1254 Application Security Jobs - Page 34

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cisco Identity Services Engine (ISE) Good to have skills : Cisco FirewallMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure and efficient cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cisco Identity Services Engine (ISE).- Good To Have Skills: Experience with Cisco Firewall.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls in cloud environments.- Familiarity with regulatory compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Cisco Identity Services Engine (ISE).- This position is based at our Chennai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME In SailPoint IIQ Implementation- Collaborate and manage the team to perform- Interact with Client, Gather the requirements and recommend optimal designs for client requirement- Engage with multiple teams and contribute on key decisions- Lead the team and manage the deliverables and review the deliverables of other junior team members Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint Identity IQ- Strong understanding of IAM/IGA concepts- Experience in designing and implementing SailPoint IIQ- Hands-on experience with SailPoint IIQ Implementation, customization, workflows, application onboarding etc.- Familiarity with standard compliance standards Additional Information:- The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and contribute to the overall security posture of the organization. Roles & Responsibilities:- Work on Sailpoint IIQ development and integration- Collaborate with the team to perform.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Must have :Application onboarding experience, worked on Rules and workflows. Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration solutions.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or ISO 27001.- Ability to analyze and mitigate security risks associated with cloud environments. Additional Information:- The candidate should have minimum 3 years of experience in SailPoint IdentityIQ.- This position is based in Bangalore.- A Bachelor or college degree in related field or equivalent work experience is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity governance and administration.- Experience in implementing security controls in cloud environments.- Familiarity with risk assessment methodologies and security best practices. Additional Information:- The candidate should have minimum 3 years of experience in SailPoint IdentityNow.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : BTECH Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance- Strong understanding of security architecture design- Experience in implementing cloud security controls- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Governance- This position is based at our Gurugram office- A BTECH degree is required Qualification BTECH

Job Description: Key Responsibilities: Design and build advanced, high-performance Android applications. Collaborate with product managers, designers, and other developers to create and improve application features. Work with APIs and integrate backend services to support app functionality. Maintain and update existing Android applications, ensuring bug fixes and performance improvements. Write clean, maintainable, and efficient code while following Android best practices. Perform unit testing and debugging to ensure optimal app performance. Stay updated with the latest trends in Android development and emerging technologies. Ensure the application is optimized for speed and scalability. Implement application security and data protection protocols. Collaborate in Agile development environments and participate in code reviews. Provide documentation for the code and application features Key Skills : Android Developer Java Html Application Developer

Essential duties & responsibilities: Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organization s systems and products. Collaborate with DevOps, Platform Engineering and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualification & Experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Network security (e.g., IDS/IPS, firewall hardening) , Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) , Application security (e.g., SAST, DAST, API security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF), CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team

Job Description: Key Responsibilities: Design and build advanced, high-performance Android applications. Collaborate with product managers, designers, and other developers to create and improve application features. Work with APIs and integrate backend services to support app functionality. Maintain and update existing Android applications, ensuring bug fixes and performance improvements. Write clean, maintainable, and efficient code while following Android best practices. Perform unit testing and debugging to ensure optimal app performance. Stay updated with the latest trends in Android development and emerging technologies. Ensure the application is optimized for speed and scalability. Implement application security and data protection protocols. Collaborate in Agile development environments and participate in code reviews. Provide documentation for the code and application features Key Skills : Android Developer Advance Java Ms Sql Software Developer Git

