12 Csslp Jobs

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role We are looking for a skilled professional to join our Information Security Team as a DevSecOps Manager. As a DevSecOps Manager, you will be responsible for implementation of Security tools in DevOps CI/CD (Continuous integration/Continuous Delivery) pipeline and publish security standards and best practices for Developers teams. Key Responsibilities Identifying Vulnerabilities: Enable automated security scanning process to identify the known vulnerabilities in source code, Open-source library, and configuration. Provide technical leadership and direction in the DevSecOps domain. Analysis: Troubleshoot DevSecOps pipeline implementation issue and support for successful deployment. Implement DevSecOps with multiple agile teams across various platforms, environments, and instances. Implement Automated DevSecOps template-based solutions for cloud environments. Implement Security Measures: Understand the Security Requirements & Implement the new DevSecOps process. Integrate, Monitor and Improve Cloud Security controls via DevSecOps process in existing DevOps process. Perform assessment and help to mitigate Security findings and implement improvement Security measures. Configure Cloud Security Tools/Systems in a CI/CD Pipelines. Implementing Security scanning into Jenkins, Code Pipeline, and DevOps workflows. Define gating process metrics for security and implement in DevSecOps. Employ infrastructure as code to increase automation, scalability, and reliability. Reporting: Prepare and provide necessary metrics, detailed reports, artifacts, executive summary and dashboard to leadership on a regular frequency. Build and maintain a set of tools that enable developers to self-serve for remediation. Monthly Dashboard Reporting for Leadership. Collaborate: Capable of working in a dynamic environment, multi-department coordination and attaining the target. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications: CSSLP, CISSP, GPEN, ECSA, CEH, CISM, CISA, or equivalent. Compliance: Good understanding of cyber security trends & hacking techniques. Experience in analysing threats of cloud and application components. Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance. Ability to review assessment reports to provide risk mitigation & recommendations on that basis. Technical Skills: Experience with various application security tools including SAST, DAST, Software composition analysis and application Penetration testing. Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Gitlab, Bitbucket, etc. Knowledge of Agile and Scrum processes. Understanding of virtualization and container technologies (Docker, Kubernetes, etc). Communication Skills: Outstanding communication abilities. Ability to effectively communicate the required recommendations. About the Business Group ICICI Banks Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

The Impact You'll Make Danfoss Power Solutions designs and manufactures a complete range of engineered components and systems. From hydraulics and electrification to fluid conveyance, electronic controls, and software, our solutions are engineered with an uncompromising focus on quality, reliability, and safety. Join us at our site in Pune/ Remote as a Cyber Security Embedded Software Engineer (m/f/d) to contribute to state-of-the-art secure solutions in our product designs. What You'll Be Doing As a Cyber Security Embedded Software Engineer for Embedded Operating Systems (EOS), you are a security expert ensuring that we develop and implement secure designs in our EOS products which protect us against all types of cybercrime techniques for hardware and embedded software. To be more precise, your tasks will be the following: - Designing and implementation of cyber security technical measures (Secure Boot and Secure Software update mechanisms, etc.) - Defining/reviewing technical security requirements - Vulnerability assessments, classifying, prioritizing, and fixing issues - Conducting Threat Assessment for new and existing products - Responding to incidents and implementing corrective measures for security breaches - Cyber Security Culture development through team internal training and coaching What We're Looking For For this position, you have an educational background in Embedded Software or a similar field and several years of practical experience from a similar role. Further requirements are: - Experience with systematic embedded software development - Expertise in international cyber security regulation and standards - CISSP, CSSLP, or CEH certification preferred - Great team-player qualities and the ability to work in a cross-functional environment - Creative, analytical, structured, and proactive approach as well as a positive mindset - Fluency in English What You'll Get from Us We promote from within and support your learning with mentoring, training, and access to global opportunities. You'll have flexibility, autonomy, and support to do your best work while maintaining a healthy work-life balance. Your well-being matters to us. We strive to create an inclusive work environment where people of all backgrounds are respected and valued for who they are. You'll receive benefits like the 13th salary, annual bonus, paid vacation, pension plans, personal insurance, and more. These vary by country and contract, but they're worth asking aboutwe think they're pretty great. Ready to Make a Difference If this role excites you, we'd love to hear from you! Apply now to start the conversation and learn more about where your career can go with us.,

Support asset development, process establishment. Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. Mandatory: 5+ years of strong Application Security experience in S-SDLC Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing Hands on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. Security tool experience - HCLAppScan/CheckMarx/Fortify/Veracode/Burp Suite Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. Independent global client handling AppSec delivery exposure. >=2 years. Excellent interpersonal skill.

