116 Appscan Jobs

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary : We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 1-10 Years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Vulnerability Assessments Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. We are looking for a Lead DotNet Developer (C# & ASP.NET) within our AppScan Product team. We are looking for candidates with 10+ years of experience who possess the following skills: Requirements:  10+ years of software development experience  B.E/B.Sc. in Computer Science  Strong expertise in C#, ASP.NET, Web APIs, LINQ, SQL Server.  Hands-on experience developing complex systems and infrastructure  Excellent design and programming skills  Ability to research and learn quickly new technologies  Experience in complex problem solving and troubleshooting  Very good English communication skills  Highly motivated and independent  A good team player. Responsibilities: Develop and maintain .NET applications, focusing on high performance and scalability. Design, develop, and enhance Web applications, ensuring an intuitive and responsive UI/UX. Work with C#, .NET Framework to build enterprise-grade solutions. Optimize application performance and ensure high-quality code through best practices and unit testing. Collaborate with UI/UX designers, product managers, and backend developers for seamless integration. Analyze and resolve technical issues, debugging and improving application efficiency. Participate in code reviews, architectural discussions, and sprint planning. Advantages:  Experience with .NET Framework  Experience with web technologies: HTTP, HTML, JavaScript, Web APIs  Knowledge of agile development practices and principles  Background in web application security.

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. Job Summary: We are looking for a Lead QA Engineer in our AppScan Product team (Remote Location) with 8+ years of experience who possess the following skills: We are looking for a highly collaborative and proactive Lead QA Engineer with a strong background in Application Security Testing (SAST) and automation frameworks to join our growing India-based team. This role will be focused on HCL AppScan SAST and related technologies, supporting our product and development teams in delivering secure, high-quality releases. Required Technical Skills: Should have good experience in QA. Languages & Scripting: Proficiency in Java/C++/C# and scripting (Windows batch, Linux bash). Mac scripting is a plus. Automation Tools: Selenium, Cypress, TestNG, JUnit. Security Testing: Strong understanding of SAST (especially HCL AppScan), and related tools. APIs & Protocols: Experience testing REST APIs. CI/CD Tools: Jenkins, Git, and experience with automated build/test pipelines. Containers & Orchestration: Experience in Docker, Kubernetes, Helm, Lens. Platforms: Proficient in testing on Windows and Linux; MacOS exposure is preferred. Work Environment: · Flexible remote work model based in India. · Must be available to work a couple of hours overlapping with US EST time zone (typically 5:30 PM – 8:30 PM IST) to coordinate effectively with US teams. · Collaborative team culture with cross-functional teams across the US and India. Key Responsibilities · Lead and manage QA efforts for AppScan SAST and related security testing tools. · Proactively communicate testing status, risks, and progress to US-based functional managers and engineers. · Design and implement test strategies across functionality, performance, usability, and security. · Define and execute automated and manual tests in enterprise-level environments. · Create and maintain test plans, cases, and test documentation using tools like Jira, TestNG, or JUnit. · Collaborate closely with developers to align on release schedules and troubleshoot issues. · Mentor and guide junior QA team members, ensuring work is delivered with quality and on time. · Actively participate in cross-time-zone Agile/Scrum meetings and provide timely updates on progress. · Continuously improve QA processes and contribute to best practices in CI/CD pipelines. · Execute load/performance tests and security validation (SAST/DAST) for applications across platforms. Nice to Have · Exposure to HCL AppScan Go or similar lightweight static analysis tools. · Experience integrating QA into CI/CD pipelines for secure software delivery. · Certification in QA, Security Testing, or Agile methodologies. Why Join Us? · Work on cutting-edge application security technology used globally. · Opportunity to work directly with international engineering leaders. · Make a real impact by driving quality and security in mission-critical software. · Career growth in a global organization with strong technical mentorship.

