86 Checkmarx Jobs - Page 2

You will be responsible for performing automated testing of running applications and static code (SAST, DAST). Additionally, you will conduct manual application penetration tests on various platforms such as web applications, internal applications, APIs, internal and external networks, and mobile applications to identify and exploit vulnerabilities. Experience in mobile application testing, Web application pen testing, application architecture, and business logic analysis would be advantageous. You will need to utilize application tools like AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux to carry out security tests and should be capable of explaining concepts like IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, and Remediation. The mandatory technical and functional skills required for this role include a minimum of three (3) years of recent experience with application tools for security testing, manual penetration testing, and code review against web apps, mobile apps, and APIs. You should also have experience in working with both technical and non-technical audiences to report results and lead remediation conversations. It is preferred that you have at least one year of experience in developing web applications and/or APIs. Being able to adapt to new tools and technologies to address client project requirements efficiently is a key aspect of this role. While having major ethical hacking certifications like GWAPT, CREST, OSCP, OSWE, or OSWA is not mandatory, it would be considered advantageous.,

You should have at least 3 to 15 years of experience for this role based in Navi Mumbai. As a Business Analyst (BA), your primary skills should include expertise in FBTI configuration, customization, and support within the domain knowledge. You should also be proficient in data analysis tools like SQL, Excel, and data visualization software such as PowerBI to extract insights from large datasets. Requirement management is a crucial aspect where you need to document, analyze, and refine project design requirements, encompassing functional and non-functional specifications. Proficiency in business process modeling and workflow design using tools like MS Visio and BPMN is essential. Additionally, your advanced communication skills will play a significant role in effectively engaging with stakeholders, presenting findings, and preparing functional/technical documentation. Testing organization and execution should be part of your skill set, including designing and executing test cases manually and using automated tools to ensure software meets user expectations. For the Developer role, you should have a minimum of 3 years of experience with primary skills including Java Language, specifically hands-on experience with core concepts and features of Java 8 or later, along with knowledge in the Spring Framework. Proven experience in the trade finance domain, especially with FBTI application from FINASTRA, is required. Knowledge of database technologies like Oracle and SQL is essential, along with experience in continuous integration and Continuous Delivery/Deployment pipelines such as GitLab CI, Maven, ANT. Proficiency in version control systems, particularly Git, is expected. Experience with Integrated Development Environments like Eclipse or IntelliJ is beneficial. You should have a strong understanding of code quality practices, including code reviews, unit testing / TDD, and integration testing. Experience with SonarQube and Checkmarx source code analysis tools will be advantageous.,

As a Cybersecurity Application Security Consultant with a focus on DevSecOps in Bhopal, Madhya Pradesh, you will play a crucial role in ensuring the secure design, development, and deployment of applications by integrating security measures across the SDLC. Your responsibilities will include integrating security into CI/CD pipelines, performing various security testing such as SAST, DAST, IAST, and SCA, conducting threat modeling and security architecture reviews, guiding teams on secure coding practices, and automating security testing using tools like Burp Suite, ZAP, Checkmarx, SonarQube, among others. Additionally, you will be involved in supporting incident response activities and maintaining security documentation. To excel in this role, you should have at least 3 years of experience in application security with a strong focus on DevSecOps. Proficiency in OWASP Top 10, secure coding practices, and vulnerability management is essential. You should be familiar with tools such as Jenkins, GitLab, Azure DevOps, Fortify, and have hands-on experience with scripting languages like Python and Bash, as well as container security technologies like Docker and Kubernetes. Excellent communication and problem-solving skills are also required. Preferred qualifications for this position include a degree in Computer Science, Information Technology, or Cybersecurity, along with certifications like CEH or OSCP. Knowledge of compliance standards such as ISO 27001, NIST, and GDPR, as well as familiarity with programming languages like Java, .NET, Python, and Node.js, would be advantageous. This is a full-time permanent position with a day shift schedule. The work location may vary as it involves being on the road for certain assignments.,