Dear Candidate, We are hiring a Security Engineer to design and implement security measures that protect IT systems, data, and networks against threats and breaches. Key Responsibilities: Design and deploy security solutions such as firewalls, IDS/IPS, and endpoint protection. Conduct vulnerability assessments, penetration tests, and threat modeling. Monitor systems for security incidents and respond promptly. Ensure compliance with security standards (ISO 27001, NIST, etc.). Collaborate with DevOps and IT teams to embed security best practices. Required Skills & Qualifications: Proficiency in security tools (Nessus, Metasploit, Splunk, Wireshark). Strong understanding of network and application security. Knowledge of cloud security (AWS, Azure, GCP). Experience with encryption, IAM, and incident response. Security certifications preferred (CISSP, CEH, OSCP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

We are seeking an experienced Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for conducting SSDLC security assessments, integrating security throughout the software development lifecycle, and ensuring that applications meet the highest security standards before deployment. Your key responsibilities will include conducting internal and third-party SSDLC risk assessments on critical assets and processes, coordinating with project teams to enforce security frameworks in all phases of the SSDLC, and preparing security effectiveness reports for management. You will also be tasked with performing SSDLC assessments aligning with security practices, ensuring that new applications undergo SSDLC assessments before induction into data centers, and defining and enhancing application security requirements for agile development and traditional architectures. Additionally, you will assist DevSecOps teams in creating secure CI/CD pipeline processes, follow up on and escalate closure of identified security gaps, and contribute to standardizing application security tools and methodologies. The ideal candidate should have at least 6 years of experience in Information Security with a focus on application and software security, along with 4 years of experience in software development lifecycle security reviews. You should also possess expertise in architecture reviews, software design reviews, threat modelling, and design flaw assessments, as well as hands-on experience with SAST, DAST, SCA, IAST, RASP, and other application analysis tools. Familiarity with OWASP, SANS, ISACA, NIST, IETF best practices is required, and the ability to develop detailed security frameworks for developers to integrate into the SDLC is essential. Preferred certifications include CISSP, CSSLP, Cloud Security Certifications, and DevSecOps Automation Certifications. If you meet these qualifications and are passionate about enhancing application security, we encourage you to apply for this position.,

As an IT Application Owner (ITAO) at Home Loan Savings, you will be a crucial part of the team in India, collaborating closely with the existing team in Germany. Your role will involve leveraging virtual collaboration techniques and the diversity within the team to achieve continuous delivery, process improvement, and internalization of technical expertise. Your responsibilities will include working closely with business and operational units, as well as the development team, to ensure the structural stability of applications and compliance with technical, risk, and policy-related processes. You will also be responsible for managing the technical roadmap of applications in alignment with Deutsche Bank's digitalization journey. In this role, you will be responsible for setting up various environments for development, testing, and production, as well as implementing and upgrading system hardware and application software. Additionally, you will lead discussions with the business and vendors for new requirements, product implementation, customization, and enhancements. You will oversee the delivery of application releases, defect fixes, and provide support to more junior team members. Key responsibilities also include ensuring application compliance with Deutsche Bank IT policies and procedures, onboarding applications onto IT risk and control related tools, interfacing with auditors, identifying IT risk and control related gaps, and managing technical projects to deliver required business services. To be successful in this role, you should have a minimum of 8 years of experience in a similar role, basic experience in databases, mid-range technical stack, and open-source skills. Knowledge of ITIL, experience with software development lifecycle tools, application governance, and Agile/SCRUM methodologies is essential. Proficiency in English is required, and German language skills are a plus. Experience in Home Loan Savings and Mortgage Lending is desirable, along with familiarity with GCP or other cloud technologies. You should possess strong analytical skills, problem-solving abilities, and excellent interpersonal skills. Being proactive, detail-oriented, and able to think outside the box are also essential qualities for this role. Furthermore, certifications such as COBIT, ITIL, PMP, CRISC, CSSLP, CISSP, or equivalent are preferred. As part of our team, you will receive training and development opportunities, coaching from experts, and a culture of continuous learning to support your career progression. We value a positive, fair, and inclusive work environment, where everyone is encouraged to excel together and celebrate successes. For more information about our company and culture, please visit our website at https://www.db.com/company/company.htm. Join us at Deutsche Bank Group, where we strive to empower our employees to excel together every day.,

Integrate and optimize security controls within CI/CD pipelines. Work with tools like SAST, DAST, SCA, container scanning, and secrets detection. Partner with developers, architects, and QA to embed security early in the SDLC. Reduce turnaround time and offload senior architects by handling routine and mid-complexity requests. Track request volumes, turnaround times, and quality metrics to drive continuous improvement. Hands-on experience with security tools (e.g., SonarQube, Checkmarx, Fortify, Aqua, Trivy). Familiarity with container security, IaC scanning, and SBOM generation. Scripting skills (Python, Bash, or similar) for automation. Excellent communication and documentation skills. Knowledge of CNAPP, secure design patterns, and cloud-native security. Certifications such as CSSLP, GCSA, or equivalent are a plus.

