1262 Application Security Jobs - Page 46

Implement security-as-code principles and automate security controls in CI/CD pipelines. Conduct secure code reviews and assist developers in adopting secure coding practices. Deploy and manage security tools such as SAST, DAST, SCA, IAST, and container security solutions.

We are looking for a skilled Cyber Testing Senior Associate 1 to join our team in Bengaluru. The ideal candidate will have between 5 and 10 years of experience in cyber testing, with expertise in manual and automated testing. Roles and Responsibility Perform security assessments, including static and dynamic application security testing. Conduct manual penetration testing on web applications, network devices, and other systems. Collaborate with clients in a fast-paced environment across various technology stacks and services. Develop, enhance, and interpret security standards and guidance. Demonstrate and promote security best practices, including secure development and cloud security. Assist with the development of remediation recommendations for identified findings. Identify and clearly articulate (written and verbal) findings to senior management and clients. Help identify improvement opportunities for assigned clients. Stay up-to-date with the latest security trends, technologies, and best practices. Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes. Supervise and provide engagement management for other staff working on assigned engagements. Job Requirements Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent work experience. Expertise in web security, with extensive knowledge of vulnerabilities and the ability to identify and exploit them effectively. Minimum 5 years of experience in code review, application security testing, or web application development. Excellent written and verbal communication skills. Strong scripting skills, such as Python, Ruby, or Perl. Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices. Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices. Technical background in application development, networking/system administration, security testing, or related fields. Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques. Preferred but not required: one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist. Additional Info The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned with client requirements and deliverables.

Job Purpose: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps to accomplish organization objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal controls, and governance processes. Auditor / Lead auditor is responsible for conducting and reporting on IT systems & IT process related & cyber security related audits. Job Summary: We seek a passionate, dynamic, and experienced Audit Manager to manage the end-to-end IT Audits of TVSM & its subsidiaries The ideal candidate will possess strong IT audit & Governance skills, IT Technical skills, and the ability to effectively communicate and collaborate with various stakeholders and open to travel based on business needs. He / She will play a critical role in ensuring the quality, effectiveness and efficiency of our IT systems & processes through comprehensive audit. Key Responsibilities: Functional Responsibilities: Planning, Executing and Managingthe IT audits assigned as per the approved annual audit plan (Few examples of IT Audits - IT Governance, ITGC, IT Application Controls, IT infrastructure/database, IT Asset management/device management, Information Security, Cyber Security, IT Projects, BCP/DR, Data Privacy, Enterprise Architecture, System migration process and controls, etc) Carry out systems & process walkthroughs and drawing up the Risk & Control matrix Ensure compliance with established internal control procedures by examining records, reports, operating practices, and documentation Identify control gaps and opportunities for improvement Communicates & discuss audit findings with stakeholders, timely preparation & presentation of Audit reports, including recommendations. Document the results of audit work in accordance with SOP End to end management of co-sourced IT audit partners & audits where ever deployed Collaborating with relevant stakeholders to develop and implement risk management strategies, action plan to audit observations Travelling to different sites / offices for audit purposes based on requirement Regular interaction/liaising with other functions/process owners; keeping abreast with all the developments happening in the Company; keeping abreast with all the regulatory and technological changes/developments happening in the industry and in the internal audit space Data Analytics Working with the internal audit team & IT Team to co-ordinate development of data analytics for IA, development of continuous control monitoring scenarios. Job Requirements: Qualifications: Bachelor’s degree in IT/Computer Science; In addition, CISA would be preferred Min 5-6 years of IT Audit experience including IT Security audits; IT Audit experience in the automobile / manufacturing sector would be preferred; Prior experience of risk-based IT audits is mandatory Must possess relevant certifications related to Information Technology Systems Audit Functional Competencies: Knowledge & experience of IT environment and the key risks embedded in different IT processes and technology. Good command over both IT process audits and technical audits. Experience of conducting complex IT Security audits – Information Security Audits, Cyber Security Audits, Network security, etc Knowledge of risks embedded in emerging technologies such as Cloud Computing, AI, IOT, RPA, Data privacy tools, etc and auditing the same High attention to detail and excellent analytical skills. Behavioral Competencies: Team player & good Interpersonal skills Passion & dedication to work Detail oriented and fast learner Excellent analytical, problem-solving and critical-thinking skills Excellent verbal and written communication skills Strong ethical standards and a commitment to maintaining confidentiality