Information Protection Advisor, Penetration Testing Job Description Summary Provides counsel and advice to top management on significant Information Protection matters, often requiring coordination between organizations. Viewed as an expert in a specific aspect of information security. Undertakes complex projects requiring additional specialized technical knowledge. Makes well-thought-out decisions on complex or ambiguous information security issues. Provides architectural oversight and direction for enterprise-wide security technology. Ensures high-level integration of application development with information security policies and strategies. Stays up-to-date on the direction of emerging industry standards. Identifies, evaluates, conducts, schedules and leads technical analyses functions to ensure all applicable IS security requirements are met. Provides technical analysis of requirements necessary for the protection of all information processed, stored, or transmitted by systems. Coordinates with users to determine requirements. Conducts security reviews of external service providers and outsourcing vendors and systems reviews to ensure appropriate security implementation. Focuses on providing thought leadership and technical expertise across multiple disciplines. Recognized internally as the go-to person for the most complex Information Protection assignments. Job Description Position Summary The Information Protection Sr. Advisor - Penetration Testing is responsible for conducting vulnerability assessments, threat modeling, penetration tests, and red team campaigns of Cignas IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cignas systems using both manual and automated methods. As a member of the Cyber Security Incident Response Team, this role will provide second and third level incident response services to the global Cigna enterprise to address Cyber Security threats to the enterprise. Daily activities will include analysis of logs, memory and disc artifacts and the use of a variety of commercial and open source security tools to respond to and triage threats in global enterprise. This role will focus on Threat Hunting and Incident Response capabilities within Cloud Service Provider environments. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we dont just care about your well being, we care about your career health too. Thats why when you work with us, you can count on a different kind of career youll make a difference, learn a ton and share in changing the way people think about healthcare. Responsibilities Lead and execute internal and external penetration tests against corporate web applications, APIs, networks, Windows and Unix variants to discover vulnerabilities Lead and execute mobile application penetration tests for both Android and iOS based devices Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation Develop scripts, tools or methodologies to enhance Cignas penetration testing processes Experience in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.) Experience with network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments Knowledge of Windows and *nix-based operating systems Knowledge of networking fundamentals and common attacks Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C) Exploit development and validation skills Ability to analyze vulnerabilities, appropriately characterize threats, and provide remediation recommendations Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities Qualifications High School diploma; Bachelor&aposs degree preferred 11-13 years or more of penetration testing experience One or more professional certifications such as OSCP, OSCE, GWAPT, GSEC, GPEN, GXPN Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to think outside the box Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives. Show more Show less

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud. You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What You Will Be Doing Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, and notification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of the SDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What We&aposll Want You To Have You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for: DAST: Burp Suite, OWASP Zap, Invicti, AppScan SAST/SCA: Fortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface Management: OWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful security?initiatives.? Understanding of software development; how applications and systems are designed, built, and break is critical. Understand?DevSecOps?cultural mindsets, and an engineering-focused approach to solving?complex?security problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes.? The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Show more Show less

We are seeking talented and experienced Java Full Stack Developers to join our dynamic team at a reputed client location in Pune. If you are passionate about backend and frontend technologies, system design, and DevOps practices, this is your opportunity to make an impact! Qualification: - Bachelors or Masters degree in Computer Science, Engineering, or a related field. Required Skills: - Strong hands-on experience with Java, Spring Framework, and Spring Boot - Expertise in building and consuming RESTful APIs - Solid frontend development skills using React.js - Proficiency in PostgreSQL and Apache Kafka - Experience with CI/CD tools: Chef, Jenkins, Maven, SonarQube, Checkmarx - Deep understanding of High & Low-Level System Design - Experience in Domain-Driven Design and Event-Driven Architecture - Strong debugging, performance tuning, and troubleshooting capabilities - Excellent communication skills to collaborate with technical and business stakeholders - Proven ability to lead, mentor, and coach development teams Job Role & Responsibilities: - Develop, enhance, and maintain fullstack applications using Java and React - Design and implement robust, scalable, and secure backend services - Integrate systems using Apache Kafka and manage event-driven workflows - Ensure code quality with continuous integration, code reviews, and static analysis tools - Participate in system design discussions and contribute to architecture decisions - Lead and mentor junior developers, promote coding standards and best practices - Collaborate with cross-functional teams, including product managers and architects - Troubleshoot issues across the stack and optimize application performance Note: This is a Work from Office (5 Days a Week) opportunity at the client location in Yerwada, Pune.,

Walk-In Drive || DevOps - 2nd Aug 25 Date : 2nd Aug 25 Time : 10:00 AM Venue : HCL Technologies campus at Cessna Business Park Building B-9, ORR Facility, Outer Ring Road, Bengaluru, Karnataka - 560 087 Job Description: Key Responsibilities: Administer on-premise GitHub Enterprise environments. Migrate repositories from other code hosting platforms to GitHub. Manage users, accounts, and repository roles at the Organization level. Design, develop, and maintain CI/CD workflows using GitHub Actions. Integrate GitHub Actions with tools like JFrog Artifactory, CheckMarx, BlackDuck, Sonar, etc. Develop reusable and modular GitHub Actions workflows and templates. Work with Docker and Kubernetes for containerization and orchestration. Required Skills: Proven experience administering GitHub Enterprise (on-prem). Strong knowledge of Git and GitOps practices. Expertise in CI/CD pipeline design and automation using GitHub Actions. Proficient in scripting (Bash, Python, PowerShell, etc.). Familiar with industry-standard security and compliance practices. Hands-on experience with Docker and Kubernetes. Show more Show less