As an IT Application Owner (ITAO) at Home Loan Savings, you will be responsible for collaborating with business and operation units, as well as the development team, to ensure structural stability of applications, compliance with technical/risk/policy processes, and managing the technical roadmap in alignment with Deutsche Bank's digitalization strategy. You will be part of a team in India working closely with a team in Germany, leveraging virtual collaboration techniques and diverse expertise to achieve continuous delivery and process improvement. Your key responsibilities will include maintaining application compliance with IT policies, setting up development and production environments, leading discussions with business and vendors for new requirements, delivering application releases and defect fixes, as well as assisting junior team members. You will also be involved in enterprise IT governance, information security, knowledge management, and various other aspects of application support and management. In terms of skills and experience, you should have a minimum of 8 years experience in a similar role, with basic knowledge of ITIL and experience in database, mid-range technical stack, and open-source skills. Familiarity with tools across the Software Development Lifecycle/DevOps, application governance, and Agile/SCRUM methodologies is essential. Knowledge of Home Loan Savings and Mortgage Lending is advantageous, along with experience in GCP or other Cloud technologies. Certifications such as COBIT, ITIL, PMP, CRISC, CSSLP, or CISSP are preferred. You should possess strong communication skills, the ability to manage unexpected events efficiently, and a proactive approach to problem-solving. Fluency in English is required for stakeholder interaction, and knowledge of German is a plus. People skills such as end-to-end ownership, performance orientation, analytical abilities, and a flexible working approach are crucial for success in this role. The benefits offered include a best-in-class leave policy, gender-neutral parental leaves, childcare assistance, industry-relevant certifications sponsorship, employee assistance program, comprehensive insurance coverage, and more. Training, coaching, and a culture of continuous learning are provided to support your career development. Deutsche Bank fosters a culture of empowerment, responsibility, commercial thinking, and collaboration, where employees are encouraged to excel together. Diversity and inclusivity are promoted, creating a positive and fair work environment for all.,

Job Description As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. Provide security guidance and best practices to engineering teams throughout the software development lifecycle. Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. Perform security assessments, including threat modeling and architecture reviews for new features and applications. Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. Deliver secure coding training and resources to engineering teams to foster a security-first culture. Things You Will Need to Be Successful in This Role Typically requires a minimum of 5 years of related experience with a Bachelors degree; or 3 years and a Master’s degree; or a PhD without experience; or equivalent work experience. Proficiency with code scanning tools. Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. Strong analytical skills to interpret scan results and prioritize remediation efforts. Certifications (Preferred): CSSLP or relevant security certifications. Excellent communication and collaboration skills to work effectively with cross-functional teams. A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle.