Job Description Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We dont just follow trends, we set them and drive change. As a market leader in enterprise analytics and mobility software, weve pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But thats not all. Strategy is also leading a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategys stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, youll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values bold, agile, engaged, impactful, and united are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employees contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, youre not just another employee; youre a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Join Strategy s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments & Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling & Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response & Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness & Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Qualifications Bachelor s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP). Fluent in one or more programming languages, such as Python, Java, JavaScript Strong knowledge of secure coding principles and application security frameworks Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners) Understanding of security standards and regulations (e.g., OWASP, NIST) Hands-on experience with Generative AI and/or ML in creating innovative applications that enhance productivity and efficiency, coupled with a strong eagerness to learn Experience with cloud security best practices in AWS, Azure, or GCP. Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills Job Location Application Security Engineer Pune, India Full-time in person from Strategy Office a minimum of 4 days per week Additional Information The recruitment process includes online assessments as a first step (English, logic, design, technical) - we send them via e-mail, please check also your SPAM folder

"> Home / Home / Careers / Careers / Dev Lead- FullStack-... Dev Lead- FullStack-Python + (Angular + GCP) Introduction We are looking for 7+years experienced Lead Fullstack (Python & Angular) Developer who will take ownership of building and maintaining complex backend systems, APIs, and applications using Python. BFSI-Payment System integration experience is desired. Responsibilities include: Design, develop, and maintain backend applications, APIs, and services using Python. Write clean, maintainable, and scalable code following industry standards and best practices. Optimize application performance and ensure high availability and scalability. Review code and mentor junior developers to ensure code quality and foster knowledge sharing. Implement unit and integration tests to ensure application robustness. Set up and manage CI/CD pipelines using tools like Jenkins, GitLab CI, or CircleCI. Collaborate with DevOps to deploy applications on cloud platforms, preferably Google Cloud Platform (GCP). Design and build cloud-native applications using APIs, containers, and Kubernetes. Leverage GCP services to develop scalable and efficient solutions. Ensure application security, manage access controls, and comply with data privacy regulations. Work closely with frontend developers, DevOps engineers, and product managers for seamless project delivery. Design, manage, and optimize relational and NoSQL databases (PostgreSQL, MySQL, MongoDB). Monitor application performance using tools like Prometheus, Grafana, or Datadog. Build dynamic, responsive UIs using Angular and JavaScript. Develop and maintain reusable Angular components in collaboration with UX/UI teams. Primary Skills : Bachelor s or Master s degree in Computer Science, Information Technology, or a related field. 7+ years of experience as a Python developer, with a focus on backend development. Experience in Angular Js. Proven experience in designing and deploying scalable applications and microservices. Python (Flask/Django/FastAPI) Familiarity with front-end technologies (React, Angular). API Development (RESTful Services) Cloud Platforms - Google Cloud Platform (GCP) Familiarity with database management systems- PostgreSQL, MySQL, MongoDB and ORMs (e.g., SQLAlchemy, Django ORM). Knowledge of CI/CD pipelines - Jenkins, GitLab CI, CircleCI Frontend Development - JavaScript, Angular Code Versioning - Git Testing - Unit & Integration Testing Strong understanding of security principles, authentication (OAuth2, JWT), and data protection. Secondary Skills : Monitoring Tools - Prometheus, Grafana, Datadog Security and Compliance Standards - GDPR, HIPAA DevOps Collaboration UX/UI Collaboration for . This is to notify jobseekers that some fraudsters are promising jobs with Reflections Info Systems for a fee. Please note that no payment is ever sought for jobs in Reflections. We contact our candidates only through our official website or LinkedIn and all employment related mails are sent through the official HR email id. for any clarification/ alerts on this subject. Apply Now

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment ..Interested candidate can share resume to ankita.patari@happiestminds.com Work Location: Belapur, Navi Mumbai Experience: 11-15 Years General Shift who can join with 30 days notice period Skills: Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10,OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Job Description: Project Management - Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Thanks And Regards, Ankita Ghosh ankita.patari@happiestminds.com