What You'll Do: Practice Leadership: Define and execute the overall strategy for the Vulnerability Management practice. Identify and develop new service offerings to meet evolving client needs. Establish and maintain strong relationships with key technology partners. Stay abreast of industry trends and emerging security threats. Solution Development & Delivery: Lead the development of comprehensive Vulnerability Management, Application Security, Penetration Testing and Red Teaming solutions tailored to client requirements. Oversee the implementation and management of security services, including Vulnerability Management, Application Security, Penetration Testing and Red Teaming solutions and security awareness training. Familiarity with compliance & security standards across the enterprise IT landscape. Knowledge of compliances (PCI DSS, SOX etc.) and IS standards (ISO 27001, BS25999, ISO 2700X, OWASP, CIS, etc). Develop and maintain comprehensive service documentation and operational procedures. RFP Response & Pre-Sales: Lead the technical response to RFPs and RFIs, crafting compelling solutions that address client security challenges. Collaborate with sales teams to develop winning proposals and presentations. Provide expert security guidance during client meetings and presentations. Client Relationship Management: Build and maintain strong relationships with clients. Conduct regular service reviews and provide proactive security recommendations. Act as a trusted advisor to clients on security matters. Expertise You'll Bring: 8+ years of experience in information security, with a focus on Red Teaming & Vulnerability Management services. Deep understanding of security technologies and methodologies that includes but not limited to Nessus, Qualys, Checkmarx, Burpsuite and Security Awareness. Experience in managing and delivering security services to enterprise clients. Proven ability to lead and mentor technical teams. Excellent communication, presentation, and interpersonal skills. Strong analytical and problem-solving abilities. Bachelors degree in computer science or a related field. Relevant industry certifications (CEH, OSCP) are highly desirable.

Organization: At CommBank, we never lose sight of the role we play in other peoples financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things. Job Title: Staff Software Engineer Location: Manyata Tech Park, Bangalore (Hybrid) Business & Team: Our Bankwest Technology division is at the heart of our digital product strategy, and is responsible for the management and deployment of technology change across the organisation. Our tech teams work at pace, with autonomy and local decision making, to deploy world-class solutions in the pursuit of our business strategy. Youll be joining our Bankwest Tech Team, a critical supporting function that allows teams to deliver rapidly whilst still aligning to a strategic roadmap. As a team of trusted internal consultants, youll provide the expertise, guidance and technology governance to delivery teams to plot a pragmatic path between todays deliverables and our longer term enterprise objectives. Youll provide input into roadmaps, best practice, standards and methodologies to help ensure high quality outcomes, and oversee implementation to ensure business objectives are met. Since you bridge the gap between business problems and technology solutions, youll need to be equally comfortable engaging with senior stakeholders as with engineering teams, and excellent communication skills (in both directions) are a must. And often youll work across a range of different initiatives, so whilst youre never short of a challenge, the ability to work independently and manage your own time is important Impact & contribution: As a Staff Engineer you are: Empathetic and self-aware. You think and care deeply about how you might interact with your team, stakeholders and customers. A Mentor, harboring a passion to nurture, grow and influence those around you to think differently and always maintain a growth mindset. Innovative. You continually seek to improve the status quo for our customers. You inspire your team to do the same and remain resilient through change. Promoting quality and delivering at pace through the maximization of automation is one of the key focus areas of the role. Ownership, you take responsibility for the software design, engineering processes and quality standards of yours as well as your team members as you work in a collaborative environment. Roles & responsibilities: As a Staff Software Engineer, you - All aspects of the SDLC which includes Analysis, Estimation, Design, Development, Quality Assurance, Support, Maintenance and Optimization tasks. Should be a quick learner and be flexible and open to learn modern technology and frameworks and write code. Drive pragmatic and fit for purpose solutions of high technical quality. Maintaining software design, engineering processes and quality standards including maintaining privacy of customer information and following secure code practice. Provide tools, expertise, and knowledge to help squad gain a shared understanding of outcome and shared ownership of quality. Should be aligned to Full spectrum engineering squad. Maintains awareness of changes in the external environment and continuously advances the capability. Pro-actively look for ways to provide faster feedback, including uplift in test automation maturity in the squad. Work collaboratively with engineers within and across squads. Support the team in delivering quality outcomes within committed time frames. Follow secure code practices. Essential Skills:- Minimum 12 years of experience with expert level knowledge, working with the following languages. Java and J2EE Angular or equivalent Frontend technology REST and API Development Spring Framework Front End Web Development (Angular preferred only for Full stack. Experience working with the following Tools and Frameworks: Experience in DevSecOps tools and frameworks SRE Awareness Experience working in AWS (preferred) IDEs (Visual Studio Code & IntelliJ) NodeJS and NPM (only for Full stack) Automated Testing frameworks such as JUnit, Playwright and DevTest Source Control systems such as GitHub Build & Deployment tools such as TeamCity, Octopus Deploy Monitoring tools such as Splunk, AppDynamics, Checkmarx Database such as Oracle, MySQL etc. Educational Qualification: Bachelors degree or Masters degree in engineering in Information Technology. If you&aposre already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you&aposll need to apply through Sidekick to submit a valid application. Were keen to support you with the next step in your career. We&aposre aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 13/08/2025 Show more Show less

