403 Dast Jobs - Page 5

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities. Hands on experience in Secure SDLC, DAST, SAST, HP Fortify and Burp Suite Provide strategic advice and insights to clients based on deep domain knowledge and industry best practices. Identify potential risks and develop mitigation strategies to ensure project success and client satisfaction. Lead and coordinate incident response activities, including i...

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key cont...

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experie...

Security Assessments and Audits: Conduct comprehensive security assessments, threat modeling, and architecture reviews to identify vulnerabilities in applications, infrastructure, and cloud environments. Vulnerability Management: Manage and optimize code scanning tools (SAST, DAST), and other security tools to detect, prioritize, and remediate vulnerabilities. Security Architecture and Design: Design and implement robust security architectures for cloud environments (e.g., AWS, EKS), and applications, ensuring they align with best practices and compliance requirements. Security Policy and Procedures: Develop, implement, and maintain security policies, procedures, and standards to ensure comp...

This position is a leading role in designing, developing and implementing all aspects of security for complex global applications based on Microsoft Azure technology and generally the Microsoft technology stack. The role is very much an individual contributor capable of supporting multiple project teams. In other words, it is not a program management or oversight role, but one that requires detailed participation in the design, implementation and certification of security controls across the multiple projects/applications. This requires knowledge of various IT system architecture and Cloud technology, as well as supporting technologies such as SAST tools, DAST tools, IAM, network security, f...

You have 7-10 years of experience and possess a strong understanding of security practices in AWS and Azure environments. You have hands-on experience with SAST, DAST, SCA tools, and integrating security into CI/CD pipelines. Additionally, you are familiar with threat modeling and risk assessment techniques. Your knowledge extends to Kubernetes and container security, along with awareness of AI/ML application security considerations. You have experience working with SIEM systems, cloud logging, and monitoring solutions, and are adept at communicating security concepts effectively across technical and non-technical teams. With 4+ years in application security, cloud security, or a related eng...

As a Security Operations Engineer (SecOps) with 8-11 years of experience, you will be responsible for configuring multiple security systems (SAST, DAST, SIEM, EDR, etc.) for production endpoint and vulnerability scanning. Your role will involve system hardening for applications hosted on AWS, responding to security alerts, devising remediation strategies with internal teams, and ensuring compliance with information security best practices and standards. Your responsibilities will include architecting and implementing IAM best practices to facilitate fast-paced engineering activities while upholding security, compliance, and auditing requirements. Collaboration with engineering teams will be ...

As an Azure Dev Sec Ops professional, you will be responsible for integrating security controls into the CI/CD pipelines to ensure automated, continuous security in application deployments. Your main tasks will involve collaborating with DevOps teams to create automated security checks using tools such as Bicep, Terraform, and Ansible. You will also be required to monitor and maintain infrastructure-as-code (IaC) security standards using Bicep and Terraform for both cloud platforms. Furthermore, your role will involve managing and maintaining infrastructure security and monitoring systems, developing and maintaining CI/CD pipelines across multiple environments, and implementing and managing ...

The Security Trust Engineer uses this understanding of security and sales enablement along with data analysis and engineering skills to identify patterns and gaps in Security Trusts vendor security program and supply chain security activities. The Security Trust Engineer works with the team to collaborate on requirements, gather data on a regular cadence, and compile analyses and represent them to a variety of enterprise audiences. The Security Trust Engineer plays a critical role in helping ensure the security, reliability, and trustworthiness of RingCentral products and services. The role represents Security Trusts interests with Security Operations and Product Development in designing, im...

Position Purpose The purpose of the position is to help with the information security topics mentioned in the direct responsibilities. Responsibilities Direct Responsibilities - Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting...

As a DevOps Engineer, you will be responsible for managing and maintaining cloud infrastructure, with a preference for AWS/Azure, which includes tasks such as networking (VPC, VPN, NAT, routing). Your role will involve administering and monitoring Kubernetes clusters like EKS/AKS to ensure high availability and security. You will implement infrastructure automation using tools like Terraform or equivalent Infrastructure as Code (IAC) tools. Additionally, configuring and managing system observability tools such as Prometheus, Grafana, Node Exporter, and Kafka Exporter will be part of your responsibilities. Integrating security and quality gates into CI/CD workflows, including Static Applicati...