Job Summary : We are looking for a DevOps Engineer to help us build functional systems that improve customer experience. DevOps Engineer responsibilities include deploying product updates, identifying production issues and implementing integrations that meet customer needs. If you have a solid background in software engineering and are familiar with Python, wed like to meet you. It will be your responsibility to execute and automate operational processes fast, accurately and securely. Job Requirements : Working experience in Docker and Kubernetes. Experience in tools like Sonar, Appscan, Owasp, Nexus etc. with Jenkins integration. Experience in any one Cloud (AWS/Azure/GCP). Scripting: Shell/bash/Python scripting. Working with continuous integration (CI) Tools: Jenkins. Maintain services once they are live by measuring and monitoring availability, latency and overall system health. Support the application CI/CD pipeline for promoting software into higher environments through validation and operational gating, and lead DevOps automation and best practices. Follow/maintain an agile methodology for delivering on project milestones. Excellent oral, presentation, and written communication skills Preferred Qualification : Bachelors degree in Computer Science, Information Technology with 5+ years of equivalent experience. Minimum of 3 years of DevOps experience setting up CI/CD pipelines for web applications in the Cloud. Working knowledge of databases and SQL. Good understanding and knowledge of Containers, and Serverless ecosystems. Requires in-depth knowledge of the software development life cycle, logging, monitoring, and alerting. Proven implementation of creative technology solutions that advance the business.

Role Description We are looking for a skilled and motivated DevOps Engineer to join our team. The ideal candidate will have extensive experience in cloud infrastructure (particularly AWS), automation, and security best practices. You will be responsible for delivering resilient application stacks, supporting critical business applications, and collaborating with cross-functional teams to ensure system reliability, scalability, and security. Key Responsibilities Deliver resilient application stacks using Infrastructure as Code and other DevOps practices. Monitor and provide ongoing support for critical, high-revenue business applications. Diagnose and resolve complex system and application issues. Maintain strong security postures and remediate identified vulnerabilities. Collaborate with Development, QA, IT Operations, Customer Operations, and Project Management teams. Create and maintain documentation for systems and applications for both technical and non-technical stakeholders. Essential Skills And Experience Hands-on experience with AWS and public cloud environments. Proficiency in Infrastructure as Code (IaC) tools such as Terraform. Experience with CI/CD tools like GitLab CI/CD, GitHub Actions, Jenkins. Scripting and coding proficiency in PowerShell, Bash, Python, or similar languages. Familiarity with configuration management tools such as Ansible, Puppet, Chef. Strong experience with Linux server administration and troubleshooting. Proven track record in analytical and complex troubleshooting scenarios. Exposure to security tools such as Wiz, Qualys, or similar. Desirable Skills Monitoring tools: Prometheus, Grafana, CloudWatch. Log management solutions: Elastic Stack, Graylog, Splunk. Experience with relational databases: MySQL, MS SQL Server, etc. Knowledge of secret management systems like HashiCorp Vault. Familiarity with change control and related procedures. Hands-on experience with security testing and tools such as: Wiz, SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP, WebInspect, Fortify, Veracode, Nessus, etc. Skills Aws Cloud,Terraform,Powershell,Github