We are looking for a skilled Application Penetration Tester with expertise in both manual and automated testing to join our Security and Privacy Risk Consulting group. The ideal candidate will have 5-10 years of experience, a strong understanding of various testing methodologies and tools, as well as a passion for uncovering vulnerabilities and identifying potential security risks. Roles and Responsibility Perform security assessments, including static and dynamic application security testing. Conduct manual penetration testing on web applications, network devices, and other systems. Collaborate with clients in a fast-paced environment across many technology stacks and services. Develop, enhance, and interpret security standards and guidance. Demonstrate and promote security best practices, including secure development and cloud security. Assist with the development of remediation recommendations for identified findings. Identify and clearly articulate (written and verbal) findings to senior management and clients. Help identify improvement opportunities for assigned clients. Stay up-to-date with the latest security trends, technologies, and best practices. Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes. Supervise and provide engagement management for other staff working on assigned engagements. Job Requirements B.Tech in Computer Science, Engineering, or related field, or equivalent work experience. Expertise in web security, with extensive knowledge of vulnerabilities and the ability to identify and exploit them effectively. Minimum 5 years of experience in code review, application security testing, or web application development. Excellent written and verbal communication skills. Strong scripting skills (e.g., Python, Ruby, Perl). Experience with cloud platforms such as AWS and knowledge of cloud security best practices. Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to company policies and best practices. Technical background in application development, networking/system administration, security testing, or related fields. Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques. Preferred but not required: one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist.

Audit Management: Coordinate and support internal and external audits, including evidence collection, control testing, and remediation tracking. Serve as the secondary point of contact for auditors and third-party assessors. Maintain audit logs, findings, and corrective action plans. Compliance Oversight: Monitor and ensure compliance with industry regulations and internal security policies. Map controls and processes to multiple compliance frameworks (e.g., NIST, ISO, SOC 2, HIPAA). Track evolving compliance obligations and help update policies accordingly. Access Management: Support access management processes Coordinate and drive periodic user access reviews. Business Continuity & Disaster Recovery (BCDR) Collaborate with IT, operations, and business units to develop and maintain BCDR plans. Coordinate and conduct periodic BCDR tests, document results, and track corrective actions. Evaluate critical business processes to identify single points of failure and propose continuity strategies. Ensure BCDR plans align with compliance requirements and organizational risk appetite. Maintain an inventory of critical assets and dependencies required for continuity and recovery. Policy Development & Enforcement: Assist in developing, updating, and enforcing information security policies, procedures, and standards. Ensure policies align with compliance frameworks and are effectively communicated across the organization. Documentation & Reporting: Maintain detailed and organized documentation of security controls, evidence, and compliance artifacts. Create reports and dashboards for leadership on compliance status and audit readiness. Other assignments as required to support the security, compliance, and resilience goals of the organization. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Bachelor’s degree in Cybersecurity, Information Systems, Risk Management, or related field. 3+ years of experience in information security, with a focus on compliance and audits. Hands-on experience supporting one or more compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, NIST). Strong understanding of security controls and risk management practices. Strong understanding of network, system, and application security principles. Strong knowledge of risk management principles and audit processes. Excellent analytical, problem-solving, and communication skills. Preferred technical and professional experience Strong attention to detail and organizational skills. Excellent written and verbal communication. Ability to manage multiple audits and compliance initiatives simultaneously. Comfortable working with technical and non-technical teams.

Software developers at IBM are the backbone of our overall strategy, and software development is the essential activity that drives the success of IBM and our clients worldwide. At IBM, you will use the latest software development tools, techniques and technologies and work with leading minds in the industry to build products, path-breaking technologies, and solutions that you can be proud of. Do you have the skills and passion for building the futureIf yes, join a niche team at IBM Software Labs focused on building an AI-driven Digital Labor platform, Watson Orchestrate, an AI platform that offers digeys (aka digital employees) with custom skills that can automate today’s businesses. Look for more details at https://www.ibm.com/products/watson-orchestrate We seek Frontend developers with hands-on experience developing and supporting software products and services on cloud platforms. The ideal candidate would have rich experience building SaaS products/services, and incrementally deploying them on cloud environments with a deep understanding of platform development, system design, associated tools, technologies, and best practices. Experience in Test-driven development, quality through automation, application security etc., would be a plus. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 6+ years of hands on programming experience Robust system design and programming skills in FrontEndapplication development withNodeJS,ReactJS with Typescript Experience with Containers, Docker, Kubernetes, Linux Experience building distributed and scalable SaaS offerings based on REST APIs, microservices, and containers. Experience in system design and supporting cloud services Ability to learn and be productive on new technologies independently & quickly Good communication skills Preferred technical and professional experience Experience with LLM Model Integration and knowledge in AI Space will be a plus

