639 Fortify Jobs - Page 2

Summary Position Summary Job title: DevSecOps - Manager About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte’s DevSecOps CI/CD Security Transformation and Secure Software Development Lifecycle engagement archetypes provide frameworks, templates, and leading practices for integrating security into software delivery pipelines. These resources include step-by-step workflows, staffing guidance, and project management tools to support DevSecOps roles and responsibilities The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: As a DevSecOps Manager, your core responsibility will be leading the implementation and ongoing management of DevSecOps practices across client's cloud and on-premises environments, which includes the following: Conduct interviews and assessments to understand client requirements, current state and DevSecOps practice maturity. Define strategy and take responsibility in driving adoption of security automation, continuous integration/continuous delivery (CI/CD), and compliance within the software development lifecycle of client's environment. Understand and be compliant with the Service Level Agreements defined for the DevSecOps services Oversee the development and integration of security tools and automation for services such as threat modeling, security architecture reviews, secure development practices, code analysis, vulnerability scanning, API security, configuration management etc. Manage and mentor DevSecOps team and client's cross-functional teams, setting goals and tracking performance. Report on DevSecOps metrics, security posture, and process improvements to leadership and client stakeholders. Stay current with emerging DevSecOps tools, security threats, and regulatory requirements. Facilitate use of technology-based tools or methodologies to continuously improve the monitoring, management and reliability of the services provided to client. Required Skills 9+ years of experience in application security development, security testing, integrating security tools, deployment and security management phases, with atleast 2+ years of leading the Devsecops projects. Strong understanding of security frameworks (e.g., NIST 800-53, PCI DSS,, ISO 27001, CIS Controls) and regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) Investigative and analytical problem-solving skills along with excellent communication, project management, and stakeholder engagement skills. Experience in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.) Understanding of solution designs and technical architectures to identify potential security risks and recommend mitigation strategies. Exposure to threat modeling exercise, zero trust architecture principles and secure by design practice. Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles; Hands-on experience in performing secure code reviews and penetration testing Hands-on experience in running, installing and managing SAST, DAST , SCA and IAST solutions, such as Checkmarx, Fortify and Contrast in large enterprise Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk; Strong knowledge of CI/CD tools and hands on experience on at least one CI/CD tool set and building pipelines (including in cloud) using Team city, Bamboo, Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; Hands on experience on container technology such as Kubernetes, Dockers, AKS, EKS. Knowledge of cloud environments and deployment solutions such as server less computing; Must have cloud security specialization in Security; and Certification such as EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc. are preferred. Qualification Bachelor's degree or higher in Computer Science, IT or equivalent experience. Experience in cloud service providers such as AWS, GCP, Azure, Oracle and multi-cloud DevSecOps implementations. Background in Agile or Scrum methodologies. Solid and demonstrable comprehension of Information Security including OWASP/SANS, Security Test Case development (or mis-use case). Understanding of security essentials including; networking concepts, defense strategies, and current security technologies Experience with securing IaC templates (e.g., Terraform, CloudFormation) and integrating IaC scanning tools into pipelines to detect misconfigurations and vulnerabilities early in the provisioning process Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. Familiarity with container security best practices, including image scanning, runtime protection, and orchestration security (e.g., Docker, Kubernetes). Experience with secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager). Ability to research and characterize security threats to include identification and classification of application related threat indicators. Good to have: Skills in scripting languages (e.g., Groovy for Jenkins, Bash, Python) to customize pipeline steps and automate repetitive tasks. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2023. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306776

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Senior Software Engineer belongs to Self-Organizing and Cross Functional development team and is able to convert sprint backlog items to shippable product. He/she collectively owns end to end development responsibility for a given Agile Team / POD. He/she will design, code and test the user stories committed for a sprint. Works independently under limited supervision. Possess skills to effectively deal with issues, challenges within field of specialization to develop application solutions. Primary Responsibilities: Develop and automate business solutions by creating new and modifying existing software applications Collectively responsible for end to end product quality Participates and contributes in Sprint Ceremonies Promote and develop the culture of collaboration, accountability & quality Provides technical support to team. Helps team in resolving technical issues Closely working with Tech Lead, Onshore partners, deployment and infrastructure teams Independently drive some of the product and pillar level initiatives Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelor's degree Technically hands-on and excellent in Design, Coding and Testing Experience working in multiple layer of technology