Job Overview: We are looking for a talented and experienced Application Security Engineer to join our team. The ideal candidate will have a strong understanding of application security standards, tools, and methodologies and will be responsible for conducting security assessments, penetration testing, and vulnerability analysis for web and mobile applications. This role requires hands-on experience with both automated and manual testing tools, familiarity with security mechanisms, and a commitment to improving the overall security posture of the organization. Key Responsibilities: • Conduct security assessments for both web and mobile applications. • Perform vulnerability assessments and penetration tests using tools such as Burp Suite Pro, AppScan, Veracode, Fortify, WebInspect, Acunetix, etc. • Leverage mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, and IDA for iOS and Android applications. • Conduct thorough testing of APIs to identify security flaws. • Utilize OWASP and SANS standards to guide security practices. • Stay up to date with the latest security testing tools, techniques, and ethical hacking methodologies. • Compile and present risk-based findings to stakeholders, providing detailed reports and suggesting appropriate mitigations. • Provide expertise on penetration testing methodologies, including black box, grey box, and white box testing. • Demonstrate proficiency with common penetration testing tools such as nmap, Wireshark, Kali Linux, Metasploit, OpenVAS, OWSAP ZAP, Accunetix, Nikto, Nessus, and sqlmap. • Assist development teams with implementing penetration tests as part of the Secure Software Development Life Cycle (Secure SDLC). • Create and refine security checklists tailored to organizational needs. • Ensure continuous security improvement by making suggestions for system and process enhancements. • Experience working with SaaS, IaaS, and PaaS environments, helping integrate and optimize security technologies and processes. Skills and Qualifications: • Proficiency with OWASP Top 10 and SANS security standards. • Strong experience in using security assessment tools, including both static (SAST) and dynamic (DAST) application security testing tools. • Hands-on experience with mobile application security testing and mobile-specific vulnerabilities. • Proficient with web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX. • Basic programming knowledge in Java, JavaScript, and SQL. • Familiarity with encryption, authentication, and authorization techniques for secure software development. • Experience in automating security testing using scripting languages like Python, Bash, or Java. • Knowledge of network security and vulnerability assessment practices. • Experience in Secure Code Review and identifying vulnerabilities in the source code. • Strong understanding of various security techniques and risk assessment processes. Certifications: • Certified Ethical Hacker (CEH) or equivalent certifications related to application security. Desired Competencies: • OWASP, Burp Suite, Web Application Security, Acunetix, Vulnerability Assessment, Network Security, Mobile Application Security. • Proficient in Secure Code Review, Python, Bash, Java, and Automation scripting.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

About Organization: Larsen & Toubro Ltd, commonly known as L&T, is an Indian multinational conglomerate company, with business interests in engineering, construction, manufacturing, technology, information technology and financial services, headquartered in Mumbai. The company is counted among world's top five construction companies. The L&T Group comprises of 93 subsidiaries, 5 associate companies, 27 joint ventures and 35 jointly held operations, operating across basic and heavy engineering, construction, realty, manufacturing of capital goods, information technology, and financial services. Specialties: Aerospace, Infrastructure, Shipbuilding, Construction, Defense, Finance, Forging, Hydrocarbon, Information Technology & Engineering Services, Construction Equipment, Railways, Boilers, Process Plant, Turbines, Power, Renewable Energy, Manufacturing and Green Hydrogen. Job Role - Application Security (Cyber), Corporate IT Educational Qualifications - B.Tech/B.E Experience - Around 2-4 years in (IT) information technology along with information security Job Location - Mumbai Job Profile Sound knowledge of Info Sec standards such as ISO27001 Understanding of technology security architecture concepts Understanding Application Risk Management Framework Should possess good interfacing skills Should possess good application security knowledge, experience on tools & methodologies related to secure software development (OWASP top20, AppScan, Metasploit, WAF) for web, mobility, API, ERP & cloud apps. Job Responsibilities Keep track of latest tools & technologies being introduced in application security arena Roll out "security by design" structure in software projects (secure SDLC) Work with solution providers to conduct limited proof of concept testing for products through well-defined measurement criteria Implement security tools & technologies as per project plans with vendors & partners Conducting software security awareness trainings for stakeholders in respective areas Good communication skills ( verbal / written ) Should be a self-starter, motivated Competencies Required Security certifications (CISSP, OSCP, CEH) desirable

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS) Strong understanding of security risks in networks and application platforms Strong understanding of network security, infrastructure security and application security Strong understanding of OSI, TCP/IP model and network basics Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms Broad knowledge of security technologies for applications, databases, networks, servers, and desktops Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones. Scripting and programming experience is beneficial Ability to perform manual penetration testing Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments. Perform technical writing to communicate the preparation, testing, and recommendation phases for various security tests. Work with stakeholders to remediate system vulnerabilities. Train team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skill of the firm Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises considered a plus. Good Understanding of OWASP top 10 and mitigation techniques Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues Database testing: MySQL, Oracle, NoSQL Understanding of cyber security management, cyber analytics, security intelligence platforms and threat intelligence frameworks Writing business proposals and response to client RFP/ RFIs Identifying business opportunities and lead delivery and program management for large cyber security programs Delivery team and client relationship management Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Qualifications B.Tech, B.E.

Job Responsibilities • Support asset development, process establishment. • Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing andanalysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. • Reporting/Dashboarding/Retesting and participation in conference calls with clients to review assessment results and consult with the clients on remediation options. • Participating/Driving conference calls with potential clients to scope out newly requested security projects and estimate effort and resource requirement to complete the project etc. Skills Required Mandatory: • 7+ years of strong Application Security experience in S-SDLC Threat Modeling, Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing, Firmware Assessment. • Expert in Application Security process establishment. • Through exposure on DevSecOps implementation/integration. • Deep hands on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. • Security tool experience - • HCL AppScan/CheckMarx/Veracode/Fortify /BurpSuite/Nmap/Nessus/Metasploit • Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. • Independent global client handling AppSec delivery exposure. >=2years. • Moderate exposure on AppSec technical solutioning, estimation and RFP/RFI response, Client presentation. • Excellent interpersonal skill.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

Information Protection Senior Analyst - HIH - Evernorth Job Description Summary The Information Protection Senior Analyst - Penetration Testing, is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 3-5 years or more of penetration testing experience. Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Lead Analyst - HIH - Evernorth Job Description Summary: Provides counsel and advice to top management on significant Information Protection matters, often requiring coordination between organizations. Viewed as an expert in a specific aspect of information security. Undertakes complex projects requiring additional specialized technical knowledge. Makes well-thought-out decisions on complex or ambiguous information security issues. Provides architectural oversight and direction for enterprise-wide security technology. Ensures high-level integration of application development with information security policies and strategies. Stays up-to-date on the direction of emerging industry standards. Identifies, evaluates, conducts, schedules and leads technical analyses functions to ensure all applicable IS security requirements are met. Provides technical analysis of requirements necessary for the protection of all information processed, stored, or transmitted by systems. Coordinates with users to determine requirements. Conducts security reviews of external service providers and outsourcing vendors and systems reviews to ensure appropriate security implementation. Focuses on providing thought leadership and technical expertise across multiple disciplines. Recognized internally as “the go-to person” for the most complex Information Protection assignments. Job Description: Position Summary: The Information Protection Lead Analyst - Penetration Testing is responsible for conducting vulnerability assessments, threat modeling, penetration tests, and red team campaigns of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems using both manual and automated methods. As a member of the Cyber Security Incident Response Team, this role will provide second and third level incident response services to the global Cigna enterprise to address Cyber Security threats to the enterprise. Daily activities will include analysis of logs, memory and disc artifacts and the use of a variety of commercial and open source security tools to respond to and triage threats in global enterprise. This role will focus on Threat Hunting and Incident Response capabilities within Cloud Service Provider environments. About Cigna: Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well –being, we care about your career health too. That’s why when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton and share in changing the way people think about healthcare. Responsibilities : Lead and execute internal and external penetration tests against corporate web applications, APIs, networks, Windows and Unix variants to discover vulnerabilities Lead and execute mobile application penetration tests for both Android and iOS based devices Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation Develop scripts, tools or methodologies to enhance Cigna’s penetration testing processes Experience in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.) Experience with network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments Knowledge of Windows and *nix-based operating systems Knowledge of networking fundamentals and common attacks Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C) Exploit development and validation skills Ability to analyze vulnerabilities, appropriately characterize threats, and provide remediation recommendations Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities Qualifications: High School diploma; Bachelor's degree preferred 5-8 years or more of penetration testing experience One or more professional certifications such as OSCP, OSCE, GWAPT, GSEC, GPEN, GXPN Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to “think outside the box” Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Analyst, Penetration Testing Job Description Summary The Information Protection Senior Analyst - Penetration Testing, is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 1-3 years of penetration testing experience. Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