Position Title: 23946-31619-Backfill- Analyst Infra Security I (IND) Job Family: IFT > IT Infrastructure & Support Shift: Job Description: JOB DESCRIPTION Job Title Analyst IT Security II (IND) (Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF)) Requirement Type Full-Time Employee Job Location Bangalore Requirement Level Associate Hiring Manager Vikram Shah Primary Skill Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) Business STS Skill Category Super Niche ABOUT ELEVANCE HEALTH Elevance Health is a leading health company in America dedicated to improving lives and communities and making healthcare simpler. It is the largest managed health care company in the Blue Cross Blue Shield (BCBS) Association serving more than 45 million lives across 14 states. A regular in Fortune 500 list, Elevance Health ranked 20 in 2022. Gail Boudreaux , President and CEO of Elevance Health has been a consistent name in the Fortune list of most powerful women and currently holds 4th rank on this list. ABOUT CARELONCARELON Carelon Global Solutions (CGS) is a healthcare solutions company that is simplifying complex operational processes to improve the health of the healthcare system. Previously known as Legato Health Technologies, Carelon Global Solutions (hereinafter, CGS) underwent a name change and joined the Carelon family of brands in January 2023, as a fully owned subsidiary of Elevance Health (Previously Anthem Inc.). CGS brings together a global team of like-minded innovators who manage and optimize operational processes for health plans as well as providers. Our brightest minds housed across our global headquarters in Indianapolis as well as Bengaluru, Hyderabad and Gurugram in India, Manila in the Philippines, Limerick in Ireland and San Juan in Puerto Rico bring with them innovative capabilities and an unmatched depth of experience. This global team uniquely positions CGS to enable scalable, next-generation platforms and specialized digital tools that make healthcare operations more practical, effective and efficient. OUR MISSION & VALUES Our Mission: Improving Lives and Communities. Simplifying Healthcare. Expecting More. Our Values: Leadership | Community | Integrity | Agility | Diversity JOB POSITION We are seeking a Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) within our InfoSec team to help support our strategic security and compliance objectives. As an Application Security Engineer (WAF), you will partner with Application Security team, and will be a part of a fast-paced, results-driven, multi-national InfoSec organization. You will design, configure, deploy, and support the Web Application Firewall (WAF), DoS and BOT mitigation policies as well as CDN and caching configurations for on premise and in the cloud WAF deployments. The candidate will work closely with other members of the application security team, including security analysts, penetration testers, and leaders, to ensure that our applications are secure and compliant with industry standards. JOB RESPONSIBILITY Analyst IT Security II (IND) ( Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) ) : Able to demonstrate understanding of extensive working experience with DNS, network protocols and web technologies (e.g. IP, TCP, UDP, SSL/TLS, HTTP/HTTPS, gRPC, web sockets). Provide operational support, trouble shooting and maintenance of major Security related processes, controls or products. Analyze, configure, test, document and implement upgrades to WAF security processes, controls or products. Recognize, analyze patterns, and respond to security events and escalates as necessary. Consult with technical and business peers to analyze, support, and resolve Cybersecurity events. Engineer, configure, deploy, and maintain Web Application Firewall (WAF) solutions. Configure new sites and applications for WAF protection and perform analysis of traffic to remove false positives. Work with application developers and developer teams to analyze, prioritize, and support WAF configurations or application remediation to address security issues. Develop, maintain, test, patch and troubleshoot WAF rules/signatures to mitigate threats and implements best practices. Demonstrate experience in delivering technical projects with an ability to manage multiple priorities. Excellent problem-solving and analytical skills Effective communication and interpersonal skills Ability to work independently and in a team environment. QUALIFICATION EXPERIENCE Experience working in large organizations (25,000+) in fast paced environments with competing projects and priorities. Experience with large-scale application onboardings to WAF, and/or migrations between WAF solutions Confidence to lead triage calls for security events, web traffic disruptions or network outages. SKILLS AND COMPETENCIES Bachelor s degree or equivalent years (4-8+) as an Application Security Analyst/Engineer and WAF Security Engineer Cybersecurity, privacy principles, threats, vulnerabilities, risk management, and IT security methods. (e.g., firewalls, dmz, encryption, SSL certificates). Network security architecture concepts and protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and IAM/directory services (e.g. Okta, Siteminder, Ping, LDAP) Experience working with industry standard WAF solutions like CloudFlare, Akamai, F5 Networks, Imperva, Fastly, etc. Knowledge of Layer 7 security attacks and application security vulnerabilities (OWASP Top 10, SANS Top 25, XSS, SQLi, CMDi, RCE, CSRF/SSRF, CVEs and CWEs, etc.) Basic understanding of CDN and caching techniques, Load Balancing, etc. Basic understanding of various Clouds (AWS, GCP, Azure, Oracle Cloud) THE CARELON PROMISE Aligning with our brand belief of limitless minds are our biggest asset , we offer a world of limitless opportunities to our associates. It is our strong belief that one is committed to a role when it is not just what the role entails, but also what lies in its periphery that completes the value circle for an associate. This world of limitless opportunities thrives in an environment that fosters growth and well-being, and gives you purpose and the feeling of belonging. LIFE @ CARELON Extensive focus on learning and development An inspiring culture built on innovation, creativity, and freedom Holistic well-being Comprehensive range of rewards and recognitions Competitive health and medical insurance coverage Best-in-class amenities and workspaces Policies designed with associates at the center EQUAL OPPORTUNITY EMPLOYER Reasonable Accommodation Our inclusive culture empowers Carelon to deliver the best results for our customers. We not only celebrate the diversity of our workforce, but we also celebrate the diverse ways we work. If you have a disability and need accommodation such as an interpreter or a different interview format, please ask for the Reasonable Accommodation Request Form. Job Type: Full time