About the Company Softcell Global Technologies Pvt. Ltd. is a leading IT services provider with over 30 years of experience in infrastructure solutions, cybersecurity, cloud, and engineering. Trusted by top banks, enterprises, and government institutions, Softcell is a CERT-In empaneled organization at the forefront of cybersecurity service delivery. About the Role Softcell Global Technologies Pvt. Ltd. is looking for a passionate and skilled Security Analyst with at least 2-3 years of experience in vulnerability assessment, penetration testing and code review. The ideal candidate should have a foundational understanding of cybersecurity, good hands-on skills with security tools, and hold certifications such as OSCP, CRTP, eJPT, CPENT, CEH or equivalents. The role involves supporting offensive security operations, assisting in analysis and reporting, and collaborating with senior analysts during engagements. Responsibilities Conduct in-depth penetration tests on web apps, APIs, networks, cloud, AD and OT environments. Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities SAST and DAST. Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs. Act as a collaborator for VAPT projects, ensuring timely delivery and quality assurance. Interface directly with clients to present findings and suggest remediation strategies. Collaborate to manage testing schedules, reporting timelines, and workflows to ensure on-time delivery. Draft detailed vulnerability reports with actionable remediation. Qualifications Bachelors degree in Computer Science, Cybersecurity, or related field. Required Skills Minimum 2-3 years of experience in vulnerability assessment and penetration testing support. Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation. Scripting proficiency in Python, PowerShell, or Bash. Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc. Excellent communication, documentation, and collaboration skills. Preferred Skills Preferred Certifications: OSCP Offensive Security Certified Professional OSWE Offensive Security Web Expert CRTP Certified Red Team Professional CRTE Certified Red Team Expert CPENT Certified Penetration Testing Professional CEH Certified Ethical Hacker eJPT, eCPTX, CBBH, PNPT or equivalent certifications in advanced adversarial simulation. Immediate Joiners Preferred. Practical Skills are a Must. Location: Delhi and Bangalore (Onsite Only). Equal Opportunity Statement We must fill this position urgently. Can you start immediately Ideal answer: Yes. Why Join Softcell Be part of a CERT-In empaneled cybersecurity team delivering critical security services. Get exposure to real-world attack simulations, internal security assessments, and VAPT projects. Learn and grow under certified red teamers and penetration testers. Access lab environments, tools, and mentoring to grow your skills. Regards HR Team Show more Show less

Are you ready to make an impact at DTCC Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. Pay And Benefits Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance and well-being benefits, based on location Pension / Retirement benefits Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact You Will Have In This Role Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture. Your Primary Responsibilities Set up, customize, and maintain SAST tools (e.g., SonarQube, Fortify, Checkmarx, Veracode) to align with project-specific requirements. Perform manual and automated code reviews to identify and advise on secure coding issues. Integrate SAST tools into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.) to support shift-left security. Work with development teams to fine-tune SAST rules, reduce false positives, and ensure meaningful results. Assist developers in understanding and fixing security issues by providing actionable feedback. Implement basic security checks for Infrastructure as Code (IaC) and secrets detection in repositories. Collaborate with DevOps teams to ensure security tooling is seamlessly embedded into build and deployment workflows. Qualifications Minimum of 4 years of related experience Bachelor&aposs degree preferred or equivalent experience Talents Needed For Success Fosters a culture where honesty and transparency are expected. Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date. Collaborates well within and across teams. Communicates openly with team members and others. Resolves disagreements between colleagues effectively, minimizing the impact on the wider team. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute to achieving the teams goal. Responsibilities Direct Responsibilities Strong expertise in application security concepts and activities like Source Code Review (SAST) & Dynamic application vulnerability scanning (DAST). Good understanding of Information Security concepts and strategies. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like Apisan, WebInspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Experience in Process Improvement, Controls Enhancement and Reporting. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Providing independent expert advice to the IT areas on application & data risk issues. Engaging with organization wide risk and control groups, including internal audit and territory control teams. Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulate appropriate remediation strategies based on a full understanding of business exposure and compensating controls. Contributing Responsibilities Monitoring and oversight of existing IT risks, working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate. Managing relationships with Business and IT teams, chairing periodic meetings and being a point of contact for escalating to wider team members. Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders. SPOC for security architecture meetings. Technical & Behavioral Competencies Excellent Interpersonal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills. Specific Qualifications (if required) CEH, SSCP, OSCP certified. Technical Graduate (Computer Science) Preferable.