Cybersec Security Advisor Job description: Are you passionate about tackling complex data problems? Do you thrive on using your analytical and cybersecurity skills to solve large-scale challenges? Are you intrigued by the intersection of complex business processes and data-driven approaches? If so, we'd love to hear from you! At Schneider Electric, we are undergoing a transformative journey by leveraging Artificial Intelligence & Automation technologies to empower users with Machine Learning and Cognitive computing, driving business value. Simultaneously, as the number of cybersecurity threats continues to grow, we recognize the importance of having a comprehensive cybersecurity approach across our solutions to safeguard our business and customers. We seek a cybersecurity professional to join our AI Digital Risk Leader & Data Officer team to drive the implementation of Secure development process in our AI organization. To ensure a cohesive cybersecurity strategy implemented throughout our AI HUB, you will collaborate closely with AI Cybersecurity teams but also Autonomous spokes team in NAM and GSC. The role The Security Advisor is responsible for the adoption and implementation of the SDL framework following the Schneider Electric SDL V2 process and in compliance to the SE SDL Policy and other cybersecurity policies, procedures, and best practices, and to advise on cybersecurity technical requirements for the development of secure products and systems. The Security Advisor regularly interacts with key stakeholders (including representatives from marketing, R&D offer development, technical leaders, and leadership team members) as well as stakeholders from the Business Unit Security Team and the corporate Product Security Office (PSO) to ensure that cybersecurity guidelines and processes are executed in an efficient and effective manner. Key Responsibilities for the Role • Act as Subject Matter Expert, serve as a consultant and advisor for cybersecurity topics within AI development teams. Provide guidance, coaching and expertise to execute SDL practices such as threat modelling, secure design practices, secure coding and implementation, and security testing. • Gather SDL and Cybersecurity metrics to contribute to data driven strategies and plans to aid in the deployment of SDL and cybersecurity functionality as required by cybersecurity standards such as IEC62443, and to further improve SDL and Cybersecurity effectiveness and efficiency. • Ensure that their assigned development teams abide with risk-driven cybersecurity processes and controls. • Support development teams to manage vulnerability triage and resolution • Support internal SDL audits and Formal Cybersecurity Reviews (FCSRs) and other supported Schneider data security and privacy processes. • Conduct training and presentations to build cybersecurity competencies within teams. • Track organizational maturity using cybersecurity maturity frameworks and track other SDL-related goals as directed. Qualifications - External Key skills and requirements • Ability to align operational/information security policies with business requirements. • Process driven with attention to detail, ability to translate operational/information security requirements into security controls in coordination with architects. • Ability to effectively adapt to and apply rapidly changing technology and security requirements to business needs. • Knowledge of static code analysis tools, secure coding standards, fuzz and penetration testing, and formal security reviews. • Working knowledge of security and privacy standards, regulations, and legislation. • Demonstrated ability to develop threat models, analysing threats, and rate threat severity using established industry practices • Experience with AI and ML technologies and services (Machine Learning, Conversational AI, Computer Vision, No Code / Low Code AI) Qualifications & Experience • Customer-oriented with a service-oriented attitude (flexible, personable, and approachable) • Certification in Cybersecurity Management such as CISSP, CSSLP; and/or IEC 62443 Certified Specialist. • Experience of working in an Engineering/R&D group following a Secure Development Lifecycle based on standards such as IEC 62443, ISO 21434, or Microsoft SDL; with a proven ability to engage with management and development teams. • Experience guiding and assisting organizations in implementing security product/system development practices. • Experience in driving corporate programs using influence, negotiation, and persuasion soft skill set. • An understanding of domain appropriate communication mechanisms protocols • Strong communication skills, including the ability to render concise reports, summaries, and presentations. • Project management or technical leadership skills preferred.

Essential Services : Role & Location fungibility About the role We are looking for a skilled professional to join our Information Security Team as a DevSecOps Manager. As a DevSecOps Manager, you will be responsible for implementation of Security tools in DevOps CI/CD (Continuous integration/Continuous Delivery) pipeline and publish security standards and best practices for Developers teams. Key Responsibilities Identifying Vulnerabilities Enable automated security scanning process to identify the known vulnerabilities in source code, Open-source library, and configuration. Provide technical leadership and direction in the DevSecOps domain. Analysis Troubleshoot DevSecOps pipeline implementation issue and support for successful deployment. Implement DevSecOps with multiple agile teams across various platforms, environments, and instances. Implement Automated DevSecOps template-based solutions for cloud environments. Implement Security Measures Understand the Security Requirements & Implement the new DevSecOps process. Integrate, Monitor and Improve Cloud Security controls via DevSecOps process in existing DevOps process. Perform assessment and help to mitigate Security findings and implement improvement Security measures. Configure Cloud Security Tools/Systems in a CI/CD Pipelines. Implementing Security scanning into Jenkins, Code Pipeline, and DevOps workflows. Define gating process metrics for security and implement in DevSecOps. Employ infrastructure as code to increase automation, scalability, and reliability. Reporting Prepare and provide necessary metrics, detailed reports, artifacts, executive summary and dashboard to leadership on a regular frequency. Build and maintain a set of tools that enable developers to self-serve for remediation. Monthly Dashboard Reporting for Leadership. Collaborate Capable of working in a dynamic environment, multi-department coordination and attaining the target. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications CSSLP, CISSP, GPEN, ECSA, CEH, CISM, CISA, or equivalent. Compliance Good understanding of cyber security trends & hacking techniques. Experience in analysing threats of cloud and application components. Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance. Ability to review assessment reports to provide risk mitigation & recommendations on that basis. Technical Skills Experience with various application security tools including SAST, DAST, Software composition analysis and application Penetration testing. Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Gitlab, Bitbucket, etc. Knowledge of Agile and Scrum processes. Understanding of virtualization and container technologies (Docker, Kubernetes, etc). Communication Skills Outstanding communication abilities. Ability to effectively communicate the required recommendations.

Dear Candidate, We are hiring a Security Engineer to design and implement secure systems across cloud and application environments. Ideal for engineers excited about threat modeling and proactive defense. Key Responsibilities: Perform security assessments and code reviews Develop security policies and incident response procedures Implement security controls in cloud and on-prem environments Monitor for vulnerabilities and recommend mitigation Required Skills & Qualifications: Knowledge of OWASP Top 10, secure coding practices Experience with SIEM, IDS/IPS, and vulnerability scanners Familiarity with cloud security (AWS, Azure, GCP) Bonus: Certifications (CISSP, CEH, OSCP) Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies