot and debug issues across various browsers and devices. - Stay up-to-date with the latest industry trends and technologies. Qualifications: - Proven experience as a Frontend Developer, with a strong portfolio of web applications. - Proficiency in React and Redux for building complex user interfaces. - Experience with AWS services and cloud-based application deployment. - Familiarity with Jenkins for CI/CD processes; experience with CloudBees is a plus. - Knowledge of API integration and RESTful services. - Experience with WebSocket for real-time communication. - Understanding of security tools like Snyk and best practices for secure application development. - Strong problem-solving skills and attention to detail. - Excellent communication and teamwork abilities. Preferred Skills: - Experience with other frontend frameworks and libraries. - Familiarity with modern build tools and version control systems. - Understanding of agile development methodologies.

Job Title - Application Security Engineer About Tazapay Tazapay is a cross border payment service provider. They offer local collections via local payment methods, virtual accounts and cards in over 70 markets. The merchant does not need to create local entities anywhere and Tazapay offers the additional compliance framework to take care of local regulations and requirements. This results in decreased transaction costs, fx transparency and higher auth rates. They are licensed and backed by leading investors. www.tazapay.com Whats exciting waiting for you This is an amazing opportunity for you to join a fantastic crew before the rocket ship launch. It will be a story you will carry with you through your life and have the unique experience of building something ground up and have the satisfaction of seeing your product being used and paid for by thousands of customers. You will be a part of a growth story in securing critical financial applications that handle cross-border payments. We believe in a culture of openness, innovation great memories together. About the Application Security Engineer Role As an Application Security Engineer, you will be responsible for ensuring the security of our payment applications throughout their entire development lifecycle. You will work closely with development teams to identify, assess, and remediate security vulnerabilities in web applications, mobile apps, and APIs that process sensitive financial data across 70+ markets. Key Responsibilities Application Security Assessment Testing Conduct comprehensive security assessments of microservices-based applications built with GoLang, Java, or Scala Perform security reviews of Vue.js and ReactJS frontend applications and their interaction with backend services Execute manual and automated web application penetration testing using industry-standard methodologies (OWASP Testing Guide, PTES) Conduct vulnerability scoring and risk assessment using CVSS framework and custom business impact metrics Utilize govulncheck for Go-specific vulnerability detection and dependency analysis in GoLang microservices Deploy Semgrep/OpenGrep for static code analysis across multiple programming languages and frameworks Integrate Gitleaks for automated secret detection and credential scanning in source code repositories Execute static application security testing (SAST) and dynamic application security testing (DAST) across the entire stack Conduct penetration testing and vulnerability assessments on payment processing applications and microservices Perform web application penetration testing including authentication bypass, authorization flaws, injection attacks, and business logic vulnerabilities Review and analyze code for security vulnerabilities with focus on microservices communication patterns and frontend security Assess API gateways, service meshes, and inter-service authentication mechanisms Implement and maintain automated security testing tools in CI/CD pipelines for both frontend and backend components Secure Development Lifecycle (SDLC) Integrate security practices into the software development lifecycle Collaborate with development teams to implement secure coding practices Conduct security architecture reviews and threat modeling sessions Provide security requirements and guidelines for new application features Establish and maintain application security standards and best practices Vulnerability Management Identify, prioritize, and track application security vulnerabilities across multiple technologies Implement comprehensive vulnerability scoring using CVSS v3.1, OWASP Risk Rating, and custom business impact assessments Develop risk scoring matrices that incorporate technical severity, business impact, and exploitability factors Utilize govulncheck for proactive Go vulnerability management and dependency tracking Deploy Gitleaks for continuous secret detection and credential exposure prevention Implement Semgrep/OpenGrep for custom vulnerability pattern detection and policy violations Create detailed penetration testing reports with executive summaries, technical findings, and remediation roadmaps Establish vulnerability SLA metrics and