As a Java Lead/Developer with 5+ years of experience, you will be responsible for developing and leading projects using Java Springboot, API development, and microservices. Your primary skills should include: - Proficiency in Java Spring Boot and Spring WebFlux for programming - Strong experience in API-Driven Development, particularly in RESTful and Microservices - Deep understanding of Data Structures and Algorithms - Hands-on experience with concurrency frameworks like Mono, Flux, and Akka - Familiarity with ORM frameworks such as Entity, Hibernate, and Dapper - Expertise in relational databases like Oracle, MS SQL, or Postgres - Good knowledge of queuing or streaming engines like Kafka - Experience in Unit Testing / TDD and working with CI/CD tools like NUnit, Junit - Proficiency with Docker, GIT, SonarQube, Checkmarx, OpenShift, and other deployment tools - Ability to use tools like Jira, GitLab, Swagger, Postman, SOAP UI, and Service Now - Basic understanding of JavaScript, HTML, and CSS If you have 5-8 years of development experience or 8+ years of lead experience in Java and possess the mentioned skills, this role could be an excellent fit for you. Join us and contribute to cutting-edge projects in a dynamic work environment.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. We are looking for an expert in Android application development with solid foundation in enterprise and commercial applications, interested in building highly performant mobile apps with Jetpack and Kotlin. Your primary focus will be on leading a team, proposing reference architectures, creating estimates, and giving inputs to client proposals. You will also lead the development of user interface and reusable components. You will ensure that these components and the overall application are robust and easy to maintain. A commitment to collaborative problem solving, sophisticated expandable design, and quality product is important. **Responsibilities:** - Developing new user interface using Jetpack compose - Networking Libraries and integration with third-party frameworks - Building reusable components and libraries for future use - Translating designs and wireframes into high quality code - Ability to optimize the code through the use of instruments or various techniques of memory profiling - Guiding the team to follow best industry practices to deliver clean code while keeping performance in check - Fostering teamwork and leading by example - People and Stakeholder management by close interaction with clients and internal stakeholders **Experience:** - 6+ years experience in Android native application development with Jetpack compose and Kotlin - Excellent UI/UX and architecture skills - Ability to transform the design into code quickly - Experience in unit testing and ensuring the developed code passes the quality gate from Sonar - Experience in identifying code quality issues during code reviews - JSON, REST and Web Services, low energy peripheral devices integration - Experience in setting up continuous integration processes and automated unit/UI testing - Jira, git or other tools **Must have skills:** - In-depth knowledge in Kotlin and Jetpack compose - Expertise in Retrofit, Volley, RoomDB, SharedPreferences, Hilt, Dagger, Co-routines - Understanding and implementing accessibility - Ability to Perform concurrency and performance testing - Ability to organize large-scale front-end mobile application codebases using common mobile design patterns such as MVVM, MVC or Viper - Understanding and working in Snapshot testing - In-depth understanding of layouts - Understanding of interactive application development paradigms, GUI, memory management, file I/O, network & socket programming, concurrency, and multi-threading - Developing cutting-edge functional modules that will be integrated across our application - Experience in code versioning tools such as Git or SVN - Understanding and Implementation of SOLID principles in an Android Application - Staying abreast of latest Android platform features and proposing the evolution of the application to take advantage of the same - Experience with two-way data synchronization between client and server database for applications that support offline capability - Unit-testing code for robustness, including edge cases, usability, and general reliability - Continuously discovering, evaluating, and implementing new technologies to maximize development efficiency - Experience in implementing security policies - Experience in automation, CI/CD, and Unit testing frameworks - Ability to analyze crash logs and provide fixes - Ability to write code that passes multiple quality gates from Checkmarx, MobSF, Sonar, etc., - Good knowledge of fixing quality issues from Checkmarx and fixing issues from Penetration Testing **Nice to have skills:** - AWS/Azure or any cloud exposure - SSO, LDAP, OAuth, SSL integration - Experience in emerging technologies such as IoT, AI/ML, etc. - Awareness of enterprise Mobile Application Management (MAM)/Mobile Device Management (MDM) frameworks such as Microsoft Intune, Citrix Endpoint Management will be a plus - More advanced data handlers such as WebSockets and Offline mobile applications - Awareness of Enterprise mobile applications and data protection policies and methods would be a plus EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As a Staff Application Security Engineer at Zscaler, you will be an integral part of the Product Security team. You will report to the Director of Vulnerability Management and play a vital role in conducting comprehensive static and dynamic analysis of applications to detect and address security vulnerabilities at an early stage of the development process. Your responsibilities will include implementing Software Composition Analysis (SCA) tools to manage open-source components, ensuring their security and up-to-date status. Additionally, you will be responsible for assessing and securing containerized environments and Infrastructure as Code (IAC) deployments, emphasizing the adherence to security best practices to safeguard the infrastructure against potential threats. To be successful in this role, you should possess expertise in DevSecOps, with a minimum of 4 years of hands-on experience in deploying and managing security protocols such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), or Infrastructure as Code (IaC). Proficiency in application security tools like Snyk, Semgrep, Coverity, and knowledge of dependency management tools is essential. You should have a strong understanding of secure coding practices, vulnerability management, remediation techniques, and expertise in source control and CI pipelines. Preferred qualifications include experience as a software developer or in a DevSecOps position, proficiency in programming languages like Java, Python, JavaScript, C/C++, and Golang. Extensive experience in Cloud Security is desirable, with the ability to secure cloud environments in AWS, Azure, and Google Cloud, along with knowledge of cloud-native security tools and methodologies. Joining Zscaler means becoming part of a diverse and inclusive team that values collaboration and belonging. Our comprehensive Benefits program supports employees and their families at various life stages, offering health plans, vacation and sick time off, parental leave options, retirement plans, education reimbursement, in-office perks, and more. By applying for this role, you agree to comply with applicable laws, regulations, and Zscaler policies related to security, privacy standards, and guidelines. Zscaler is committed to providing reasonable support and accommodations in recruiting processes for candidates with different abilities, long-term conditions, mental health conditions, religious beliefs, neurodiversity, or pregnancy-related support.,

