161 Dast Jobs - Page 2

Strong knowledge of ASP.NET Web Forms, Windows services, C# SQL Server 2008.Hands-on experience Azure DevOps, CICDworking with DevOps Net Framework 4.x and aboveWebAPI, WCF, Microsoft reporting tool (RDL) SSRSIIS SQL designDevSecOps tests: SAST, DAST

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards.Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP

Job Tittle - Security Test Engineer Job Type: Full-time EXP 5+ Years Location - Gurgaon Roles & Responsibilities: Perform Security Assessments: Conduct various types of security testing, including: 1. Penetration Testing : Perform black-box, gray-box, and white-box penetration testing on web applications, APIs, mobile applications (iOS/Android), and network infrastructure. 2. Vulnerability Assessments : Utilize automated and manual techniques to identify security weaknesses. 3. Static Application Security Testing (SAST) : Analyze source code to identify potential vulnerabilities. 4. Dynamic Application Security Testing (DAST) : Test applications in a running state and vulnerabilities. 5. Interactive Application Security Testing (IAST) : Combine elements of SAST and DAST for comprehensive testing. 6. Configuration Reviews : Assess the security posture of various systems and applications. 7. Threat Modeling: Participate in threat modeling sessions to identify potential attack vectors and vulnerabilities early in the development lifecycle. 8. Vulnerability Management: Document identified vulnerabilities clearly and concisely, including steps to reproduce, impact, and severity. Communicate findings to development teams and stakeholders effectively. Track and manage vulnerabilities through their lifecycle, from discovery to remediation and retesting. Provide guidance and recommendations to development teams on remediation strategies. 9. Security Tooling & Automation : - Utilize and configure security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus, Acunetix, Fortify, Checkmarx, Metasploit). - Develop and implement automated security tests and scripts to improve efficiency. - Stay up-to-date with the latest security testing tools, techniques, and best practices. 10. Collaboration & Communication: - Collaborate closely with development, DevOps, QA, and product teams to integrate security into the SDLC (Secure SDLC). - Educate and mentor developers on secure coding practices and common vulnerabilities. - Participate in security code reviews. - Present security findings and recommendations to technical and non-technical audiences. 11. Research & Development: - Stay informed about emerging security threats, attack vectors, and industry trends. - Contribute to the improvement of security testing methodologies and processes. Participate in security community activities, conferences, and training. Required Skills & Qualifications : - Education : Bachelor's degree in computer science, Information Security, or a related field (or equivalent practical experience). - Experience : Mid-Level: 3-6 years of experience in security testing, penetration testing, or application security. Senior Level: 6+ years of experience in security testing, leading penetration testing engagements and architecting secure solutions. Technical Skills : - Strong understanding of web application security vulnerabilities (e.g., OWASP Top 10, SANS Top 25). o Proficiency with security testing tools (e.g., Burp Suite, OWASP ZAP, Nmap, Metasploit). - Experience with various operating systems (Linux, Windows). - Familiarity with scripting languages (e.g., Python, Ruby, PowerShell, Bash). Understanding of network protocols, firewalls, and intrusion detection/prevention systems. - Knowledge of secure coding principles and common programming languages (e.g., Java, Python, C#, JavaScript, Node.js). - Experience with cloud security (AWS, Azure, GCP) is a strong plus. Familiarity with CI/CD pipelines and integrating security into automated workflows. Soft Skills : - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences. - Ability to work independently and as part of a team. - High attention to detail and a methodical approach to testing. - Curiosity and a strong desire to learn and stay current with security trends. Desired Certifications (Plus, but not required): OSCP OSWE CEH (Certified Ethical Hacker) CompTIA Security+ SANS certifications (e.g., GWEB, GWAPT, GPEN) CSSLP (Certified Secure Software Lifecycle Professional)