track remediation timelines based on risk scores Work with development teams to remediate identified security issues Maintain vulnerability management processes and ensure timely resolution Perform risk assessments and provide recommendations for vulnerability mitigation Monitor and respond to emerging application security threats Create and maintain security metrics and KPIs for vulnerability remediation Security Tools Automation Implement and manage application security scanning tools (SAST, DAST, IAST) Deploy govulncheck for continuous Go vulnerability monitoring in GoLang microservices Integrate Gitleaks for automated secret scanning across development workflows and CI/CD pipelines Configure Semgrep/OpenGrep rules for custom security pattern detection and policy enforcement Develop and maintain security automation scripts and tools Integrate security tools into development workflows and CI/CD pipelines Evaluate and recommend new application security technologies and solutions Create custom security rules and policies for language-specific vulnerabilities Automate security testing for containerized applications and microservices Compliance Documentation Ensure applications comply with financial industry regulations (PCI DSS, PSD2, etc.) Maintain security documentation, procedures, and incident response plans Support compliance audits and security assessments Create and deliver application security training for development teams Required Qualifications Experience 4+ years of experience in application security, with focus on web and mobile applications Strong experience securing microservices architectures, particularly those built with GoLang, Java, or Scala Hands-on experience with frontend security for modern JavaScript frameworks (Vue.js, ReactJS) Extensive experience in web application penetration testing including OWASP Top 10, business logic flaws, and authentication/authorization bypasses Proven expertise in vulnerability scoring and risk assessment using CVSS, OWASP Risk Rating, and custom scoring methodologies Proven experience with security automation tools: govulncheck (Go vulnerability scanning), Gitleaks (secret detection), Semgrep/OpenGrep (static analysis) Experience with application security testing tools (Burp Suite, OWASP ZAP, Veracode, Checkmarx, etc.) Hands-on experience with penetration testing and vulnerability assessment Experience with secure code review and static/dynamic analysis tools Knowledge of common web application vulnerabilities (OWASP Top 10) and microservices-specific security challenges Technical Skills Proficiency in backend programming languages with strong focus on GoLang, Java, or Scala for microservices architecture Experience with frontend frameworks, particularly Vue.js and ReactJS for modern web applications Advanced proficiency with security tools: govulncheck (Go-specific vulnerability detection), Gitleaks (credential scanning), Semgrep/OpenGrep (multi-language static analysis) Expert-level web application penetration testing skills using tools like Burp Suite Professional, OWASP ZAP, Nuclei, and custom exploitation frameworks Comprehensive knowledge of vulnerability scoring frameworks including CVSS v3.1, OWASP Risk Rating Methodology, and FAIR (Factor Analysis of Information Risk) Experience with automated penetration testing tools and frameworks for continuous security validation Strong understanding of microservices security patterns and inter-service communication Experience with API security testing and assessment (REST, GraphQL, gRPC) Knowledge of mobile application security (iOS/Android) Familiarity with cloud security (AWS, Azure, GCP) Understanding of database security and secure data handling Experience with containerized applications and orchestration platforms Security Knowledge Deep understanding of application security principles and best practices Expert knowledge of web application penetration testing methodologies (OWASP Testing Guide, PTES, NIST SP 800-115) Advanced understanding of vulnerability scoring and risk quantification using industry-standard frameworks Knowledge of security frameworks and standards (OWASP, NIST, ISO 27001) Experience with threat modeling and risk assessment methodologies Understanding of cryptography and secure communication protocols Knowledge of authentication and authorization mechanisms Expertise in manual testing techniques for complex business logic vulnerabilities Experience with penetration testing reporting and executive communication of security risks Nice to Have Certifications Relevant security certifications (CISSP, CEH, CSSLP, GWEB, OSCP) Cloud security certifications (AWS Security, Azure Security) Additional Skills Experience with DevSecOps practices and tools Advanced proficiency in securing distributed microservices ecosystems Experience with modern frontend build tools and security (Webpack, Vite, npm/yarn security) Expertise in Go ecosystem security including govulncheck integration and dependency management Advanced configuration and customization of Semgrep/OpenGrep rules for organization-specific security policies Experience with Gitleaks integration