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Primary Skills Design, develop, and deploy cloud-based applications using .NET Core / .NET Framework on Microsoft Azure. Build and maintain scalable APIs and microservices hosted on Azure App Services, Azure Functions, or Azure Kubernetes Service (AKS). Integrate Azure services such as Azure SQL, Blob Storage, Key Vault, and Service Bus into application architecture. Implement CI/CD pipelines using Azure DevOps for automated builds, testing, and deployments. Ensure application security using Azure Active Directory, OAuth, and role-based access control (RBAC). Optimize application performance and scalability using Azure Monitor, Application Insights, and caching strategies. Collaborate with architects and DevOps teams to design cloud-native solutions and infrastructure. Write clean, maintainable, and testable code following SOLID principles and industry best practices. Participate in code reviews and provide technical guidance to peers and junior developers. Troubleshoot and resolve issues in development, staging, and production environments. Secondary Skills Assist in migrating on-premise applications to Azure cloud infrastructure. Support infrastructure automation using ARM templates, Bicep, or Terraform. Stay current with Azure updates, .NET advancements, and emerging cloud technologies. Participate in Agile ceremonies such as sprint planning, daily stand-ups, and retrospectives. Collaborate with QA teams to ensure comprehensive testing and quality assurance. Contribute to internal knowledge sharing, documentation, and technical workshops. Help optimize cloud costs by analyzing resource usage and recommending improvements. Provide support during UAT, production releases, and post-deployment monitoring. Work with cross-functional teams to align cloud solutions with business goals. Assist in developing internal tools and reusable components to accelerate development.

Working Monday to Friday. We are looking for a skilled Cybersecurity Manager to oversee and enhance the security posture of our Hyderabad office, internal websites, and in-house applications across iOS, Android, and desktop platforms. This role will be responsible for managing and implementing robust cybersecurity practices, conducting security assessments, and ensuring the highest level of data protection for our digital assets. Requirements: Bachelor's Degree preferred. 5+ years of experience in cybersecurity, with a focus on application and infrastructure security. Expertise in mobile and desktop application security, as well as website protection practices. Hands-on experience with security tools for threat detection, vulnerability management, and incident response. Excellent problem-solving skills and the ability to work in high-pressure environments. Good knowledge of Network Engineer Experience with firewalls, VPN technologies, monitoring systems, and Wi-Fi. QoS experience. AWS Certified Advanced Networking certification a plus, but not required. Experience with dynamic routing protocols such as BGP and best practices for availability and performance. AWS experience in setting up VPC, Transit Gateways, etc. Experience with Networks Firewalls. Cisco Certification (CCNA or CCNP) a plus, but not required. Understanding of VoIP support systems on a network Scripting, such as PHP a strong asset. Limited travel may be required, including internationally. Ability to provide support during off-hours and during incident situations

Greetings from BCforward INDIA TECHNOLOGIES PRIVATE LIMITED. Contract To Hire(C2H) Role Location: PAN-INDIA Payroll: BCforward Work Mode: Hybrid JD Required Skills Overall, 2 to 3 years of relevant experience in Application security Good understanding of information security and risk frameworks Application Security Controls Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory risk and Risk Management Cloud (RMC) Demonstrate knowledge in one or more of the following cyber risk domains, including: Security Governance and Management Security Policies and Procedures Security Architectures Identity Management Incident Response Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing Excellent verbal and written communication skills Excellent inter-personal skills Preferred Skills Oracle Cloud Security Experience with internal controls, risk assessments, business process, and internal IT control testing or operational auditing Good understanding of legal and regulatory requirements around information security and data privacy, such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc. Prior consulting experience Please share your Updated Resume, PAN card soft copy, Passport size Photo & UAN History. Interested applicants can share updated resume to g.sreekanth@bcforward.com Note: Looking for Immediate to 30-Days joiners at most. All the best