Skill required: Tech for Operations - Microsoft ASP.NET Designation: SW/App/Cloud Tech Support Sr Analyst Qualifications: Any Graduation Years of Experience: 5 to 8 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationA platform to create dynamic and interactive Web applications using server-side scripting technology. What are we looking for Job SpecificationOverall Skills to manage & work on SQL & .Net technologies while working in collaborative and high-performance team environment.ResponsibilitiesFull Stack .net, MS SQL, LinQ, SQL Stored procedures, SSRSDev experience around 5+ yearsexperience with DAST/SAST vulnerabilities, scans, APIs etc. QualificationsExpertise & understanding in Full stack technologies with 5+years experience.Analytical, problem-solving skills.Strong empathy in understanding client needs/requirements.Communication and presentation skills.Representative behavior, client-facing experience.Strong team player with drive. Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Job Role : DevOps Engineer Year Of Experience- 2–3 Years Location: Ghansoli Education: BE/ B.Tech Overview : Looking for a motivated and skilled DevSecOps Engineer with 2–3 years of hands-on experience in implementing DevSecOps practices, CI/CD pipelines, and integrating security into the development lifecycle. The ideal candidate will have working knowledge of Kubernetes (K8S), cloud platforms like GKE and AKS, and build/deployment automation tools including Azure DevOps and Jenkins. Experience with security scanning tools (SAST, DAST, Fortify, SonarQube) and scripting knowledge in Groovy, ANT, and JavaScript is essential. Job Role: • Design, implement, and maintain secure and scalable CI/CD pipelines. • Integrate security tools and processes into DevOps workflows (DevSecOps). • Automate infrastructure and deployments using Azure DevOps and Jenkins. • Deployment using On-Premises K8S clusters and Manage Kubernetes clusters - GKE and AKS. • Deployment using Windows based servers - IIS • Implement and maintain Static and Dynamic Application Security Testing (SAST/DAST) tools. • Integrate and configure Fortify, SonarQube, and other security tools into pipelines. • Write and maintain automation scripts using Groovy, ANT, and JavaScript. • Collaborate with development, QA, and security teams to ensure secure software delivery. • Conduct security assessments and remediations as part of the SDLC. Required Skills & Qualifications : • Bachelor degree in Engineering or Equivalent. • 2–3 years of hands-on experience in DevSecOps / DevOps. • Strong knowledge and hands-on experience with: - Azure DevOps Pipelines and Jenkins for CI/CD. - Security tools: Fortify, SonarQube, Blackduck, DAST/SAST tools (e.g., OWASP ZAP, Burp Suite, etc.). - Kubernetes (K8s) – with GKE and AKS. • Proficiency in scripting languages such as Groovy, ANT, and JavaScript. • Basic programming / scripting capabilities to automate security checks & workflows. • Understanding of application security principles and best practices. • Experience working in Agile and collaborative team environments. • Excellent troubleshooting, documentation, and communication skills.

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Design, develop, and maintain automated test scripts using Playwright with TypeScript/JavaScript, as well as Selenium with Java, to ensure comprehensive test coverage across applications. Enhance the existing Playwright framework by implementing modular test design and optimizing performance, while also utilizing Cucumber for Behavior-Driven Development (BDD) scenarios. Execute functional, regression, integration, performance, and security testing of web applications, APIs and microservices. Collaborate in an Agile environment, participating in daily stand-ups, sprint planning, and retrospectives to ensure alignment on testing strategies and workflows. Troubleshoot and analyze test failures and defects using debugging tools and techniques, including logging and tracing within Playwright, Selenium, Postman, Grafana, etc. Document and report test results, defects, and issues using Jira and Confluence, ensuring clarity and traceability for all test activities. Implement page object models and reusable test components in both Playwright and Selenium to promote code reusability and maintainability. Integrate automated tests into CI/CD pipelines using Jenkins and GitHub Actions, ensuring seamless deployment and testing processes. Collaborate on Git for version control, managing branches and pull requests to maintain code quality and facilitate teamwork. Mentor and coach junior QA engineers on best practices for test automation, Playwright and Selenium usage, and CI/CD workflows. Research and evaluate new tools and technologies to enhance testing processes and coverage. WHAT DO YOU NEED TO SHINE IN THIS ROLE? Bachelor?s degree in Computer Science, Engineering, or related field, or equivalent work experience. At least 5 years of experience in software testing, with at least 3 years of experience in test automation. Ability to write functional test, test plan and test strategies Ability to configure test environment and test data using automation tools Experience in creation of an automated regress / CI test suite using Cucumber with Playwright (Preferred) or Selenium and Rest APIs Proficient in one or more programming languages - Java, Javascript or Typescript. Experience in testing web applications, APIs, and microservices using various tools and frameworks such as Selenium, Cucumber etc. Experience in testing SAST/DAST tools (Preferred) Experience in working with cloud platforms such as AWS, Azure, GCP, etc. Experience in working with CI/CD tools such as Jenkins, GitLab, GitHub, etc. Experience in writing queries and working with databases such as MySQL, MongoDB, Neo4j, Cassandra etc. Experience in working with tools such as Postman, JMeter, Grafana, etc. Exposure to Security standards and Compliance Experience in working with Agile methodologies such as Scrum, Kanban, etc. Ability to work independently and as part of a team. Ability to learn new technologies and tools quickly and adapt to changing requirements. Highly analytical mindset, logical approach to find solutions and perform root cause analysis Able to prioritize between critical and non critical path items Excellent communication skills with ability to communicate test results to stakeholders in the functional aspect of the system and its impact. WHAT YOU?LL GET Highly competitive compensation, benefits, and vacation package Ability to work for one of the fastest growing companies with some of the most talented people in the industry Team outings Fun, Hardworking, and Casual Environment Endless Growth Opportunities