DevSecOps Engineer Experience: 5 to 9 Years Budget: Up to 36 LPA Location: Hyderabad, Bangalore, Pune, Gurgaon, Chennai Notice Period: Immediate Joiners Only About the Role: Were seeking a skilled DevSecOps Engineer with a strong security mindset and hands-on experience in secure cloud deployments. This role demands practical knowledge of cloud platforms, Infrastructure as Code (IaC), CI/CD pipelines, and modern security tooling. You will be at the forefront of embedding security in every stage of the software development lifecycle. Key Skills & Responsibilities: Cloud: Experience with Azure or AWS IaC Tools: Expertise in Terraform Containerization: Working knowledge of Kubernetes CI/CD: Hands-on with any modern CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI, etc.) Security Tools (any): WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot Secret Management: Experience with HashiCorp Vault or Akeyless DevSecOps: Strong experience in integrating security into DevOps pipelines Mandatory Requirement: Security experience is mandatory DevSecOps exposure is highly preferred

Position: Java Cloud Developer Location: Jaipur (WFO) Experience: 7+ Years Location: Jaipur , BLR , Hyderabad and Pune Quick Reach Appy directly on Form Link : https://forms.gle/2ZkjYhAcMztSnuH87 Required Parameters: 7+ years of hands-on experience in Java development and cloud-native application architecture Strong expertise in Java (8/11/17+) , with solid understanding of OOP, design patterns, and multithreading Proficiency with Spring Framework (Spring Boot, Spring MVC, Spring Cloud) and Hibernate/JPA Extensive experience with cloud platforms : AWS, Azure, or Google Cloud Platform Deep understanding of microservices architecture , API design (REST/GraphQL), and service orchestration Experience with CI/CD pipelines (Jenkins, GitLab CI/CD, GitHub Actions, or Azure DevOps) Strong exposure to Docker , Kubernetes , and containerized deployments Experience with Infrastructure as Code (Terraform, CloudFormation, or Pulumi) Familiarity with NoSQL & SQL databases : MongoDB, PostgreSQL, MySQL, DynamoDB Proficient in API integration, cloud security best practices, and modern deployment strategies Excellent troubleshooting, debugging, and performance optimization skills Key Responsibilities Cloud-Native Application Development Design and develop scalable microservices using Java (Spring Boot) deployed on AWS/Azure/GCP Build RESTful APIs and integrate third-party services to support complex business workflows Implement secure, high-performance back-end systems for web/mobile applications Cloud Engineering & Infrastructure Deploy and manage cloud resources using IaC tools like Terraform or CloudFormation Configure and monitor compute, storage, and networking services (EC2, S3, Lambda, Azure Functions, etc.) Apply cloud security best practices and ensure resiliency and high availability of applications DevOps & CI/CD Integrate code repositories with CI/CD pipelines for seamless build, test, and deploy cycles Automate unit/integration testing and container deployment using Docker and Kubernetes Monitor cloud applications using tools like Prometheus , Grafana , CloudWatch , or ELK Collaboration & Agile Delivery Collaborate with cross-functional teams including frontend, QA, DevOps, and Product Managers Participate in sprint planning, code reviews, and architectural discussions Write clean, maintainable, and well-documented code following industry best practices Monitoring & Optimization Implement logging, alerting, and application performance monitoring Continuously optimize existing services for cost, performance, and reliability Conduct root cause analysis and troubleshoot production issues with minimal downtime Nice to Have / Bonus Skills Experience with Serverless Architectures (AWS Lambda, Azure Functions) Exposure to message brokers (Kafka, RabbitMQ, SQS) Knowledge of OAuth2.0, JWT , and Spring Security Familiarity with GraphQL APIs Understanding of event-driven architecture and CQRS patterns Website : www.medhansolutions.com, HR Consulting Quick Reach Appy directly on Form Link : https://forms.gle/2ZkjYhAcMztSnuH87

