232 Checkmarx Jobs - Page 9

You will be responsible for conducting application security reviews for Web, Mobile (Android and iOS), and API technologies. Your role will involve assessing and identifying potential vulnerabilities in the technology being developed before implementation. You should have expertise in application security testing methodologies such as SAST, DAST, and MAST, with experience in web application, API security, and mobile application security testing according to industry standards like OWASP top 10, SANS top 25, etc. It would be beneficial to have knowledge of programming and scripting languages such as Java, JavaScript, Angular, Spring Boot, Kotlin, and Swift. Familiarity with tools like Burp Su...

KPMG entities in India are professional services firm(s) affiliated with KPMG International Limited, established in August 1993. Our professionals leverage the global network of firms, understanding local laws, regulations, markets, and competition. With offices across India, in cities like Ahmedabad, Bengaluru, Mumbai, and more, we offer services to national and international clients across various sectors. Our focus is on delivering rapid, performance-based, industry-focused, and technology-enabled services, showcasing our understanding of global and local industries and the Indian business environment. As a Security Code Reviewer at KPMG in India, your primary responsibilities will includ...

Role Overview The ideal candidate will be responsible for overseeing **Static Application Security Testing (SAST)** and **Software Composition Analysis (SCA)** processes, strong secure coder, ensuring secure coding practices, and managing security risks within the software development lifecycle (SDLC). This role requires close collaboration with development, DevSecOps, and risk management teams to identify and remediate vulnerabilities effectively. Key Responsibilities 1. SAST & SCA Strategy and Implementation Define, implement, and manage **SAST & SCA frameworks** to secure the banks applications. Lead the integration of security tools (e.g., Fortify, Checkmarx, SonarQube, Veracode, Snyk, B...

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite...

Work within theCybersecurity domainfocusing onautomated security testingto improve the security posture of products and systems. Supportengineering communityin building and maintainingsecure cloud infrastructure. Conductthreat modeling,security architecture reviews, andrisk assessments. Design and operate tools that enhance visibility and remediate security issues acrosscloud-native environments. Champion secure development practices withinAgile teams. Build and operate security tooling and controls that scale with infrastructure. Ensuresecurity complianceand contribute to internal and external audits. Requirements : 6 to 12 yearsexperience in cybersecurity architecture and infrastructure se...

Work within theCybersecurity domainfocusing onautomated security testingto improve the security posture of products and systems. Supportengineering communityin building and maintainingsecure cloud infrastructure. Conductthreat modeling,security architecture reviews, andrisk assessments. Design and operate tools that enhance visibility and remediate security issues acrosscloud-native environments. Champion secure development practices withinAgile teams. Build and operate security tooling and controls that scale with infrastructure. Ensuresecurity complianceand contribute to internal and external audits. Requirements : 6 to 12 yearsexperience in cybersecurity architecture and infrastructure se...

Work within theCybersecurity domainfocusing onautomated security testingto improve the security posture of products and systems. Supportengineering communityin building and maintainingsecure cloud infrastructure. Conductthreat modeling,security architecture reviews, andrisk assessments. Design and operate tools that enhance visibility and remediate security issues acrosscloud-native environments. Champion secure development practices withinAgile teams. Build and operate security tooling and controls that scale with infrastructure. Ensuresecurity complianceand contribute to internal and external audits. Requirements : 6 to 12 yearsexperience in cybersecurity architecture and infrastructure se...

We are seeking a skilled and motivated DevOps Engineer to join our dynamic team. The ideal candidate will have a strong background in CI/CD pipelines, cloud infrastructure, containerization, and automation, along with basic programming knowledge.

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to exp...

Job Description Job Description: Azure Kubernetes Service (AKS) Expertise: Hands-on experience in deploying, managing, and troubleshooting applications on AKS. Proficiency in Kubernetes orchestration, including pods, services, deployments, and scaling. Configuration Management and Automation: Proficiency in Ansible for automation and configuration management. Strong scripting skills in Shell and PowerShell for task automation and system management. CI/CD and Version Control: Experience with GitHub Actions for continuous integration and deployment workflows. Ability to write and maintain YAML-based CI/CD pipelines. Familiarity with version control systems, particularly Git. Security Tooling: ...

Position Purpose The purpose of the position is to help with the information security topics mentioned in the direct responsibilities. Responsibilities Direct Responsibilities - Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting...

Participate in team prioritization discussions with Product/Business stakeholders Estimate and own delivery tasks (design, dev, test, deployment, configuration, documentation) to meet the business requirements Automate build, operate, and run aspects of software Drive code/design/process trade-off discussions within their team when required Report status and manage risks within their primary application/service Drive integration of services focusing on customer journey and experience Perform demos/acceptance discussions in interacting with Product owners Understands operational and engineering experience, actively works to improve experience and metrics in ownership area Develop complete und...