As a Security Testing professional at Lexmark India, you will be part of a dynamic team dedicated to ensuring the security of our software products. You will have the opportunity to utilize your technical expertise to conduct web application security assessments and penetration tests. Your role will involve assessing applications for various security issues such as Authentication, Authorization, User management, Session management, Data validation, and common attacks like SQL injection, Cross-site scripting, and Command injection. Additionally, you will evaluate the security aspects of Web Services design and implementation, focusing on confidentiality, integrity, trust relationships, and authentication using security standards like XML signatures, XML encryption, SAML, and WS-Security. Your responsibilities will extend to thick client assessment, writing formal security assessment reports, and participating in client conference calls for data gathering and technical issue advisory. To excel in this role, you should possess hands-on experience with tools like Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Openssl, Mallory, Wireshark, and have familiarity with mobile application development and assessment for platforms such as iOS, Android, and Windows. Knowledge of web application development languages like C#, Java, PHP, ASP.NET, scripting languages like Python, JavaScript, Ruby, SQL, and reviewing code in languages such as C, C++, Java, PHP, C#, ASP.NET, Go is essential. Moreover, expertise in automated source code analysis tools like Acunetix, Appscan, and certifications such as OSCP or CEH will be advantageous. Proficiency in version control software like git and Subversion, along with a demonstration of Lexmark core values including Innovation, Excellence, Agility, Integrity, Community, and Respect, will further enhance your suitability for this role. If you are a self-starter with a strong aptitude, analytical skills, and a passion for technology, and have 3 to 5 years of application security testing experience, then we encourage you to apply for this exciting opportunity with Lexmark India. Join us in our mission to deliver first-class products and solutions to our global customers. Apply now and showcase your innovative spirit with a renowned technology leader.,

Roles & responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Experience in one or more of the following is a plus: mobile application testing, Web application pen testing, application architecture, and business logic analysis. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in the development of web applications and/or APIs. should be able to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred: GWAPT, CREST, OSCP, OSWE, OSWA

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. We are looking for a Sr. Java Developer ((Spring Boot, REST APIs, Microservices) within our AppScan Product team. We are looking for candidates with 8+ years of experience who possess the following skills: Java Developer (8–12 Years Experience) Work Mode: Bangalore / Remote Required Skills: 8–12 years of hands-on experience in Java development, including expertise in Spring Boot, REST APIs, and Microservices. Experience working in Agile teams with strong remote collaboration skills. Familiarity with AI-assisted development tools (e.g., GitHub Copilot) to enhance productivity. Excellent problem-solving skills, ownership mindset, and ability to work independently. Key Responsibilities: Design, develop, and maintain robust backend systems using Java and related technologies. Contribute to architecture decisions , code reviews, and technical discussions. Ensure code quality , performance, and security across all deliverables. Collaborate with cross-functional teams including product management, QA, and DevOps to deliver high-impact features. Leverage AI-assisted tools to boost productivity and maintain development velocity. Actively participate in Agile ceremonies and contribute to continuous improvement within the team. Preferred Skills: Understanding of CI/CD pipelines (e.g., Jenkins, GitHub Actions, Azure DevOps). Exposure to DevSecOps principles and secure coding best practices. Experience with cloud platforms (AWS, Azure) and containerization (Docker, Kubernetes). Familiarity with building scalable, distributed systems and API-first design.

JTSi Technologies India is looking for Application Security Engineer to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

o Experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux Perform automated testing of running applications and static code (SAST, DAST).