Job Responsibilities • Support asset development, process establishment. • Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing andanalysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. • Reporting/Dashboarding/Retesting and participation in conference calls with clients to review assessment results and consult with the clients on remediation options. • Participating/Driving conference calls with potential clients to scope out newly requested security projects and estimate effort and resource requirement to complete the project etc. Skills Required Mandatory: • 7+ years of strong Application Security experience in S-SDLC Threat Modeling, Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing, Firmware Assessment. • Expert in Application Security process establishment. • Through exposure on DevSecOps implementation/integration. • Deep hands on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. • Security tool experience - • HCL AppScan/CheckMarx/Veracode/Fortify /BurpSuite/Nmap/Nessus/Metasploit • Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. • Independent global client handling AppSec delivery exposure. >=2years. • Moderate exposure on AppSec technical solutioning, estimation and RFP/RFI response, Client presentation. • Excellent interpersonal skill.

Support asset development, process establishment. Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. Mandatory: 5+ years of strong Application Security experience in S-SDLC Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing Hands on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. Security tool experience - HCLAppScan/CheckMarx/Fortify/Veracode/Burp Suite Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. Independent global client handling AppSec delivery exposure. >=2 years. Excellent interpersonal skill.

Acclivis Technologies is a high-end services company managed by technically qualified professionals with a collective experience of more than 200 man-years in product engineering services, providing custom solutions to meet client requirements. We are currently looking for talented and enthusiastic team members who have a passion for technology and creativity to join us. As a Senior Architect for Android Automotive (AAOS) with 8+ years of experience (strong AAOS experience preferred), you will be responsible for architecting and designing scalable Android Automotive applications and platform components. Your key responsibilities will include driving technical decisions on app structure, performance, and security, leading design discussions, code reviews, and solution evaluations, as well as collaborating with cross-functional teams including product owners, testers, UI/UX designers, and OEM clients. You will also guide development teams on best practices, coding standards, and platform architecture, debug complex issues across system layers, and contribute to CI/CD and automation pipelines. Additionally, you will integrate new technologies like Jetpack Compose, Automotive SDKs, and OEM APIs, while ensuring compliance with standards such as CTS, VTS, and ATS. To excel in this role, you must possess expertise in Android development, be proficient in Kotlin and Java with excellent knowledge of Android app architecture, and have hands-on experience with Android Studio, ADB, Gradle, SDK/AVD Manager, Git, and debugging tools. A deep understanding of Jetpack libraries, Material Design, Android Managers, and AAOS APIs, as well as strong UI/UX design skills for scalable, responsive apps supporting RTL and multiple screen sizes, are essential. Your architectural and system-level thinking skills will be put to the test as you leverage your experience with Clean Architecture, MVVM, MVI, or similar patterns, in-depth knowledge of Android lifecycle, system services, and custom embedded environments, and expertise in handling system-level issues, certification compliance (CTS/VTS), and custom ROM setups. Furthermore, advanced technical proficiency in RxJava, Kotlin Coroutines, and Flows for concurrency, secure coding practices with tools like SonarQube, Checkmarx, testing experience including TDD, unit testing, and compliance verification, and performance tuning using tools like ADB Profiler, Trace, Perfetto, will be required for this role. In addition to your technical skills, you will need to demonstrate strong leadership and communication abilities, including mentoring, team guidance, and review process ownership, the ability to evaluate multiple technical paths and recommend best-fit solutions, and fluency in English with clear communication in cross-cultural teams. If you are ready to take on this challenging and rewarding opportunity, we invite you to apply and become a valuable part of our dynamic team at Acclivis Technologies.,

Roles & responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Experience in one or more of the following is a plus: mobile application testing, Web application pen testing, application architecture, and business logic analysis. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in the development of web applications and/or APIs. should be able to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred: GWAPT, CREST, OSCP, OSWE, OSWA

The Digital Software Engineer Senior Analyst role involves developing digital applications for digital channels such as Mobile and Internet banking using the latest cloud native technologies and frameworks. As a full stack Developer, you will focus on the Investment domain, ensuring the compatibility of applications with internet and mobile touch points. Your responsibilities will include working on various phases of the SDLC lifecycle, including Design, development, Unit Testing, and Performance testing. Additionally, you will collaborate with business users and Business analysts to comprehend requirements and translate them into business logic. You will be accountable for writing code on one or more development platforms to deliver features, with guidance from senior engineers. Your role will also encompass applications systems analysis, programming activities, feasibility studies, time and cost estimates, and implementation of new or revised applications systems and programs. Moreover, you are expected to develop secure, stable, testable, and maintainable code for Omni-channel Web applications and micro services following Agile SDLC. Furthermore, you will need to understand Customer Journeys and high-level solution design to scope out necessary changes and create technical specifications for Application modules. Participation in daily stand-up calls, execution of work in-line with agile practices, writing unit-test cases, and ensuring adherence to CICD pipeline criterion to meet quality gates are part of your responsibilities. You will also onboard components on source code repositories, conduct application sanity and validation, and provide support for QA, performance, and VA testing. Your role will involve optimizing the performance, quality, and responsiveness of Web/Micro services, as well as providing support for the running production environment and adhering to internal safe coding practices. Additionally, you are expected to actively participate in the training process to enhance your skills and knowledge of software & Citi applications. Your qualifications should include a minimum of 8 years in a product development/product management environment, strong analytical and quantitative skills, experience in an agile methodology, and familiarity with front end development languages and frameworks. The ideal candidate should also have experience in the Investment domain, knowledge of OWASP top 10 security vulnerabilities, experience with CI/CD processes, and familiarity with various development and testing tools. Excellent written and oral communication skills are essential for this role. A Bachelors/University degree or equivalent experience is required for this position. If you are a person with a disability and require a reasonable accommodation to use the search tools or apply for a career opportunity, please review Accessibility at Citi. You can also refer to Citi's EEO Policy Statement and the Know Your Rights poster for further information.,