Position Description: Vocera, now a part of Stryker is seeking an experienced technical RD manager with a strong background in software engineering and cloud domain, coupled with excellent people management skills. In this role, you will mentor and lead a team, driving innovation and delivering high-quality enterprise-class products. You will oversee software development, support and testing, ensuring the scalability, longevity, and reliability of product releases. What will you do: Technical Management Responsibilities: Experience managing the development, testing, and deployment of a mission-critical Java-based backend platform serving customers. Provide technical leadership and guidance to the team in one or more of the following areas. (Java, Kotlin, Databases, Security, Observability, Infrastructure, Containerization, CI/CD, Cloud) Collaborate with teams in North America, Technical Support, Escalations, and DevOps to anticipate and mitigate project issues as well as troubleshoot issues encountered by customers. Deliver high-quality releases on legacy platform, including bug-fixes, security patches, and features as needed. Determine project staff assignments and schedule work to meet completion dates and RD deliverables. Build and mentor a high-performing team, fostering an environment of trust, psychological safety, and continuous learning. Lead with empathy and inclusion, fostering a culture where team members feel supported, challenged, and valued. Balance technical innovation with practical execution, ensuring high-quality releases at speed. Provide regular coaching and career development opportunities to help engineers grow their skills and advance in their careers. Experience executing a talent and performance management strategy. Promote a culture of collaboration, open communication, and shared ownership. What you will need: Technical Skills: Proficient in building robust back-end applications using Java , Spring Boot / Spring Framework . Knowledge of Kotlin is a strong plus. Hands-on expertise with Kafka Confluent for event streaming and message brokering. Experience with containerization and orchestration of Java applications with tools such as Docker and Kubernetes . Knowledge of microservice architecture , including designing, developing, and deploying scalable services. Knowledge of enterprise-grade observability tools (Datadog, Splunk, Prometheus, or other)is a strong plus. Strong experience with CI/CD pipelines using tools such as Jenkins , Gitlab CI/CD , or similar technologies. Familiarity with cloud platforms such as AWS , GCP , or Azure , and their associated services. A basic understanding of application security, identity management, and vulnerability management strategies is a strong plus. Strong problem-solving skills, with the ability to analyze complex technical issues and develop creative solutions. Good communication skills and the ability to work in Agile development environments. EDUCATION REQUIREMENTS Bachelor s degree in computer science or related field required. Masters in a related field preferred. 12+ years applicable experience, with 4+ years direct people management experience. Strong hands-on development background in Java, Kotlin, or a similar programming language preferred. Travel Percentage: 10%

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We dont just follow trends, we set them and drive change. As a market leader in enterprise analytics and mobility software, weve pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But thats not all. Strategy is also leading a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategys stock has outperformed every company in SP 500. Our people are the core of our success. At Strategy, youll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values bold, agile, engaged, impactful, and united are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employees contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, youre not just another employee; youre a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Join Strategy s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Qualifications Bachelor s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP). Fluent in one or more programming languages, such as Python, Java, JavaScript Strong knowledge of secure coding principles and application security frameworks Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners) Understanding of security standards and regulations (e.g., OWASP, NIST) Hands-on experience with Generative AI and/or ML in creating innovative applications that enhance productivity and efficiency, coupled with a strong eagerness to learn Experience with cloud security best practices in AWS, Azure, or GCP. Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills Job Location Application Security Engineer Pune, India Full-time in person from Strategy Office a minimum of 4 days per week Additional Information The recruitment process includes online assessments as a first step (English, logic, design, technical) - we send them via e-mail, please check also your SPAM folder