Skills Required : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Posted On : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Education/Qualification : Bachelors or Masters Desirable Skills : cyber security, Cloud Security, Cryptography

Requirement of Web Application Security, Mobile Application Security and Api Having deep Knowledge Application Security

Look for immediate joiner. Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS) We should look for a candidate who has deep and diverse hands on exp in above skills Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps This profile requires a candidate with hands on Application Security experience specific to mobile applications Communication should excellent

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Roles & Responsibilities: Define project scope, objectives, and deliverables in collaboration with stakeholders. Develop comprehensive project plans, including timelines, budgets, and resource allocation. Manage and coordinate project teams, including security engineers, analysts, and other technical resources. Track project progress, identify and manage risks and issues, and implement effective mitigation strategies. Ensure adherence to project management methodologies and best practices. Stay up-to-date with the latest cyber security trends and technologies. Skill & Competencies: Strong track record of delivering IT projects in a large, complex environment. (7 years), especially experience in the implementation of financial and regulatory requirements in the CFO context in Group-wide systems and their integration Proven 5+ years experience as a PM Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience (typically 5+ years) managing IT projects, with a significant focus on cyber security initiatives.

JAGGAER provides an intelligent Source-to-Pay and Supplier Collaboration Platform that empowers organizations to manage and automate complex processes while enabling a highly resilient, responsible, and integrated supplier base. With 30 years of expertise, we specialize in solving complex procurement and supply chain challenges across various industries. Our 1,200+ global employees are obsessed with ensuring customers get full value from our products - ultimately enhancing and transforming their businesses. For more information, visit www.jaggaer.com We are seeking a Senior NetSuite Systems Administrator who is highly task-oriented and capable of taking full ownership of administrative responsibilities within a complex, multi-subsidiary global NetSuite environment. In this role, you will play a pivotal part in supporting our Finance and Operations teams by troubleshooting issues, optimizing system performance, and driving continuous improvement. You will be expected to lead the administration, design, implementation, and ongoing support of our NetSuite ERP platform, ensuring it aligns with evolving business needs and industry best practices. Principal Responsibilities Administer, configure, and maintain NetSuite ERP, CRM, Finance, Billing, and Revenue Recognition modules. Provide end-to-end support across key business processes: Procure-to-Pay, Record-to-Report, Lead-to-Order, and Order-to-Cash. Troubleshoot and resolve system issues, ensuring minimal disruption to business operations. Ensure timely response and resolution of tickets and project tasks in accordance with SLAs. Lead and organize project calls with internal stakeholders and external vendors. Collaborate with cross-functional teams including Finance, Accounting, and IT to define project deliverables and timelines. Maintain and update project boards, tickets, and documentation throughout the project lifecycle. Prepare and present weekly/monthly status reports to leadership. Drive the adoption of AI-powered NetSuite features to enhance forecasting, anomaly detection, and decision-making. Propose and implement system enhancements based on business requirements and best practices. Stay current with NetSuite updates and recommend process improvements. Support and manage enterprise-level integrations between NetSuite and other critical business systems. Deploy and test customizations, new subsidiaries, and new functionalities. Create and maintain technical documentation, policies, and procedures. Provide pre- and post-implementation technical support. Ensure application security controls are in place and aligned with enterprise architecture and compliance policies. Act as the central point of contact for technical and security-related projects. Collaborate with internal teams to define and implement controls, audits, and compliance measures. Mentor and train junior NetSuite administrators. Facilitate team engagement in roadmap planning and technical requirement definition. Collaborate with global teams to support mergers and acquisitions through integration planning and execution. Work US hours during monthly, quarterly, and annual accounting closes (with time-off flexibility post-close). Align with global teams by working from 2:00 PM to 11:00 PM IST, ensuring real-time collaboration across time zones. Based in Hyderabad (Cyber Pearl), this role follows a hybrid schedule with on-site presence required 4 days per week, starting August 2025. Position Requirements Preferred: Bachelor s degree in finance/accounting. Over 10 years of NetSuite experience and 5+ years supporting NetSuite for a global SaaS organization. Strong understanding of NetSuite modules and business processes. Experience with system integrations, customizations, and scripting. Excellent communication, project management, and stakeholder engagement skills. Ability to work independently and collaboratively in a fast-paced environment. What Does Success Look Like: Update support tickets within 24 hours. Maintain responsiveness to peers, managers, and executives. Take and distribute detailed meeting notes into relevant tickets. Proactively seek clarification or conduct research when needed. Jaggaer offers equal employment opportunities without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, age, disability, genetic information, veteran or military status, and other protected class characteristics What We Offer: At JAGGAER you ll find great benefits, empowering culture, flexible work environment, much more!