across multiple Git workflows and CI/CD platforms Advanced web application penetration testing including thick client applications and complex multi-tier architectures Experience with custom exploit development and proof-of-concept creation for business logic vulnerabilities Expertise in creating comprehensive risk scoring models that align technical findings with business impact Knowledge of container security (Docker, Kubernetes) Experience with financial services and payment processing security Familiarity with regulatory compliance (PCI DSS, GDPR, PSD2) Experience with bug bounty programs and responsible disclosure Knowledge of machine learning/AI security Experience with service mesh security (Istio, Linkerd) and API gateway security Key Abilities and Traits Technical Excellence: Demonstrated ability to identify and remediate complex application security vulnerabilities across diverse technology stacks. Collaboration: Strong ability to work effectively with development teams, translating security requirements into actionable development practices. Communication: Excellent verbal and written communication skills, capable of explaining security concepts to both technical and business stakeholders. Problem-Solving: Strong analytical and problem-solving skills with the ability to think like both a defender and an attacker. Continuous Learning: Commitment to staying current with emerging application security threats, tools, and best practices. Detail-Oriented: Meticulous attention to detail when reviewing code and assessing application security. Project Management: Ability to manage multiple security assessments and projects simultaneously while meeting deadlines.

Job Description Responsibilities: Collaborate with engineering teams on architecting, implementing technologies, processes, and improvements around product security by performing threat models, penetrations tests, and sharing security expertise. Develop security testing plans to identify misconfigurations, vulnerabilities, and visibility shortfalls. Assist, mentor, and educate about internal secure development methodologies and CyberArk "Security Champions" program. Critical skills: 4+ years of experience working in the software development industry as a test engineer or an engineer with responsibilities relating to security. Background in Whitebox penetration testing. Bachelor s degree in Computer Science, Computer Information Systems, Software Engineering, or Mathematics or a related field, or its equivalent. Programming experience in one or more languages (Java, JavaScript, Python, Shell/BASH, C/C, C#). #LI-HK01 Qualifications Desirable skills: OSCP certification a huge plus. Experience with web application scanning tools (e.g. Static / Dynamic, Interactive, etc.) including Qualys WAS, Appspider, Acutenitx, Veracode, Burp Sui

Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Introduction Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) - India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Introduction Welcome to Gallagher a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the commu nities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out Th e Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color , religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business. ","

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Fluke IDC - Mobile Developer We are looking for a Mobile developer with 4 to 8 years of experience to join one of our teams. In this role, you are expected to work with a team of highly skilled software engineers and pave way for building high quality mobile application. Responsibilities: Collaborate with cross-functional teams to analyse, design, and ship new features for our mobile applications. Develop high-quality software design and architecture. Work closely with product management and UX/UI designers to implement user- friendly interfaces. Diagnose and fix bugs and performance bottlenecks for performance that feels native. Continuously discover, evaluate, and implement new technologies to maximize development efficiency. Stay updated with the latest trends and best practices in mobile application development.Skills Requirements: - Required: 4 - 8 years of relevant experience in iOS native development using Objective C / Swift and cross-platform app development using Flutter. Strong proficiency in IOS & Flutterfor building high-quality, high-performance mobile applications. Solid understanding of the full mobile development life cycle. Excellent problem-solving skills and ability to think critically. Must have experience with Dart, Swift. Familiarity with RESTful APIs to connect mobile applications to back-end services. Strong understanding of design patterns like BLoC, MVP, MVVM, and MVC. Experience working with SQLite, BLE, Wi-Fi, Firebase and Push Notification. Good knowledge on scrum and agile practices. Knowledge of UI/UX best practices and design standards Excellent debugging skills and knowledge of debug and test tools like layout Inspector, App Inspection and memory profiling etc. Strong communication skills and ability to work effectively