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : Ethical Hacking Penetration Testing Software development Cyber forensics or threat hunting Application security Secure coding Burp suite Interested candidates for above position kindly share your CVs on chitralekha.so@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : Ethical Hacking Penetration Testing Software development Cyber forensics or threat hunting Application security Secure coding Burp suite Interested candidates for above position kindly share your CVs on vaishnavi.pi@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Contribute your talents to high-end, esteemed brands like JBL, Mark Levinson, and Revel Unite your passion for audio innovation with high-tech product development Create pitch-perfect, cutting-edge technology that elevates the listening experience About the Role This position is responsible for SAP Hybris development mainly in payment gateways and e-commerce. What You Will Do Design, develop, and maintain microservices-based eCommerce applications using Java and Hybris. Lead technical design discussions and create low-level technical designs. Write clean, efficient, and maintainable code adhering to API standardization. Participate in code reviews and contribute to the development of coding standards. Mentor junior engineers and foster a strong engineering culture within the team. Design and develop APIs to support digital experiences using open source and cloud technology. Collaborate with Product Owners, Business Analysts, and Solution Architects. Conduct design reviews to ensure solutions adhere to our architecture, security, scalability, and maintainability guidelines. Provide squad-level engineering leadership and contribute to our engineering community and standards. Ensure solutions are fit for purpose, performant, secure, accessible, and conform to our architectural principles. Implement a test-first approach and clean architecture principles What You Need to Be Successful 5+ years of experience in software engineering, focusing on large-scale, complex systems. 3+ years of experience in the SAP Hybris Commerce platform. Strong experience with Java 11, 17, and Spring Boot. Strong experience with unit testing and integration testing. Experience in developing microservices-based applications. Experience with API standardization. Experience building RESTful web services and GraphQL. Development experience using TDD in Java. Experience designing microservices architecture. Good understanding of CI/CD pipelines using tools like Jenkins. Good understanding of Agile software development methodologies. Experience with AWS, Azure. Experience with frontend development, including React, JavaScript, Flutter. Knowledge of web security, application security, web services security, common vulnerability remediation, and certificate management. DevOps experience. Good knowledge of different testing suites Bonus Points if You Have bachelors degree required. What Makes You Eligible Work Mode: Hybrid Work location: Bangalore. What We Offer Flexible work environment, allowing for full-time remote work globally for positions that can be performed outside a HARMAN or customer location Access to employee discounts on world-class Harman and Samsung products (JBL, HARMAN Kardon, AKG, etc) Extensive training opportunities through our own HARMAN University Competitive we'llness benefits Tuition reimbursement Be Brilliant employee recognition and rewards program An inclusive and diverse work environment that fosters and encourages professional and personal development

We are seeking a Security Specialist to join our team. The role involves identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of our vulnerability management practice. you'll work with a diverse and skilled team to ensure the security of our information assets. What you will do: Align with units and stakeholders on PT test requirements and schedules. Conduct manual penetration testing with hands-on experience. Create scripts for payloads and simulate security breaches. Perform web, API, mobile, and infrastructure pen testing. Set up test labs for zero-day attacks and plan penetration methods. Execute periodic testing based on threat intelligence and data review. Report findings and suggest risk mitigation strategies. Present conclusions to stakeholders. Manage PT tools, licenses, and infrastructure. Drive automation and innovation for improved efficiency and quality. Document designs and configurations. Resolve reported vulnerabilities and propose solutions for gaps. Analyze critical exploits and mentor security engineers. Provide after-hours support for IT security incidents. The skills you bring: bachelors Degree in Computer Science or related field. 8-10 years of experience. Strong knowledge of security controls (eg, access control, encryption, and application security). Proficiency with PT tools like Kali Linux, Metasploit, and Burp Suite. Deep understanding of security issues in enterprise, network, API, and mobile systems. Familiarity with enterprise computing, distributed applications, and TCP/IP network security. Experience in writing technical reports and summaries. Ability to provide after-hours support and work under pressure. Effective in both team and independent work settings. Participate in on-call rotation for critical incidents. Strong collaboration and knowledge-sharing skills. Results-driven with excellent communication skills; fluency in English is essential. Preferred certifications: OSCP, OSWP, OSEP, OWSA, OWSE.

Summary The role is part of Security Operations in Vulnerability Services team. The person will focus on reducing risk exposure from security vulnerabilities with major focus on solution design, architecture, and VulnSvcs products management. About the Role Job Title : Assoc. Dir. DDIT ISC VulnSvcs Location : Hyderabad The role is part of Security Operations in Vulnerability Services team. The person will focus on reducing risk exposure from security vulnerabilities with major focus on solution design, architecture, and VulnSvcs products management. Your Responsibilities Include but are not limited to: Act as a lead for security design review and threat modeling solution: o Own the design, implementation, roadmap, and operational oversight for Threat modeling solution such as IriusRisk. o Accountable for managing quality of threat modeling and architecture review performed by assessors on Novartis applications. o Continuous improvement and adoption of security by design o Lead product vendor/CSM connects to address Novartis requirements/issues. o Engineer components, templates, configurations in TM tool to enable centralized and automation of solution security design review in different SDLC methodologies. Act as a lead for managing security products owned by VulnSvcs team: o Ownership of translating VulnSvcs business requirements technically and working with cross functional teams to manage implementation. o Proactively monitor and govern engineering and support operations of the VulnSvcs solutions such as ServiceNow (SecOps), API security, Code security, IriusRisk, etc with required external/internal teams. o Drive identification of root causes to prevention recurrence of issues. Influence and drive VulnSvcs products roadmap and maturity through active engagement Collaborate with various stakeholders from security operations, architecture, cyber, and application teams to achieve goals and remediation advisory on secure design controls. Develop and maintain documentation of related process and best practices. Provide security awareness and training to teams on security practices and VulnSvcs solutions. Implement security policies, procedures, and standards to ensure the confidentiality, integrity, and availability of solutions from technical vulnerabilities. Role Requirements 8+ years of overall working experience in information security preferably in Application Security, Secure SDLC and Security Architecture domain. At least 4+ years performing threat modeling, secure architecture review of applications. Expertise with automated or centralized threat modeling solutions such as IriusRisk Strong knowledge of OWASP, SAMM, security frameworks, application architecture principles, security risk management, API security, centralizing threat/vulnerability management, and relevant domain areas. Knowledge of secure system development, product management, and governance models for Agile/DevSecOps methods. Strong knowledge of cloud services and technologies such as AWS, Azure, SaaS applications, web services, mobile applications, SAP landscape, etc

Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 10-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Skills Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Education - BE/B Tech, BCA,BSC IT/Since, M Tech/ME/MS/MSC/MCA

Candescent is the largest non-core digital banking provider. We bring together the transformative technologies that power and connect account opening, digital banking and branch solutions for banks and credit unions of all sizes on any core. Our Candescent solutions power the top three U.S. mobile banking apps and are trusted by banks and credit unions of all sizes. We offer an extensive portfolio of industry-leading products and services with an extensible ecosystem of out-of-the-box and integrated partner solutions. In addition, our API-first architecture and developer tools enable financial institutions to optimize and expand upon their existing capabilities by seamlessly integrating custom-built or third-party solutions. And our connected in-person, remote and digital experiences reinvent customer service across all channels. Self-service configuration and marketing tools give financial institutions greater control of their branding, targeted messaging and overall user experience. And data-driven analytics and reporting tools provide valuable insights to help drive continued growth and profitability. From conversions and implementations to custom development and customer care, our clients get expert, end-to-end support at every step. Essential Duties and Responsibilities- Build Sematic Models: Buliding Analysis Services reporting models. Build Reporting Applications: Develop visual reports, KPI scorecards, and dashboards using Power BI desktop. Connecting data sources, importing data, and transforming data for Business intelligence. Demonstrate Analytical Reasoning : Translating data into informative reports and visuals Implement Object/ Data Level Security : Implement row-level security on data along with an understanding of application security layer models in Power BI. Define and implement custom measures : Use advanced-level calculations and DAX queries on the data set to create custom KPIs and measures. Project Documentations : Responsible for design methodology and project documentaries. Requirements - Must have 6+ years of experience in building reports/dashboards using BI tools and technologies Ability to understand reporting needs from various functions (Marketing, Sales, Finance, Supply Chain, etc.) Ability to understand and build reporting solution for C-level and Middle management level personas. Ability to design and build Semantic layer which can be used for Self serve reporting capabilities. Review data model and propose periodic changes for the data model to support the reports coming out of Power BI. Review the scalability standpoint by doing extensive data analysis. Ability to performance tune the long running reports Ability to work in team environment and client interfacing skills. Offers of employment are conditional upon passage of screening criteria applicable to the job. EEO Statement Integrated into our shared values is Candescent s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. Candescent is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at Candescent has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: Candescent only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, Candescent employees, or any Candescent facility. Candescent is not responsible for any fees or charges associated with unsolicited resumes.