Job Title: Cybersecurity Consultant – VAPT Specialist Location: Riyadh Experience Level: Mid to Senior Employment Type: Full-time Job Summary We are seeking a highly skilled and passionate Cybersecurity Consultant with deep expertise in Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, and API platforms . The ideal candidate will have a strong background in identifying and remediating high-risk vulnerabilities, collaborating with cross-functional teams, and implementing robust security strategies tailored to diverse industries. This role requires a proactive approach to threat mitigation, excellent technical capabilities, and a commitment to continuous learning. Roles & Responsibilities Conduct in-depth Vulnerability Assessment and Penetration Testing (VAPT) for web, mobile, and API platforms, addressing OWASP Top 10, identifying business logic flaws, and uncovering complex attack vectors. Collaborate with IT and development teams to remediate vulnerabilities effectively and within defined SLAs. Design and implement yearly cybersecurity plans aligned with regulatory standards including SAMA CSF, SAMA ITGF, NCA CSCC, NCA ECC , and PCI-DSS . Perform advanced threat hunting, source code reviews , and SIEM audits to detect integration flaws and hidden threats. Carry out network and server configuration reviews in line with NIST, CIS benchmarks , or customized Minimum Baseline Security Standards (MBSS) . Utilize advanced security tools such as: Core Impact, Tenable SC, Nessus, Nmap, Metasploit, Acunetix, AppScan, Splunk, QRadar, Volatility, Hydra, Burp Suite, SonarQube, SQLMap, Fortify , etc. Conduct risk assessments, compromise assessments , and provide tailored recommendations to strengthen the organization’s security posture. Demonstrate strong communication and interpersonal skills , ensuring seamless collaboration across departments and with clients. Stay ahead of evolving threats by researching the latest technologies and attack vectors , and apply this knowledge to secure client environments. Required Qualifications Bachelor of Science Deep understanding of security frameworks, methodologies, and risk-based prioritization. Certifications (Preferred) Certified Information Security Manager (CISM) Certified Red Team Professional (CRTP) eLearn Certified Threat Hunting Professional (eCTHP) eLearn Web Penetration Tester (eWPT) Certified Ethical Hacker (Practical) (CEH) NSE1 – Network Security Associate Key Skills VAPT (Web, Mobile, API) Threat Hunting & Compromise Assessment Source Code & Network Configuration Review Regulatory Compliance (PCI-DSS, NCA, SAMA) Security Tool Proficiency (BurpSuite, Nessus, Metasploit, etc.) Risk Analysis & Communication Skills Report Writing & Executive Summarization