Bachelor's degree in Computer Science, Information Security, or a related field. 4+ years of experience in software development, with at least 3+ years specifically focused on application security or a security-centric development role. Strong proficiency in at least one major programming language Java J2EE preferred. In-depth understanding of web application security vulnerabilities and mitigation techniques. Experience with secure coding principles and practices. Familiarity with various security testing tools (SAST, DAST, SCA, penetration testing tools). Understanding of cryptographic principles and their appropriate application. Experience with cloud platforms (e.g., IBM Cloud, AWS, Azure, GCP) and cloud security best practices (e.g., IAM, network security, data encryption in cloud environments). Experience in a multi-tenant SaaS environment. Solid understanding of authentication and authorization mechanisms (e.g., OAuth, OpenID Connect, SAML, RBAC). Experience with Agile development methodologies. Excellent problem-solving skills and a proactive approach to identifying and addressing security risks. Required education Bachelor's Degree Required technical and professional expertise Bachelor's degree in Computer Science, Information Security, or a related field. 4+ years of experience in software development, with at least 3+ years specifically focused on application security or a security-centric development role. Strong proficiency in at least one major programming language Java J2EE preferred. In-depth understanding of web application security vulnerabilities and mitigation techniques. Experience with secure coding principles and practices. Familiarity with various security testing tools (SAST, DAST, SCA, penetration testing tools). Understanding of cryptographic principles and their appropriate application. Experience with cloud platforms (e.g., IBM Cloud, AWS, Azure, GCP) and cloud security best practices (e.g., IAM, network security, data encryption in cloud environments). Experience in a multi-tenant SaaS environment. Solid understanding of authentication and authorization mechanisms (e.g., OAuth, OpenID Connect, SAML, RBAC). Experience with Agile development methodologies. Excellent problem-solving skills and a proactive approach to identifying and addressing security risks. Preferred technical and professional experience Degree in Computer Science, , Engineering, or equivalent professional experience. An authority on Cloud Native Application architecture, Docker's and Microservices Working experience on Docker/Kubernetes, the DevOps, Micro services, RedHat OpenShift, Java J2EE Willing to lead and work on quick proof of concepts.

Role & responsibilities Drive and implement security best practices throughout the entire Software Development Lifecycle (SDLC) for the D2C Portal, including requirements Perform security architecture reviews to identify and address potential vulnerabilities in system design Manage and prioritize findings from SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA Work closely with development teams to ensure timely remediation of identified vulnerabilities. Preferred candidate profile Mandatory: forensic analysis AWS WAF Akamai DataDog, ELK, and incident response platforms. Preferred Qualification Bachelor's degree in Computer Science, Information Security, or a related technical field.