in a team. Good Academic Records with > 60% marks and no gaps. Preferred: Demonstrated track record of introducing new ideas, processes, or technologies that have positively impacted a project, team, or organization. Understanding of security best practices in CI/CD pipelines, including vulnerability scanning, code analysis, and secure configurations to maintain a high level of application security. Understanding of cloud services example AWS. Knowledge of AI tools (Open AI, GitHub Co-pilot). We are a diverse team 17,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact. At Fortive, we believe in growth. We re honest about what s working and what isn t, and we never stop improving and innovating. About Fluke Fluke is leading the world in creating software, test tools and technology that will support customers today and in the future. We are a customer-obsessed market leader with a strong reputation for reliability, quality and safety.A wholly owned subsidiary of Fortive Corporation (www.fortive.com), Fluke is a global corporation headquartered in the greater Seattle area. Driven by the successful Fortive Business System, Fluke offers the passion of a startup with the resources of a Fortune 500 company. We are focused on the growth of our individual employees, teams and the Fluke brand. We Are an Equal Opportunity Employer. Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Fortive and all Fortive Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at applyassistance@fortive.com.

About the Role Were seeking a hands-on and detail-oriented Security and Compliance Engineer to drive security across our applications, infrastructure, and compliance programs-especially in a healthcare environment. This role combines security engineering, DevSecOps, and risk management with a strong focus on application, cloud, AI, and data security. You will work closely with engineering, DevOps, and compliance teams to embed security into the development lifecycle, support regulatory frameworks, and ensure cloud-native environments and AI technologies are secure by design. Responsibilities Conduct web and mobile application penetration testing, vulnerability scanning, and remediation support across our platforms. Integrate DevSecOps practices into CI/CD pipelines, using tools like Snyk, Terraform, and container security scanners. Implement and monitor Cloud Security Posture Management (CSPM) tools such as Wiz to secure cloud configurations and infrastructure. Partner with DevOps to enforce secure provisioning via Infrastructure as Code (IaC). Lead and support compliance initiatives (HIPAA, SOC 2, HITRUST) using platforms like Drata (Compliance-as-a-Service). Design and enhance email gateway security (e.g., Barracuda) and bot protection (e.g., WatchGuard) to defend against phishing and automated threats. Evaluate and secure chatbots and AI systems, addressing risks like prompt injection, data leakage, and model integrity. Drive data security best practices including encryption, data loss prevention (DLP), and classification strategies. Collaborate with engineering to embed security controls in product design and conduct threat modeling, secure code reviews, and architecture reviews. Participate in incident detection, response, and root cause analysis, while ensuring effective logging and monitoring are in place. Maintain security documentation and support audits and third-party assessments. Required Skills & Qualifications 4-6 years of experience in security engineering, compliance, and DevSecOps. Proficiency in web and mobile application security, including OWASP Top 10, SAST/DAST tools, and manual testing with Burp Suite, etc. Strong exposure to DevSecOps workflows, with hands-on experience using tools like Snyk, Terraform, and container security. Deep understanding of HIPAA, SOC 2, and healthcare compliance requirements. Experience with cloud security, preferably on Microsoft Azure, and familiarity with CSPM tools like Wiz. Working knowledge of Drata or similar compliance automation platforms. Exposure to email security gateways, bot protection, and threat detection tools. Familiarity with AI and chatbot security concepts and current risks in the generative AI space. Strong grasp of data security principles-encryption, access controls, data classification, and DLP. Scripting or automation skills in Python, Bash, or equivalent are a plus. Strong written and verbal communication, documentation, and collaboration skills. Nice to Have Certifications like OSCP, CEH, CCSK, CISSP, HCISPP, or similar. Familiarity with tools like KnowBe4, Intune, or Azure AD for identity and endpoint security. Understanding of Zero Trust Architecture, RBAC, and endpoint detection and response (EDR) strategies. Previous experience in a health tech, SaaS, or AI-focused organization. Why Join Us Make a real impact in securing healthcare and AI systems at scale. Collaborate in a high-ownership environment with modern tools and cloud-native practices. Work in a security-forward company that values both innovation and compliance. Flexible work environment and growth opportunities in a fast-paced tech culture.