Job Summary Strong analytical and problem-solving skills Extensive coding experience in Java and Advance Java programming Good understanding of software development lifecycle using Agile/Waterfall models Good knowledge on object-oriented analysis and design Experience in source control, versioning, branching etc. Good understanding of fundamental design principles and coding standards. Extensive experience in Automation testing and tooling 4 to 8 Years of experience in application development using Java, J2EE, Microservices. Key Responsibilities Business Understand the bank priorities on the strategic initiatives and on the new programs planned further Processes Adhere to ADO principles and guidelines on all Program delivery. Compliance on ICS guidelines, Security and Data protection Compliant to SDF/TDA/ADO process and drive bank towards automating process areas removing redundancies Governance Must be aware of the Group’s regulatory framework and is expected to adhere based on the role. Must understand the oversight and controls related to Business Unit, Job Function and deliver. Regulatory & Business Conduct Display exemplary conduct and live by the Group’s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters Key stakeholders CEE Hive ITO, CEE Engineering Team, Application Delivery, PSS, Testing Other Responsibilities Manage and handle all CCIB CLDM Objectives. Qualifications Technical Competence Good knowledge about Design Patterns and Principles, Microservices Architecture. Strong hands-on experience on CI-CD pattern with good knowledge on related tools like GIT, ADO, Jenkins, OpenShift, Kubernetes, Docker and automation test tool like JMeter, SoapUI. Good knowledge on API building (Web Service, SOAP/REST). Good knowledge on multi-threading and multi-processing implementations. Good knowledge in dependency injections like Spring DI/Blueprints and JSON libraries like Jackson/GSON Good knowledge in Linux Operating System (Preferably RHEL). Expertise in RDBMS solutions (Oracle, PostgreSQL) & NoSQL offerings (Cassandra, MongoDB, etc) Strong programming and hands-on skills in Java. Strong programming and hands-on skills in Python. Strong experience in open-source frameworks like Spring, Hibernate, Transaction Management and Apache Libraries (Camel/ActiveMQ/Commons). Good Understanding code quality tools like SonarQube, AppScan, AQUA. Strong experience on Unit testing and code coverage using JUnit/Mockito. Good to Have Experience in application development for Client Due Diligence (CDD), CRA, On-boarding, FATCA & CRS Good knowledge on Cloud native application development, and knowledge of Cloud computing services. CDD process awareness including AML, KYC and Screening Enhance and improve CDD related processes. Role Specific Technical Competencies Java, J2EE, Spring Boot, Microservices Python, HiveQL OCP, Kubernetes PL/SQL Programming, RDBMS Devops Tools React JS Java, J2EE, Spring Boot, Microservices About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together We Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term What We Offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software composition analysis, security architecture review and container security. Additionally, you provide comprehensive support in vulnerability management, service monitoring, and DevSecOps practices. Roles & Responsibilities:-Should have hands-on experience and knowledge of manual and automated penetration testing on the web, mobile and cloud-based applications.-Should have hands-on experience and knowledge of DAST (Dynamic Application Security Testing) to identify runtime vulnerabilities in staging and production environments.-Should have hands-on experience and knowledge of SAST (Static Application Security Testing) for early-stage source code and binary analysis.-Should have hands-on experience and knowledge of SCA (Software Composition Analysis) to detect open-source risks and license compliance issues.-Should have hands-on experience and knowledge of executing SAR (Security Architecture Review) of complex and cloud-based application and should be able to strategize risk remediation with the stakeholders or Security Architect.-Should have hands-on experience and knowledge of integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI).-Should have hands-on experience and knowledge of enforcing policy-as-code, shift-left security testing, and secure code delivery practices and automate security checks for container images and Kubernetes workloads.-Should be able to scan and harden docker containers using industry-standard tools.-Should be able to monitor vulnerabilities in container registries and orchestrators (e.g., Kubernetes, ECS).-Skilled in communicating security findings to technical and non-technical stakeholders.-Contribute to secure architecture reviews, risk assessments, and compliance initiatives.-Should be able to manage clients and various stakeholders.Should be a good people manager and should have experience of people and project management. Professional & Technical Skills: Tools & Technologies:Pentest Tools:Burp Suite Pro, OWASP ZAP, Nmap, Postman, Kali Linux,DAST/SAST/SCA:Fortify, Checkmarx, Veracode, Coverity, AppScan, Black Duck, Snyk,DevSecOps:GitHub Actions, Jenkins, GitLab, Docker, Kubernetes,VM Tools:Qualys, Tenable, ThreadFix,Monitoring:ServiceNow, Jira, Confluence-Should be able to collaborate with infrastructure and DevOps teams to secure cloud-native deployments.-Should be able to identify, triage, and manage vulnerabilities using centralized platforms (e.g., ThreadFix).-Should track vulnerability lifecycle from detection through remediation and reporting.-Should support real-time service monitoring to maintain system integrity and threat detection coverage. Additional Information:- The candidate should have minimum 7.5 years of experience in DevSecOps.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

 At Dario, Every Day is a New Opportunity to Make a Difference. We are on a mission to make better health easy. Every day our employees contribute to this mission and help hundreds of thousands of people around the globe improve their health. How cool is that? We are looking for passionate, smart, and collaborative people who have a desire to do something meaningful and impactful in their career. We are looking for a talented Senior Software developer to take responsibility for DarioHealth solutions and products. As a senior Backend developer, you will Join a growing Agile team of experienced developers building production applications, backend services, data solutions and platform infrastructure. Responsibilities Development high scale cloud-based solutions in Health area Development in cutting edge technologies Position will be involved in design and implementation of low latency, high availability and high-performance services Development in very dynamic environment which provides ability to learn and implement new technologies Create RESTful APIs that provide unprecedented access to data via client apps. Produce efficient and a fully tested, and documented code. Be part of a talented and motivated Agile team, therefore a commitment to collaborative problem solving, sophisticate design, and the creation of quality products are essential. Requirements: 4+ years’ experience in back-end development 2+ years in NodeJS, Javascript ES6, Typescript. Expertise in using AI development tools. Experience in MongoDB, PostgreSQL, MySQL or equivalent Strong experience with creating REST and RESTful services Strong understanding of microservices, event-driven architectures, serverless and container technologies (Lambda, Docker), and container orchestration platforms such as Kubernetes, OpenShift, or equivalent Familiarity with CI/CD pipelines and related tools for unit testing (e.g. JUnit), static and dynamic code scanning (e.g. AppScan, Fortify), and build tools such as Jenkins. Familiarity with AWS SDKs Experience with AWS services such as EKS, RDS, API GW Experience in google cloud, Firebase services AWS Certified Developer/Solution Architect - Big Advantage Experience scaling up a B2B2C and B2C solutions - Big Advantage DarioHealth promotes diversity of thought, culture and background, which connects the entire Dario team. We believe that every member on our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and to discover, design and deliver solutions. We are passionate about building and sustaining an inclusive and equitable working and learning environments for all people, and do not discriminate against any employee or job candidate. ***