As a Senior Software Engineer specializing in Mobile Apps Testing, you will play a crucial role in ensuring that our products maintain the high standards expected by our customers. Your responsibilities will involve enhancing existing functionalities, updating outdated features, and contributing to the development of cutting-edge solutions for mobile platforms. Are you ready to be part of a dynamic team that is dedicated to innovation and excellence With 5 to 8 years of experience in automation testing, you will collaborate with a skilled group of developers and test engineers to create high-performance mobile applications for iOS and Android devices. Your main focus will be on delivering Quality Engineering services, including code quality, testing services, mobile test automation, development collaboration, and continuous integration. Additionally, you will be expected to have a deep understanding of BDD/TDD practices, code review techniques, and open source agile testing frameworks. Your role will involve authoring automated test suites for mobile apps and APIs, conducting ad hoc and exploratory testing to ensure system functionality, and interpreting user stories to align testing tasks with various levels of testing. You will actively participate in enhancing quality assurance best practices and engage with different technology teams to define project scopes and deliver services effectively. To excel in this position, you must possess a keen eye for detail and a strong Java coding background for mobile test automation. Experience with Android and iOS mobile automation frameworks such as APPIUM, Cucumber, Jbehave, Xcode, and TestNG is essential. Proficiency in STLC and SDLC, along with expertise in testing web services and APIs, will be valuable assets. Your ability to create effective acceptance and integration test automation scripts, integrate with continuous integration tools like Jenkins, and uphold coding best practices will be critical to your success. Candidates with a passion for code quality, familiarity with Linux/Unix environments, and knowledge of Java, Spring, Junit/TestNG, Eclipse/Intellij IDE, Rest Assured, Jbehave/Cucumber frameworks, databases, APIs, and continuous delivery concepts will thrive in this role. Strong communication skills, a proactive approach to problem-solving, and the ability to work well under pressure are also key attributes we are seeking. Experience with Groovy or Spock framework would be advantageous. In addition to your technical responsibilities, you will be entrusted with upholding corporate security standards by adhering to Mastercard's security policies, safeguarding information integrity, promptly reporting security concerns, and completing mandatory security training sessions as per guidelines. If you are ready to embark on a challenging yet rewarding journey in mobile apps testing, we invite you to join our team and contribute to driving innovation in a world beyond cash.,

We are searching for an experienced VAPT professional to join our cybersecurity team. You should possess a solid background in recognizing, evaluating, and mitigating security vulnerabilities in network and application environments through thorough penetration testing and vulnerability assessments. ProTechmanize Solutions, an Information Technology product and services company, founded by professionals with over 20 years of collective experience in Cyber Security, Information Technology, IT Security & Software Development, is where you will be working. The ProTechmanize team is dedicated to offering the right solutions and services to customers through customized programs. Your responsibilities will include conducting regular vulnerability assessments of network infrastructure, applications, and systems, performing detailed penetration tests to simulate cyberattacks and identify vulnerabilities, preparing comprehensive reports of findings with recommended remediation actions, collaborating with IT and development teams to address vulnerabilities, utilizing security tools like Nessus, Metasploit, and Burp Suite, providing expert advice on security posture improvement, and staying updated on security trends and technologies. To be a suitable candidate, you must have a Bachelor's degree in Computer Science, Information Security, or a related field, along with 1.5+ to 4 years of hands-on experience in vulnerability assessment and penetration testing. Proficiency in domains such as Application security OWASP, API security testing, Network security & Mobile app security, exposure to Secure Code Review using Checkmarx or HP Fortify, and a strong understanding of common attack vectors, vulnerability exploitation techniques, and security testing methodologies are essential. In addition to technical skills, soft skills such as excellent analytical and problem-solving abilities, strong verbal and written communication skills, and the capacity to work collaboratively with cross-functional teams in a fast-paced environment are vital for this role. Please note that only candidates with the required experience should apply for this position, as it necessitates hands-on experience in VAPT.,

o Experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux Perform automated testing of running applications and static code (SAST, DAST).