The Senior Full Stack Developer in Security will be responsible for securing Navan products by identifying unaddressed areas of weakness and driving cleverly engineered, scalable solutions that improve our defense-in-depth. You will be responsible for design and development of core services related to authentication, authorization, encryption within the product to enable a vast majority of use cases securely. Skills you will leverage in this role include the ability to break down prior technical implementations of product use cases, and the ability to deliver incremental security value through small meaningful code refactors. Reporting to the Senior Director of Trust and Security, you will contribute significantly to building and scaling the security of Navan products. This position requires both advanced technical skills, strong communication skills, and the ability to influence people. You will be responsible for ensuring the continuous security of Navan customer-facing products and internal tools. You will focus on driving and advising risk remediation based on research, and developing strong partnerships with engineering and product teams to accelerate the release of the software with security by design. What You ll Do: Research, design and implement security-oriented frameworks and features with the common goal of protecting Navan customers. Upgrade the security of the current Navan platform to cutting edge security solutions like Passkeys while balancing the needs of multiple customer personas and use cases. Liaison between the engineering and security org to execute on the security roadmap. Lead security software development while building technical leverage and influencing the direction of architecture, design, and roadmap. Routinely participate in cross-vertical code reviews with an emphasis on Security. Break down complex problems into sub-tasks & iteratively contribute to the goal of the security initiatives using agile practices. Coach and mentor junior engineers in the team. What We re Looking For: 5+ years of experience as a software engineer with technical-leadership responsibilities Prior experience architecting, building, launching and maintaining complex systems Experience working in an Agile environment using technologies such as: Java Spring Framework (3+ years), Hibernate or similar ORM technologies, JavaScript/Typescipt, and React Containers (Docker, Kubernetes, or similar) Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar) Continuous integration (Github Actions or similar) Integration of Security testing tools into CI pipelines Defect tracking (Jira, ServiceNow, or similar) Source code management (GitLab, GitHub, or similar) Cloud environment (AWS, or similar) Knowledge of modern authentication mechanisms like SAML, JWT, OIDC connect, Passkey is plus Knowledge of authorization frameworks for complex multi-tenant SaaS applications is plus Knowledge of cryptographic primitives is plus Knowledge of application security issues and tools is plus Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, and FedRAMP is plus Experience working in small teams and delivering outsized impact is plus

Join our Team Grow with us About this opportunity: We are seeking a Security Specialist to join our team. The role involves identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of our vulnerability management practice. Youll work with a diverse and skilled team to ensure the security of our information assets. What you will do: Align with units and stakeholders on PT test requirements and schedules. Conduct manual penetration testing with hands-on experience. Create scripts for payloads and simulate security breaches. Perform web, API, mobile, and infrastructure pen testing. Set up test labs for zero-day attacks and plan penetration methods. Execute periodic testing based on threat intelligence and data review. Report findings and suggest risk mitigation strategies. Present conclusions to stakeholders. Manage PT tools, licenses, and infrastructure. Drive automation and innovation for improved efficiency and quality. Document designs and configurations. Resolve reported vulnerabilities and propose solutions for gaps. Analyze critical exploits and mentor security engineers. Provide after-hours support for IT security incidents. The skills you bring: Bachelor s Degree in Computer Science or related field. 8-10 years of experience. Strong knowledge of security controls (e.g., access control, encryption, and application security). Proficiency with PT tools like Kali Linux, Metasploit, and Burp Suite. Deep understanding of security issues in enterprise, network, API, and mobile systems. Familiarity with enterprise computing, distributed applications, and TCP/IP network security. Experience in writing technical reports and summaries. Ability to provide after-hours support and work under pressure. Effective in both team and independent work settings. Participate in on-call rotation for critical incidents. Strong collaboration and knowledge-sharing skills. Results-driven with excellent communication skills; fluency in English is essential. Preferred certifications: OSCP, OSWP, OSEP, OWSA, OWSE. Why join Ericsson? What happens once you apply? Primary country and city: India (IN) || Gurgaon, Noida, Bangalore, Kolkata, Pune Req ID: 767059

Role Purpose The role incumbent is focused on implementation of roadmaps for business process analysis, data analysis, diagnosis of gaps, business requirements & functional definitions, best practices application, meeting facilitation, and contributes to project planning. Consultants are expected to contribute to solution building for the client & practice. The role holder can handle higher scale and complexity compared to a Consultant profile and is more proactive in client interactions. Do Assumes responsibilities as the main client contact leading engagement w/ 10-20% support from Consulting & Client Partners. Develops, assesses, and validates a client’s business strategy, including industry and competitive positioning and strategic direction Develops solutions and services to suit client’s business strategy Estimates scope and liability for delivery of the end product/solution Seeks opportunities to develop revenue in existing and new areas Leads an engagement and oversees others’ contributions at a customer end, such that customer expectations are met or exceeded. Drives Proposal creation and presales activities for the engagement; new accounts Contributes towards the development of practice policies, procedures, frameworks etc. Guides less experienced team members in delivering solutions. Leads efforts towards building go-to-market/ off the shelf / point solutions and process smethodologies for reuse Creates reusable IP from managed projects Mandatory Skills: Agile DevSecOps Consulting. Experience5-8 Years.