Hello Visionary! We know that the only way a business thrive is if our people are growing. That’s why we always put our people first. Our global, diverse team would be happy to support you and challenge you to grow in new ways. Who knows where our shared journey will take you We are looking for Product and Solution Security Expert (PSSE) How do you craft the future Smart BuildingsWe’re looking for the makers of tomorrow, the hardworking individuals ready to help Siemens transform entire industries, cities and even countries. Get to know us from the inside, develop your skills on the job. You’ll make a difference by: 1. Integration with SDLC: Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Perform security code reviews and analyze vulnerabilities during different SDLC phases. Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. 2. Security Activities: Develop and implement security protocols, guidelines, and best practices for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. 3. Stakeholder Interaction: Work closely with key stakeholders, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical stakeholders. Foster a security-aware culture within the development teams and across the organization. 4. Security Tools and Technologies: Implement and manage security tools such as static and dynamic analysis tools, intrusion detection systems, and vulnerability scanners. Stay updated with the latest security tools, trends, and best practices to enhance the organization's security posture. 5. Incident Response: Assist in the development and implementation of incident response plans and procedures. Participate in security incident investigations and provide expertise in resolving security breaches. 6. Training and Awareness: Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security. You’ll win us over by: 1. Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. 3. Certification Preferred: Certified Secure Software Lifecycle Professional (CSSLP). Experience: Proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key stakeholders and supporting security activities within software products. You’ll win us over by: Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. Minimum 5 years of experience in cybersecurity, with a focus on application security. We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Create a better #TomorrowWithUs! This role, based in Pune, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow Find out more about the Digital world of Siemens here[1] www.siemens.com/careers/digitalminds Find out more about Siemens careers at[2] www.siemens.com/careers

Hello Visionary ! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. We are looking for a highly skilled and motivated Product & Solution Security Professional to join our team. The ideal candidate will be responsible for defining secure design principles and supporting cross-functional teams to ensure secure architecture, implementation, and testing of products and solutions. Key Responsibilities Integration with SDLC Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. Perform security code reviews and analyze vulnerabilities during different SDLC phases. 2. Security Activities Develop and implement security protocols, guidelines, and best practices for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. Stakeholder Interaction Work closely with key stakeholders, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical stakeholders. Foster a security-aware culture within the development teams and across the organization . 4. Security Tools and Technologies Implement and manage security tools such as static and dynamic analysis tools and vulnerability scanners. Stay updated with the latest security tools, trends, and best practices to enhance product’s security posture. 5. Training and Awareness Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security . Skills and Qualifications 1. Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. 3. Certification Preferred CEH, Certified Secure Software Lifecycle Professional (CSSLP) or equivalent. Experience Proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key stakeholders and supporting security activities within software products. Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. 7 - 10 years of experience in cybersecurity, with a focus on application security. Make your mark in our exciting world at Siemens . This role, based in Bangalore , is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow We’ll support you with Hybrid working opportunities. Diverse and inclusive culture. Variety of learning & development opportunities. Attractive compensation package. Find out more about Siemens careers at www.siemens.com/careers