Not Applicable Specialism Microsoft Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a riskbased methodology and shiftleft approach to engage early in the software development lifecycle. & Summary Responsibilities 1. Review application source code based on the industry standard security frameworks and organizations internal security policy. 2. Running the source code scan and analyzing the results derived from the SAST platform. 3. Coordinate with application development teams to ensure identified gaps are fixed in proper time. 4. Work with the application development team to eliminate false positives, to clarify compensating security controls. 5. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. 6. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. 7. Work closely with other team members, including project leads, regional leads and territory security leadership team. 8. Provide regular updates on progress and issues to project managers and stakeholders 9. Strong knowledge of secure coding practices and common security vulnerabilities (e.g., OWASP Top 10). 10. Strong knowledge of Industry standard SAST tools (e.g. Veracode, Fortify on Demand). 11. Strong knowledge of Industry standard SCA tools (e.g. Blackduck). 12. Strong knowledge in manual and toolbased code review process, focusing on OWASP methodology. 13. Strong Knowledge of security vulnerability identification and remediation methodologies. 14. Familiarity with industry standard security frameworks and policies. 15. Strong knowledge of DevSecOps practices and integration of security within CI/CD pipelines. Mandatory skill sets VAPT, source code analysis, remediation, mitigation, vulnerability assessment, SAST, SCA, application security, white box testing, Veracode, Checkmarx , source code review. Preferred skill sets CI/CD Pipelines Years of experience required 47 Years Education qualification B.Tech/B.E. Education Degrees/Field of Study required Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred Required Skills Code Review Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coding Standards, Communication, Creativity, Cybersecurity, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Information Security, Intellectual Curiosity, Learning Agility, LoadRunner (Software Testing Tool) {+ 30 more} Travel Requirements Government Clearance Required?

is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview: We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. What we are looking from an ideal candidate? Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines ( DevSecOps ). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001 , SOC 2 , GDPR , and HIPAA . Provide guidance on secure implementation of AI/ML components and data protection strategies. Preferred Skills: What skills do you need? Requirements: 8+ years of experience in information security , application security , or cybersecurity engineering . Proficient in penetration testing methodologies and use of tools such as Burp Suite , Metasploit , Nmap , Wireshark , Nessus , OWASP ZAP , Qualys , etc. Deep experience in vulnerability management , patching, and security hardening practices. Strong understanding of OWASP Top 10 , CWE/SANS Top 25 , API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM , EDR , IDS/IPS , and DLP solutions. Knowledge of DevSecOps and tools like Terraform , Kubernetes , Docker , etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications: Certifications such as CISSP , CISM , CEH , OSCP , or AWS Security Specialty . Experience working on security aspects of AI/ML platforms , data pipelines , or model inferencing . Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer: A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate

Redefine the future of customer experiences. One conversation at a time. We re changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service , our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you re in the right place. Build Amazing - Deliver Amazing - Live Amazing - Be Amazing The AI Security and Compliance Engineer is responsible for working with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle. The engineer applies knowledge of AI and application security risks and threats to design and implement appropriate, cost-effective security controls during development, deployment, and operation of AI based applications. The engineer defines and promotes the implementation guidelines for data classification, segregation, and access controls to AI model inputs and training data to ensure data confidentiality and privacy for different data sources and user groups. The engineer performs audits and vulnerability assessments, penetration testing and supports mitigation of findings. Key Responsibilities: Ensure AI products have security and privacy by design. Establish and document policies and guidelines for data classification and data used for training to prevent leaks of sensitive data. Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer, regulatory, and contractual obligations. Monitor and audit AI systems and development processes for compliance with policies, regulations and contractual obligations. Monitor and respond to security incidents involving AI systems. Create AI-specific incident management procedures to address AI related security incidents. Enhance the resilience of AI systems against potential threats by implementing cyber security best practices, controls, and tools to protect AI models from threats such as those in the OWASP AI Top Ten, including supply chain and model poisoning threats and attempts to access, modify, and exfiltrate confidential information via the query interface. Establish policies and guidelines for access controls, limitations and guardrails on usage and prompts for AI inputs and API s. Ensure proper access controls on API s and processing pipelines, and segregation of data. Create, update, and maintain threat models for a wide variety of software projects. Provide AI security training for internal development teams. Maintain current knowledge of AI risks, threats, and AI testing tools and techniques. Perform other duties to support the technical and operational security of the organization as required. Qualifications: Bachelor s degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security, software development, or AI development. Desired certifications - one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+. Understanding of Application Security and Data Security for applications and AI, such as the OWASP Top 10 and the OWASP Top 10 for Generative AI. Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT. Experience and understanding of threats and risks related to web applications and API s, particularly with AI based applications. General knowledge of security implications of threats and vulnerabilities related to networks, servers, operating systems, applications, and databases. Experience with vulnerability management, patching, and mitigation assessment. Experience working within and implementing policies for a security framework such as ISO 27001 and NIST. Flexibility to work off-hours to support global project teams and maintenance windows. Ability to support 24x7 on-call for incident response on a rotating basis. Experience developing software, scripting and using SQL queries to automate controls, processes and reporting. Competencies: Strong analytical problem-solving skills and attention to detail. Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner. Ability to form productive relationships across the organization to accomplish information security objectives. Ability and willingness to learn all aspects of the information security field. Professional verbal and written communication skills in English. Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat. Able to assess, document, and prioritize identified security flaws and vulnerabilities based on risk. Total Rewards Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses. Medical - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity. Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means. Coverage Type - Employee Only Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000 Free Cover Limit - 1.5 Crore Work-Life Balance - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays Financial Security - Provident Fund & Gratuity Wellness - Employee Assistance Program and comprehensive wellness initiatives Growth - Access to ongoing learning and development opportunities and career advancement At Nextiva, were committed to supporting our employees health, well-being, and professional growth. Join us and build a rewarding career! Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what s going on at Nextiva, check us out on Instagram , Instagram (MX) , YouTube , LinkedIn , and the Nextiva blog . #LI-RQ1 #LI-Hybrid

Senior Cyber Security Partner Back to job search results Tesco India Bengaluru Hybrid Full-Time Apply by 22-Jul-2025 About the role Refer you will be responsible section What is in it for you At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles - simple, fair, competitive, and sustainable. Salary - Your fixed pay is the guaranteed pay as per your contract of employment. Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the companys policy. Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Physical Wellbeing - Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. You will be responsible for Following our Business Code of Conduct and always acting with integrity and due diligence and have these specific risk responsibilities: Provide product and engineering teams with direction and guidance on all security matters. There is a whole security group to back you up; so it is not as scary as it sounds. Engage engineering leadership on security roadmap and oversee security posture of what they build. Co-own the security roadmap; discuss; prioritise; and co-develop plans for remediation for the product areas. Empower security champions to succeed and creating a strong feedback loop for improvements. Represent security in all product and architecture meet-ups. Be part of critical decisions about security. Oversee product security activities; from the early development of security requirements; architecture reviews; and threat modelling; to strengthening application security; mitigating supply-chain risks; securing secrets; pipelines; reviewing vulnerabilities; and infrastructure security. Perform security architecture reviews of third-party services. Identify acceptable risk levels and assist with action plan; policy; and procedural changes for risk mitigation. Adopt a risk-based approach and guide management in identifying business risks and potential impact to Tesco. Continuously seek both tactical and strategic solutions to enhance security. As the security expert for the product area; engage across the security group to strengthen controls across identification; protection; detection; response; and recovery. Oversee assurance activities like security testing; purple testing; assurance; auditing. Reduce security fatigue for engineering and provide faster feedback within existing developer workflows; not adding another tool for them to check. Empower the teams you work with; but also challenge the status-quo. As a senior member of the team; engage across the security group on new ideas and initiatives. Contribute to strengthen organisation standards and policies; develop cookbooks; secure patterns; take part in security research and tool evaluations. You are committed to continuous improvement; seizing opportunities; and inspire change for the team. Mentor others in the team and take part in enhancing their skills and career development. You will need Refer you will be responsible section About us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations - from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built. Apply