About Company: Team1 Consulting is a leading System Integrator specializing in IT infrastructure, software, cyber security, cloud solutions, and generative AI domains. We deliver cutting-edge IT solutions tailored to drive innovation and accelerate business growth. Our expertise empowers organizations across industries to thrive in the digital era with customized, high-impact solutions that ensure success in an ever-evolving landscape. Job Title : Software Solutions Engineer Location : Noida Department : Technical Job Summary : We are seeking a skilled and experienced Software Solutions Engineer with specialization in HCL BigFix, AppScan, and Domino to join our Technology team. The ideal candidate will be responsible for implementing, managing, and maintaining various software solutions including HCL BigFix for endpoint management, HCL AppScan for application security, and HCL Domino for email and collaboration services. The role requires strong expertise in system administration, security compliance, and troubleshooting. Candidate will also be responsible for setting up the demo and POC and carryout the implementation independently. Key Responsibilities: HCL BigFix: Deploy, configure, and manage HCL BigFix for endpoint security and patch management. Monitor and ensure compliance with security policies across all managed endpoints. Develop and manage custom Fixlets, baselines, and policies. Troubleshoot and resolve BigFix-related issues. HCL AppScan: Install, configure, and maintain HCL AppScan for web application security testing. Perform static and dynamic application security testing (SAST/DAST). Analyse security vulnerabilities and work with development teams to remediate issues. Ensure applications meet security compliance and industry standards. HCL Domino: Administer, support, and maintain HCL Domino servers and applications. Manage email and collaboration services, ensuring high availability and security. Perform system upgrades, patching, and troubleshooting for Domino environments. Develop and enforce best practices for user access control, backup, and disaster recovery. Knowledge Base Management: Contribute to the development and maintenance of the knowledge base by documenting common issues and solutions, creating FAQs, and updating internal guides. Customer Interaction: Communicate clearly and professionally with customers, setting expectations and providing updates on the status of their issues. Process Improvement: Identify recurring issues and work with the team to develop solutions that improve overall support processes and reduce ticket volume. Training and Development: Stay current with industry trends and new technologies to continuously improve support skills and knowledge. Qualifications: Experience: Previous experience in of various software solutions implementation is preferred. Technical Skills: Strong understanding of IBM and HCL Software Communication Skills: Excellent written and verbal communication skills with a focus on customer service. Problem-Solving: Strong analytical and troubleshooting skills with the ability to resolve issues efficiently. Organization: Ability to manage multiple tasks and priorities in a fast-paced environment. Education: Graduate / Postgraduate / Relevant college degree preferred. Working Conditions: Office Hours: 9 AM to 6 PM or 10 AM to 7 PM. At times job role may require you to work beyond office hours. Office Working Days: Monday to Friday except last Saturday of the month. Environment: A healthy office work culture that promotes well-being, productivity, and job satisfaction by offering supportive, respectful, and inclusive atmosphere. Travel: Willing to undertake official travel to client locations to help facilitate resolve various technical issues and participate in the customer cadence calls and meetings from time to time.