The Software Developer, DevSecOps team member is expected to have a thorough understanding of complex IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies. The ideal candidate will have knowledge of industry security frameworks such as OWASP SAMM and will be a strong communicator. They will be responsible for detecting product and application security threats as well as areas of weakness in products and applications for improvement. This position will be primarily based out in Skyone Park, Pune, INDIA office will consistently work under the guidance and processes of global security team they will support regional as well as global engineering groups. The Software Developer, DevSecOps team member will be expected to use their knowledge and experience to further develop internal secure processes and procedures. Key Duties In addition to anticipating possible security threats and identifying areas of weakness, the Product Security Engineer must: Act as a Security Engineer to work in development, operations activities daily Support building various tools, processes for the business and for engineering teams through various software development skills and coding practices (OOPS will be highly recommended) Code management and maintenance through DevOps and CI/CD pipelines Thorough Gitlab usage and maintenance for daily activities tracking, source code management, DevOps and CI/CD Support internal security team efforts, cross-functional activities Act as a primary point of contact for regional engineering teams for secure best practices and processes Thorough follow-up of internal product security program and vulnerability management processes Mentor juniors within the team and provide support Regional and Global support activities Requirements A bachelor s degree in information technology, Computer Science or related Engineering field is highly desirable. Total 4 to 7 years of relevant experience in Software Development, Coding (especially OOPS, C++ etc. ), DevOps and CI/CD Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are ideal. Good working knowledge of current Software Development environments, IT risks and experience implementing security solutions. Ability to interact with a broad cross-section of personnel to articulate and enforce security measures through internal product security program and vulnerability management processes Excellent written and verbal communication skills as well as business acumen Strong technical documentation, diagramming, and presentation skills Strong leadership, vision, effective communication and goal-oriented Strong ability to establish partnerships and influence change and achieve results within dynamic environment Meaningful technical contributions into the development lifecycle of a product, application, and service Preferred knowledge experience includes Software Development experience in IT Applications, embedded systems / software and/or web-based applications that includes lab activities with and debugging on target hardware Experience using git and related source code management tools Experience with the Linux kernel and networking stack including security features Operating system configuration of Windows, Linux, Android, and iOS Computer boot process including boot loaders Familiarity with compilers, debuggers, disassemblers, and other low-level development and analysis tools Circumventing security protection methods and techniques Reverse engineering complex systems and protocols

We seek technical leads and architects with hands-on experience developing and supporting software products and services on cloud platforms. The ideal candidate would have rich experience building SaaS products/services, and incrementally deploying them on cloud environments with a deep understanding of platform development, system design, associated tools, technologies, and best practices. Experience in Test-driven development, quality through automation, application security etc., would be a plus. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Technical and Professional Expertise: 8 + years of programming experience Robust system design and programming skills in Python -based backend application development OR NodeJS JOR ava with Spring framework, ReactJS with Typescript or Experience with Containers, Docker, Kubernetes, Linux Experience building distributed and scalable SaaS offerings based on REST APIs, microservices, and containers. Experience in system design and supporting cloud services Ability to learn and be productive on new technologies independently & quickly Experience in technically coaching and guiding junior developers covering system design, code reviews etc. Good communication skills and technical leadership qualities Preferred technical and professional experience Degree in Computer Science, , Engineering, or equivalent professional experience. Working experience on Docker/Kubernetes, the DevOps, Micro services, RedHat OpenShift, Java J2EE / Python /NodeJS Working experience in integrating LLM based applications Willing to lead and work on quick proof of concepts.

Role is SAP subject matter expert/architect role for Security. Key responsibilities will involve working with Business Stakeholders, understanding requirements, translating user requirements into SAP IT scope, assessing impact on application & connected systems, estimating high level schedule and efforts to implement solution and ensure successful technical delivery Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Candidate must have min. 6-12 years of solid SAP Security Implementation experience with focus on Role authorizations. Solid implementation and hands-on experience in ECC 6.0 role build. Experience in working with stakeholders and leading SAP security projects. Sound understanding of SOD - segregation of duties. Support technical requirement gathering, develop prototypes/PoCs/recommend solutions with limited information from the business, delivery quality technical specifications and documentation Preferred technical and professional experience SOX/GRC Control experience