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Your Role Were hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of toolsBurp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Prudent Technologies and Consulting is hiring for a fast-growing Cybersecurity team that supports a customer base including the world s largest organizations. We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelor s degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology

We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelors degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Primary Skills : Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cybersecurity, Security Configuration Review, Source Code Review Job Description: 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API & Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms. Notice: Immediate to 15 days Location: ENBD Bangalore or ENBD Chennai or Dubai Location: Bangalore/Chennai/Dubai Experience: 4-6 Years Thanks & Regards, Ankita Ghosh

Dear Aspirant, Greetings from JTSi Technologies! We JTSi Technologies India Pvt Ltd, a US based IT Co in Kochi Infopark is urgently looking an Application Security Engineer for our operations in Kochi. The incumbent must be one with a strong understanding of application security principles and secure coding practices, common vulnerabilities and security testing methodologies. JTSi Technologies India Private Limited is a US based IT Co, with 20+ years into business. Our global offices are in Washington DC & New Jersey USA and our Indian HQ is in Bangalore. Details are as follows: Designation: Application Security Engineer (Consultant) Qualification: BE / B Tech / MCA Experience: Minimum 4 Years - 7 Years. Skillsets: Vulnerability Assessment, API, Code, Web & Cloud Security Remuneration: Salary ranges will be the best in the industry. Shift Time: Consultant / Part Time Freelancer Place of Posting: Infopark, Kochi. Roles and Responsibilities: Vulnerability Assessment - Identifying potential security weaknesses in applications through code reviews, penetration testing, and security assessments Designing and Implementing Security Architecture - Developing and integrating cybersecurity designs for systems and networks, ensuring they align with the organization's overall security strategy Secure Design and Development - Collaborating with developers to implement secure coding practices, secure architecture design, and secure development lifecycles (SDLC). API Security Design and Implementation - Design and implement secure API architectures by incorporating authentication, authorization (OAuth 2.0 JWT, etc.), and encryption mechanisms. Enforce API security best practices including rate limiting, input validation, logging, and auditing. Cloud and Container Security- Determine application security capability requirements and strategy (e. g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments) Able to assess cloud-native application architectures with a focus on security Security Testing - Conducting both static and dynamic security testing during and after application development to identify vulnerabilities Identity and Access Management - Implementing and managing systems for controlling access to data and applications, ensuring only authorized individuals can access sensitive information Incident Response - Responding to security incidents, investigating breaches, and implementing remediation steps Security Monitoring - Continuously monitoring applications for suspicious activity and potential security threats Security Tool Implementation - Utilizing and implementing security tools such as web application firewalls (WAFs) and other security technologies Skills and Qualifications: Strong understanding of application security principles, secure coding practices, common vulnerabilities (like XSS, SQL injection), and security testing methodologies Proficiency in one or more programming languages used in application development (e.g., Java, Angular, .Net, JavaScript). Familiarity with security tools like SAST, DAST, and WAFs Ability to analyse complex security issues and develop effective solutions Ability to clearly communicate security risks and recommendations to both technical and non-technical stakeholders Working effectively with developers, system administrators, and other security professionals. If you are interested or if any references kindly send us your recently updated resume to careers@jtsiindia.com and we will revert you with more details at the earliest. Thanks, and Regards, Recruitment Team JTSi Technologies India Private Limited Third Floor, Thapasya Building, Infopark, Kochi, Kerala - 682042. E Mail : careers@jtsiindia.com | Website : www.jtsiindia.com Contacts : 0484 4070368

Join us as a Application Security Consultant at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards You'll spearhead the evolution of our digital landscape, driving innovation and excellence You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences To be successful as a Application Security Consultant you should have experience with: Strong knowledge of CVEs, CWEs and their effect on the application In depth knowledge of various AppSec technologies such as SAST, DAST, SCA, IAST RASP etc Some development skills and hands on experience of one or more programming languages and framework Experience with writing scripts in scripting language like python, JavaScript Desirable Skillsets/ Good To Have Ability to demonstrate knowledge and enthusiasm for low-level technical topics including native development (any platform) Experience of languages inherent to modern, mobile development: Java+JNI, Objective C, Swift etc Familiarity with process of reverse engineering and associated low-level technologies such as assembly and tools Familiarity with concept of mobile code hardening i e controls and techniques for the goals of anti-tempering, obfuscation and environment monitoring Ability to reproduce vulnerabilities in lab environment Job Location: Pune Purpose of the role To support business areas with day-to-day processing, reviewing, reporting, trading and issue resolution Accountabilities Support various business areas with day-to-day initiatives including processing, reviewing, reporting, trading, and issue resolution Collaboration with teams across the bank to align and integrate operational processes Identification of areas for improvement and providing recommendations in operational processes Development and implementation of operational procedures and controls to mitigate risks and maintain operational efficiency Development of reports and presentations on operational performance and communicate findings to internal senior stakeholders Identification of industry trends and developments to implement best practice in banking operations Participation in projects and initiatives to improve operational efficiency and effectiveness Assistant Vice President Expectations Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda Take ownership for managing risk and strengthening controls in relation to the work done Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc) to solve problems creatively and effectively Communicate complex information 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience Influence or convince stakeholders to achieve outcomes All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship our moral compass, helping us do what we believe is right They will also be expected to demonstrate the Barclays Mindset to Empower, Challenge and Drive the operating manual for how we behave Back to nav Share job X(Opens in new tab or window) Facebook(Opens in new tab or window) LinkedIn(Opens in new tab or window)