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or you can apply in below post Mandatory roles: Perform Internal and External Red Teaming. Report Preparation with proof of concepts. Provide recommendations to remediate the findings. Excellent communication skill is important. Additional skills: Cyber Security Assessment & Consulting,Cyber Threat Hunting,Manual Penetratio...

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other...

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModellingAb...

T o ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in penetration testing, SAST, DAST, VAPT, Threat Modelling , OWASP. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience produc...

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Sum...

Responsibilities: Application Security Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to design secure software systems, resolve vulnerabilities and issues, and implement robust security measures. Additional responsibilities include security audits and penetration testing as required. Technical Skills: Proficient in multiple programming languages. Advanced understanding of the intricacies and potential security flaws inherent in different languages. Working experience in languages like Java, JavaScript, C++, Python, and Ruby. Experience in API development/testing and API security Established experience with Agile (including Sc...

Technical Skills, Experince & Qualification Required :- 5-8 yrs of Experience into Pentest, Pen tester / Pen testing Manual Pentesting of web application, infrastructure, mobile app Extensive knowledge in the areas of information system security Coding ability (at the very least Python) Recognized credential on a hacking platform: training (HTB, root-me, etc.) or bug bounty (synack, hackerone, etc.) Experience in relevant tools : Burp Suite or equivalent, network discovery, vulnerability scanner, OSINT, exploitation and post-exploitation on web app, OS, infra and mobile application, payload customization, virtualization. Deep knowledge in manual web application penetration testing and payloa...

Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best...

We are looking for a highly skilled and motivated Product & Solution Security Professiona l to join our team with 7 to 10 years of experience in cybersecurity, with a focus on application security and Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record with proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key collaborators and supporting security activities within software products The ideal candidate will be responsible for defining secure design principles and supporting multi-functional teams to ensure secure architecture, implementation, and testing of products and solutio...

Essential Services : Role & Location fungibility In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a DevSecOps Manager, you will be responsible for implementation of security tools in DevOps CI/CD (Continuous Integration/ Continuous Delivery) pipeline and publish security standards and best practices for developer team. You will be responsible for integ...

Overview The Application Security Developer IV will work closely with both engineering (development) teams and the Information Security group to make sure that RealPage applications are developed with security in mind. Deep awareness of the OWASP Top 10 project and practices for preventing vulnerabilities when developing applications in any tech stack is a key success factor. This person will help to ensure Static Application Security Testing (SAST) occurs during the development lifecycle and that reported vulnerabilities are properly remediated. This person will also help train developers on how to remediate the vulnerabilities and what those vulnerabilities are when needed, Implement OWASP...

At least 7 year of experience as a penetration tester Proven abilities to approach a black box and white box testing. Proven hands on experience in manual pen testing as major part of work profile Hands-on experience with vulnerability scanners (static and/or dynamic) and frameworks, including but not limited to Burp Suite, Checkmark, OWASP ZAP, Burp, Nmap, Nessus, Metasploit Framework Good hands on experience with API penetration testing of Rest/SOAP based interfaces Perfect knowledge of OWASP methodology and web vulnerabilities – you can easily explain and show how it works Python or any other scripting language. Comfortable using and working linux/unix environments Desirable skills to hav...

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Sum...

Job Description for a Presales Engineer specializing in Application Security and Vulnerability Scanning/Testing Tools: Job Title: Presales Engineer Application Security & Vulnerability Management Location: Mumbai Job Type: Full-Time Role Summary As a Presales Engineer focused on Application Security and Vulnerability Testing tools, you will play a pivotal role in driving technical sales engagements. You will work closely with sales teams to understand customer requirements, demonstrate product capabilities, and design solutions that address security challenges across web, mobile, and cloud environments. Key Responsibilities Collaborate with sales teams to understand client needs and propose ...