Product Manager: Cloud Security And Compliance Position Overview If you are passionate about building a large-scale platform for the most security conscious enterprise customers and thrive in a collaborative environment, we invite you to join our team and make a significant impact on our companys success. The Cloud Security Product Manager is responsible for ensuring that SingleStore is the industrys most secure platform for developers to build enterprise grade applications and is protected from corruption or data loss due to cyber-attacks. As a platform security product manager, you will be responsible for driving your roadmap by using customer insights, competitive research, and industry data to align with a Zero Trust strategy. This role focuses on identifying industry trends, gaps, new features, and enhancements that drive security standards and best practices into the platform. Role and Responsibilities Own product security of the SingleStore platform offering Prioritize features on your roadmap Contribute to the overall security vision and strategy Partner with internal cross-functional stakeholders including Engineering, User Experience, Sales, Marketing, Operations, Support and professional services in product planning and execution Partner with external stakeholders such as customers and ecosystem partners for new product introduction, evangelization as well as feedback & reviews Position Requirements At least 3 years of experience at a company that makes platform or SaaS enterprise software At least 8 years of work experience Great communications skills ability to communicate complicated concepts clearly Ability to manage your workload within a fast-paced, energetic, and dynamic workplace Ability to work on multiple projects and flexibility to change priorities when needed Experience in multiple security domains: Zero trust security principles Authentication and authorization Data Protection / Storage / Encryption Network security Application security Cloud security best practices Security hardening best practices General Product Management Skills Ability to understand define problems and high level solutions Define user workflows, feature scope, capabilities, requirements, KPIs, and goals Bachelors degree, cybersecurity certifications, or commensurate experience Good to have experience of working on SQL and/or Python About us: SingleStore is one platform for all data, built so you can engage with insight in every moment. Trusted by industry leaders, SingleStore enables enterprises to adapt to change as it happens, embrace diverse data with ease, and accelerate the pace of innovation. SingleStore is venture-backed and headquartered in San Francisco with offices in Portland, Seattle, Boston, Bangalore, London, Lisbon, and Kyiv. Defining the future starts with The Database of Now . Consistent with our commitment to diversity & inclusion, we value individuals with the ability to work on diverse teams and with a diverse range of people. To all recruitment agencies: SingleStore does not accept agency resumes. Please do not forward resumes to SingleStore employees. SingleStore is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company.

We re looking for a Senior Java Backend Developer to join our evolving eComm team to help us unleash the potential of every business. About the Team: We are part of Alternative Payment Method (APM) domain and process non-card payments (E- wallets, Bank Transfer, Direct Debits, BNPL, Open Banking) across globe. Our solutions help Merchants by providing them with the capability to handle online transactions and settlement of funds.You will get an opportunity to work on the Cloud native microservices for APM/PSP connector as part of Tech modernization project that uses cutting edge technology stack. You will get to be part of the group that takes pride in its engineering/people culture and uses market leading agile practices such as SAFe (Scaled Agile Framework). What you will own: Analyzes, designs, programs, debugs and modifies software enhancements and/or new products used in local, networked or Internet-related computer programs. (Code must be used in core version of applications available for sale commercially.) Interacts with product managers and/or users to define system requirements and/or necessary modifications. Participates in software design meetings and analyzes user needs to determine technical requirements. Write technical specifications based on conceptual design and stated business requirements. Writes code, completes programming and performs testing and debugging of applications using current programming languages and technologies. Completes documentation and procedures for installation and maintenance. Trains and communicates with internal Client Training, Client Relationship and Sales teams on systems application. May be responsible for developing or executing project plans, budgets and schedules and for documenting work and results. May deliver informational and decision-seeking presentations to technical and business groups to internal and/or external audiences. Other related duties assigned as needed. Where you ll own it You ll own it in our modern Pune hub. With hubs in the heart of city centers and tech capitals, things move fast in APAC. We pride ourselves on being an agile and dynamic collective, collaborating with different teams and offices across the globe. What you bring: Expertise in Core Java, Spring Boot, Spring MVC, Restful Web Services, Spring ORM, and Databases Proficient in Core Java 4+ & J2EE technologies.Should have good experience in OOPS concepts, Design patterns, Collection frameworks Docker & Kubernetes, Cloud technologies and Microservices understanding Good to have knowledge in DevOps and Cloud.Possesses knowledge of Linux environment.Experience with code management tools (git, svn, bitbucket, etc.) & deploy tools (Jenkins) Working knowledge on AWS Services and DevOps Platform Ability to architect, design and deliver software that can scale elastically on the cloud. Demonstrated implementation in application security using OAuth2, OIDC. Exposure working in Fintech industry Worldpay perks - what we ll bring for you We know it s bigger than just your career. It s your life, and your world. That s why we offer global benefits and programs to support you at every stage. Here s a taste of what you can expect. A competitive salary and benefits. Time to support charities and give back to your community. Parental leave policy. Global recognition platform. Virgin Pulse access. Global employee assistance program. What makes a Worldpayer At Worldpay, we take our Values seriously, and we live them every day. Think like a customer, Act like an owner, and Win as a team. Curious. Humble. Creative . We ask the right questions, listening and learning to get better every day. We simplify the complex and we re always looking to create a bigger impact for our colleagues and customers. Empowered. Accountable. Dynamic . We stay agile, using our initiative, taking calculated risks to progress. Never standing still, never settling, we work at pace to achieve our goals. We champion our ideas and stay flexible to make them happen. We know that every action adds up. Determined. Inclusive. Open. Unlocking potential means working as one global community. Our work spans borders, and we stay united by our purpose. We collaborate, always encouraging others to perform at their best, welcoming new perspectives. We can t wait to hear from you. To find out more about working with us, find us on LinkedIn .

Job_Description":" What you will do for Sectona as Test Engineer- PrimaryResponsibilities As a TestEngineer, you will write code & scripts to test our software forfunctionality and performance, to aid in our goal of making our product easy& secure for our users. You will do this in dynamic environment wherecontinuous integration is in place and code is actually released every week.You will partner with product engineering team to ensure quality at each stepof the SDLC. You will understand priorities and risks and help focus ourquality efforts on where they matter the most. You will define, measure and publish metrics to measure product quality and help the team improve them. Ensure quality of software product by helping to manage software development and build process Prioritize requirements, build test plans, test cases and perform test execution in an automated way to effectively deliver high quality product to our customers Manage projects from an early stage, to provide feedback from a quality perspective and stay involved throughout the lifecycle of the project Build test plans (for smoke / regression / functional / acceptance testing), writing test cases, automate those test cases, review execution results and report on quality of product/projects Maintain an existing test automation to ensure that the automations are running as fast as they can, that they give reliable feedback and ensure that they keep up with changes in the product Research and implement automation testing tools and recommend new tools as necessary Perform security activities including security assessments on internally & externally developed software. Build and maintain application security development policies, procedures & standards. Execute application security test scan based on internal security test framework. Team Info Weare a lean company with a diverse team of coders, testers and salesprofessionals by the day and musicians, sports-lovers, photographers, bloggersand dancers all the other times, we are looking forward to expand thisdiversity and create a unique experience for our customers through our distinctproblem-solving approach. You should apply if.... Care about contributing to an amazing workculture and environment Are comfortable with the fast-paced,mercurial nature of a tech startup Have impeccablecommunication - both verbal and written Requirements Skills and Experience you require Minimum 5-10 Years of experience as a Test Engineer or similar role. Excellent knowledge in testing skills, manual testing skills and knowledge (design test plan and test strategy, writing test cases, executing test cases, opening bugs, verifying bugs). Excellent verbal and written communication skills with the ability to discuss product flaws in a constructive and positive manner. Familiarity with various testing techniques Ability to document and Great troubleshooting skills. Good to have Knowledge of Selenium Webdriver, Java, and TestNG Annotations Bachelors degree B.Sc (CS), B.Sc (IT), BE (CS), BE (IT), MCA or relevant technology UG /PG Qualifications Test Methodologies, working with release procedures, QA process and software defect tracking; proven expert level skills on implementing test methodologies and tools. ","