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Role Summary Akrivia HCM is looking for an experienced Release Manager to own the end-to-end movement of code from merge to “available for users” across our web, mobile, and API platforms. You will coordinate cross-functional teams, enforce quality gates, automate delivery pipelines, and make sure every release lands predictably, safely, and with clear business impact. Key Responsibilities Plan & Schedule Publish rolling release calendar, freeze windows, and cut-off dates. Drive release scoping meetings with Product, Engineering, QA, Design, Security, and Customer Success. Gate & Qualify Verify CI/CD pipeline status, security scans, performance and accessibility test results. Chair go/no-go reviews and stop the line when critical gates fail. Deploy & Enable Orchestrate environment promotions (Dev QA Stage Prod) via GitOps/ArgoCD. Manage phased rollouts and feature-flag toggles; oversee App Store / Play Store submissions for mobile builds. Monitor & Recover Track live KPIs (latency, error rate, crash-free sessions) during and after releases; trigger rollback when required. Lead incident communication until service health is fully restored. Communicate Send timely status updates, go/no-go notifications, and customer-facing release notes. Keep a single “risk board” of blocking issues visible to all stakeholders. Improve & Automate Run post-release retrospectives, convert learnings into pipeline automation, templates, and checklists. Track and report KPIs: Planned vs Actual release dates, Change Failure Rate, MTTR, and Release Lead Time. Must-Have Qualifications Proven track record of managing at least 3+ years of releases for a high-traffic SaaS product or mobile + web ecosystem. Strong hands-on knowledge of CI/CD pipelines (GitHub Actions / GitLab CI / Jenkins), container orchestration (Kubernetes/EKS), and package promotion strategies. Familiarity with GitOps tools (ArgoCD or Flux) and Infrastructure-as-Code (Terraform/Helm). Experience coordinating App Store / Play Store submission cycles and phased rollouts. Deep understanding of release metrics: lead time, deployment frequency, change failure rate, MTTR. Excellent communication and stakeholder-management skills; can drive decisions with data under tight timelines. Good-to-Have Skills Exposure to AWS Well-Architected or other cloud cost / reliability audits. Knowledge of feature-flag platforms (LaunchDarkly, ConfigCat) and A/B testing rollouts. Working familiarity with SOC 2 / ISO 27001 controls and audit evidence requirements. Experience automating mobile build pipelines with Fastlane or Codemagic. Certification: AWS DevOps Engineer Pro / Certified Kubernetes Admin / PMI-ACP / SAFe.

Technical Skills, Experince & Qualification Required :- 4-6 yrs of Experience into Pentest, Pen tester / Pen testing Manual Pentesting of web application, infrastructure, mobile app Extensive knowledge in the areas of information system security Coding ability (at the very least Python) Recognized credential on a hacking platform: training (HTB, root-me, etc.) or bug bounty (synack, hackerone, etc.) Experience in relevant tools : Burp Suite or equivalent, network discovery, vulnerability scanner, OSINT, exploitation and post-exploitation on web app, OS, infra and mobile application, payload customization, virtualization. Deep knowledge in manual web application penetration testing and payload customization Expertise in at least one programming language Experience in working on Linux and Windows environment Cloud environment testing (AWS, Azure) Certifications Required : Offensive security : OSWE, OSCE, OSCP, OSWP, OSEE certification EC-Council certification (APT, LPT, not CEH) Government sponsored certification : CREST, PASSI PCI DSS certification ISO 27001 certification SANS or equivalent certification Immediate Joiners will be preferred