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Additional Responsibilities: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting...

JOB DESCRIPTION ACI Worldwide Inc. (:) is acompany headquartered inElkhorn NebraskaACI develops a broad line of software focused on facilitating real-time electronic payments. These products and services are used globally by,such as third-party electronic, payment associations, switch interchanges,, corporations, and a wide range of transaction-generating endpoints, including(ATM), merchant(POS) terminals, bank branches,,,, and internet commerce sites In short, we're helping banks, merchants and billers capture rising real-time opportunities and volumes, all to meet the shifting needs of their consumers and business customers. Our people are the core of our business and our team represents a...

Work on a balanced product team to define, design, develop/deploy React based front-end on GCP platform. Additionally,will conduct proof-of-concepts to support new features,ensure quality,timely delivery using Agile XP practices. Required Candidate profile Good knowledge on code quality tools (42Crunch, SonarQube, CheckMarx, etc) GIT hub, Jenkins, Maven, Gradle, etc 3+ years of work experience in Agile project involvement, Software Craftsmanship

Job Description -: Experience of 4+ years • Hands-on experience of conducting security assessments of Web Applications, Mobile Applications, Web Services/APIs, Thick-clients. • Experience in tools such as burpsuite, nessus, nmap, acunetix, metasploit, checkmarx, etc. • Experience with Open Web Application Security Project (OWASP),SANS, Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. • Ability to explain technical vulnerabilities to both technical and non technical audience highlighting business risk. • Knowledge of at least one cloud technology (AWS, Azure,GCP) is desirable, preferrably AWS and Azure. • Good understanding of coding best practices and standar...

Responsibilities Be hands-on in the design and development of robust solutions to hard problems, while considering scale, security, reliability, and cost Support other product delivery partners in the successful build, test, and release of solutions Be part of a fast-moving team, working with the latest tools and open-source technologies Work on a development team using agile methodologies. Understand the Business and the Application Architecture End to End Solve problems by crafting software solutions using maintainable and modular code. Participate in daily team standup meetings where you'll give and receive updates on the current backlog and challenges. Participate in code reviews. Ensure...

Role Overview: This role focuses on integrating security best practices into CI/CD pipelines and production system deployments, ensuring security is embedded throughout the software development lifecycle. As a DevSecOps Engineer, you will work closely with architecture, development, and operations teams to make security a shared responsibility across all stages of software development and deployment. Your primary responsibility will be implementing security best practices, testing, and automation tools into CI/CD pipelines and production environments using industry-standard tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and other securi...

Databuzz is Hiring for DevSecOps Engineer-4+yrs-PAN India-Hybrid Please mail your profile to haritha.jaddu@databuzzltd.com with the below details, If you are Interested. About DatabuzzLTD: Databuzz is One stop shop for data analytics specialized in Data Science, Big Data, Data Engineering, AI & ML, Cloud Infrastructure and Devops. We are an MNC based in both UK and INDIA. We are a ISO 27001 & GDPR complaint company. CTC - ECTC - Notice Period/LWD - (Candidate serving notice period will be preferred) Position: DevSecOps Engineer Location: PAN India(Hybrid) Exp -4+ yrs Mandatory skills : A security expert who can write code as needed and knows the difference between Object vs Class vs Function...

Duration: 12Months Job Type: Contract Work Type: Onsite Roles and Responsibilities: GitLab DevOps & CI/CD: Expertise in GitLab DevOps tools, CI/CD best practices, and automation. Pipeline Management: Hands-on experience in designing, implementing, and managing environment-specific pipelines. Proficiency in Shell scripting and YAML scripting for workflow automation. Experience with Terraform or ARM templates is a plus. Kubernetes: Strong expertise in Docker and Azure Kubernetes Service (AKS). Experience with Helm charts, version upgrades, monitoring, and debugging AKS workloads. Azure Experience: In-depth knowledge of Azure App Services, Function Apps, and Azure Key Vault management. Experien...

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applicati...

Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix,Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, R...

Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix,Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, R...

Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix,Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, R...

About this role: Wells Fargo is seeking a Lead Software Engineer within CT Cloud Engineering team In this role, you will: Migrate applications from TAS (formerly PCF) to OpenShift Container Platform. Contribute towards containerizing an application, by following the standard development practices. Leverage DevOps tools to migrate applications on OpenShift Container Platform. Integrate application with other middleware, monitoring, logging products to ensure smooth operations. Follow SDLC best practices, troubleshoot migration issues & be vocal as a Consultant for application teams to ease the migration journey. Collaborate and consult with key technical experts, senior technology team, and e...