Position Summary: We are seeking a highly skilled and experienced Product Security Strategy Senior Advisor, who will also act as a mentor to our team in HIH, to lead and mature our application and product security team. This role is pivotal in driving the overall maturity of our product security program, ensuring robust security measures are integrated into our development processes, and providing direct line management for team members in the HIH region. This individual will work on several of the largest technology initiatives for Evernorth, aimed at revolutionizing health services and the healthcare delivery system in the United States, utilizing the latest technologies and development techniques. Job Description & Responsibilities: Lead and manage the product security strategy team, focusing on the overall maturity and effectiveness of the application and product security program. Act as the direct line manager for security team members in the HIH region, providing guidance, support, and career development. Develop and implement long-term strategic security initiatives to continuously improve our security posture and innovate within the product security space. Oversee and guide the development and implementation of secure software and systems architectures. Collaborate with cross-functional teams to identify security requirements and develop comprehensive security strategies. Conduct security assessments, threat modeling, and vulnerability analysis to ensure robust security measures are in place. Oversee product security incident response activities, ensuring timely and effective resolution of security incidents and incorporating lessons learned into future strategies. Foster strong communication and relationship-building skills to negotiate and influence across various levels of the organization. Ensure compliance with industry standards and regulatory requirements. Mentor and develop team members, promoting a culture of continuous learning and improvement. Drive the integration of security practices into all stages of the product development lifecycle. Maximize the security efficiency (operational, performance, and cost) of the application assets. Advocate for and implement innovative security solutions to address emerging threats and vulnerabilities. Lead efforts to standardize security practices across the organization, promoting consistency and best practices. Collaborate with external partners and industry groups to stay abreast of the latest security trends, threats, and technologies. Experience Required: Bachelor or Master degree in Computer Science, Information Security, or a related field. 13 years of experience in cybersecurity, with a focus on application and product security. Proven expertise in automating security solutions within development pipelines (CI/CD). Extensive experience in threat modeling, architecture reviews, and vulnerability management. Strong understanding of various pipeline touchpoints and integration methods. Cloud experience (AWS, Azure, Google Cloud, OCI) is highly desirable. Familiarity with modern security technologies, practices, and standards. Strong knowledge of secure software development practices and principles. Industry certifications such as CISSP, CISM, CEH, or similar are preferred. Excellent leadership and team management skills. Strong communication, relationship-building, and negotiation skills. Ability to work effectively in an Agile environment. Experience Desired: Experience with security tools and platforms such as static analysis (SAST), dynamic analysis (DAST), and runtime application self-protection (RASP). Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS). Hands-on experience with security automation and orchestration. Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Shell scripting). Ability to manage and prioritize multiple projects in a fast-paced environment. Education and Training Required: Advanced degree (Master or higher) in Computer Science, Information Security, or a related field. Relevant industry certifications. Additional training in secure software development, application security, and risk management is highly desirable. Primary Skills: Advanced expertise in secure software development practices, application security, and security tool integration. Proficiency in Angular and Java for security-related software development and integration. Additional Skills: Extensive experience with AWS and other cloud platforms, with a focus on securing cloud-based applications and services. Hands-on experience with application security frameworks and tools, including security automation and orchestration.

We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles and Responsibilities: Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you re set up for success, you will bring the following skillset & experience: 5+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

In this role, your primary responsibilities include implementing, configuring, and supporting application security and identity access management technology solutions including generate reports and threat identification The candidate needs to have experience in application security and identity management area. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Responsible for developing and maintaining application security and identify access management technology solutions including Sailpoint/IIQ, Okta Single Sign On, Azure AD, AWS SSO, Cloudflare Web application firewall, penetration testing, developing and maintaining internally developed Python tools and utilities. Identify and develop integration opportunities between security solutions and automation but not exclusively. Work with virtual team/management to collect and prioritize system requirements, develop delivery plans and meet aggressive deadlines, develop code, perform unit as well as system integration testing, participate in architecture of new capabilities and debug, troubleshoot production support. Coordinate quality assurance and testing with users of the new functionalities/capabilities. Generate reports for capability implementation Review report data and identify threats to discuss with management for mitigation Ensure that project issues are communicated in a timely and effective manner Other duties as assigned. To ensure you re set up for success, you will bring the following skillset & experience: Experiences in Sailpoint IIQ, Python and Java development (automation, integration, etc) and application security are must-have. Familiar with security tools in software development lifecycle as well as Azure AD, AWS APIs/CLI, containers experiences are nice to have. Knowledge of Artificial Intelligence learning model Ability to work with little supervision as well as being a team player Excellent verbal, written, and interpersonal communication skills Experience working with remote teams 4 years + experience Should be willing to work in 12.30 PM to 9.30 PM shift

Application & product security, including threat modeling and secure SDLC Cloud security (AWS/GCP/Azure), container security (Docker, Kubernetes & API protection DevSecOps- automation in IaC & CI/CD pipelines Scripting (Python/Shell), Linux security Required Candidate profile Sr Security Egr - 7+ yrs exp. to lead & enhance security across the SDLC. expertise in application security, threat modeling, cloud security (AWS/GCP/Azure), DevSecOps practices & strong communication