Role Description This is a full-time role for a VAPT, Red Team, Mobile Security professional . The role involves day-to-day tasks related to Cybersecurity, Physical Security, Network Security, Information Security, and Communication. Experience : 4 - 8 Yrs Job Location : Chennai (WFO) Qualifications Devsecops / SAST / DAST / Application Security / Scripting (Python/Shell) Azure/ AWS / GCP Security services & configuration management. Experience in Vulnerability Assessment & Penetration Testing in Network, Web, Mobile Applications, Kubernetes, Container security & APIs. Experience in one or more vulnerability scanning tool. Qualys VMDR, Rapid7 & Tenable is preferred. Implement, operate, and manage the vulnerability management program. Ensure scans are performed according to policies and scan frequencies. Excellent knowledge in Security Operations/Information Security Process, techniques, and technologies. Strong knowledge of container security, Devsecops Tools and Security controls. Working experience with configuration management. Must have prior experience/knowledge on Devsecops implementation (Application Security) and knowledge on Devsecops operation (SAST/DAST) Provide recommendations for continuous improvements in Security Operations & Process. Experience in Management and Metrics Reporting. Experience in defining standards for OS and/or applications. Able to demonstrate the identified vulnerability and provide the recommendation for remediation wherever required. Certifications like CEH, OSCP, GPEN or other information security or IT platform certifications. Experience in vulnerability assessment & penetration testing in Network, Web applications, Mobile applications & APIs. Strong understanding of OWASP/SANS Top 25 Concepts Hands-on experience on automated & manual application security testing tools like BurpSuite Professional, HCL AppScan Enterprise & Standard, Web Inspect, Postman, Nikto, ZAP, SQLmap, Nmap, Kali Linux, etc. Experience in developing Application Security policies, process, secure coding standards & guidelines. Good knowledge of secure software development standard, process, techniques, and tools. Experience in dealing with application security incidents & relevant communication. Demonstrated ability to clearly communicate complex ideas verbally and in writing. Excellent troubleshooting, problem solving, and analytical skills.

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Cybersecurity Fundamentals Good to have skills : Python (Programming Language), Microsoft PowerShell, Security Operation AutomationMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Integration Engineer, you will provide consultative Business and System Integration services to assist clients in implementing effective solutions. Your typical day will involve engaging with clients to understand their needs, facilitating discussions to translate these needs into actionable business and technology solutions, and ensuring that the proposed solutions align with both business requirements and technological capabilities. You will also be responsible for driving transformation initiatives and enhancing the customer journey through functional and application designs, ensuring that all aspects of the integration process are seamless and effective. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to ensure alignment of business and technology solutions.- Analyze client requirements and provide tailored integration strategies to meet their needs.- Perform regular maintenance (patching, upgrades, configuration changes) of security solutions.- Build and implement on-premises and cloud-based security solutions using SaaS, IaaS, and orchestration tools.- Implement robust monitoring and logging solutions.- Report on security status, incidents, and improvements to management.- Develop and maintain APIs and microservices for automation workflows.- Stay abreast of cybersecurity trends, vulnerabilities, and attack vectors.- Proactively propose enhancements to security controls.- Provide exceptional support to internal and external users.- Conduct regular security assessments and vulnerability scans.- Promote security awareness through training and communication.- Collaborate closely with other departments to integrate security measures- Automate complex tasks and workflows across infrastructure management, data processing, application deployments, and IT operations.- Identify process improvement opportunities and implement optimizations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cybersecurity, SDLC, Python and PowerShell, including experience with automation scripts, frameworks and best practises .- Good To Have Skills: Experience with Python (Programming Language), Microsoft PowerShell, Security Operation Automation.- Strong understanding of network security protocols and practices.- Familiarity with risk assessment methodologies and compliance standards.- Experience in implementing security measures and monitoring systems for vulnerabilities.- Good understanding of SDLC in code development and analysis.- Knowledge in Cyber security tooling for SAST, DAST and SCA solutions- Knowledge in Container and Orchestration environment such as Docker, Kubernetes or Openshift is a plus- Knowledge of version control systems (e.g., Git) and CI/CD pipelines. Additional Information:- The candidate should have minimum 3+ years of experience in Cybersecurity and SDLC.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education