Knowledge of Engineering Practices Agile: 6+ years of working experience in “Agile team” Data / Information Security: Good understanding of Data / Information security Good in Data Structure, Algorithms and Design Patterns Demonstrates excellent problem solving skills Knowledge of Common Technical Skills Application Development: Java Python Go Lang React DevOps: Working experience in IAC using Terraform Working experience in CI/CD pipeline (test, build, deployment and monitoring automation) Knowledge of software configuration management and packaging Knowledge of build tools such as Maven/Gradle Cloud: 5+ years of working Experience or good knowledge of cloud platform (e.g. OpenShift, Azure, AWS) Database: 5+ working experience of database (SQL or PL/SQL), Able to create database, write queries, stored procedures Open Source: Demonstrate hands-on knowledge of OpenSource adoption and use cases Knowledge of Product / Project / Program Related Tech Stack: Microsoft SQL Azure Cosmos DB Azure Kubernetes Services Azure SQL Microsoft SSIS Databricks Snowflake Testing using Data Quality Framework DevOps - Jenkins, GitHub, Docker, Redis, Sonar, Fortify Others - JMeter, Groovy, NewRelic Development Methodology / Engineering Practices - Agile (SCRUM / KANBAN / SAFe) Proven excellent verbal, written and interpersonal communication skills Proven team player in an Agile team within a Release Team/Value Stream Preferred Qualifications: Work experience in product engineering Knowledge of US Healthcare domain Modern Infrastructure: Knowledge in modern serverless and cloud managed infrastructure Proven excellent verbal, written and interpersonal communication skills Proven ability to work collaboratively in a global team with a positive team spirit At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Software Engineer Overview Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Services within Mastercard is responsible for acquiring, engaging, and retaining customers by managing fraud and risk, enhancing cybersecurity, and improving the digital payments experience. We provide value-added services and leverage expertise, data-driven insights, and execution. About Ethoca At Ethoca, you can join a team of top business and technology innovators who are transforming the industry. We are changing the payments landscape and reinventing the way global merchants and issuers combat fraud and reduce costs. Our services allow customers to focus on what really matters - increasing sales and creating a great customer experience. Our relentless customer focus is what makes us an award-winning company. Role As a Senior Software Engineer in Test / Senior Automation Engineer, you will: Play a crucial part in helping drive Quality initiatives across the teams Adhere to enterprise quality standards, processes and tools Responsible for developing and executing test plans for a single application, independently generating test data and recognizing test environment preparation needs Participate in project-level reviews, walkthroughs and inspections, and conducts test reviews, including test plans, requirements, cases and automation Achieve maximum coverage for test automation Responsible for automation and Continuous Integration (CI). Work closely with development team to identify defects early in the cycle through requirements analysis and code reviews. You Should Apply If Bachelor/Master’s Degree in Computer Science or equivalent work experience with exposure to quality engineering processes 6-8 years of overall experience. Sound knowledge of Java, Spring, JUnit, Eclipse IDE, Rest Assured, Appium, Jbehave/Cucumber frameworks, Databases, APIs (REST/SOAP), Continuous Delivery concepts and tools such as Jenkins/Bamboo, vulnerability tools such as Sonar, Checkmarx/Fortify, etc. Good knowledge of payments domain message flows, architecture, common design patterns, ISO message protocols, simulation/emulation tools highly desirable. Experience in multiple types of coding, software development, and/or using automation frameworks; Hands on experience in writing functional and integrational test cases; Exposure in building and using automation frameworks using technologies: Serenity, Cucumber, Browserstack, Selenium, others Experience testing APIs (REST) Experience in UI testing Well versed with writing complex database queries to validate data Ability to create good acceptance and integration test automation scripts and integrate with Continuous integration (Jenkins) Successfully developed high quality test strategies and text execution, recognized test environment preparation needs Experience in building automation frameworks, acceptance and integration test automation scripts, integrating with other tools. It Would Also Be Great If you have knowledge of working on cloud technology such as Azure, AWS you have knowledge of performance and security testing (e.g. Gatling , JMeter, Blazemeter). Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Job Description Sales Engineer – Generator Sales We are in search of a dynamic and results-oriented Sales Engineer – Generator Sales to become a part of our team. The ideal candidate should possess a solid technical background and demonstrated expertise in the sales of diesel generators, specifically those powered by Perkins, Cummins, Kirloskar, and Mahindra engines, along with associated spare parts. This role demands a blend of technical proficiency, customer relationship management, and strategic business development to fortify our presence in the power generation sector. Key Responsibilities Generator Sales & Business Development Formulate and implement sales strategies for Perkins, Cummins, Kirloskar, and Mahindra generator sets. Identify and approach potential clients in pivotal industries such as construction, oil & gas, infrastructure, and commercial facilities. Generate leads, prepare proposals, conduct negotiations, and close sales deals to meet or surpass sales targets. Participate in industry exhibitions, trade shows, and client meetings to endorse products and gather market intelligence. Spare Parts Sales & Technical Support Manage inquiries and sales for diesel and gas generator spare parts, focusing on genuine and OEM components. Offer expert guidance to clients on part compatibility, usage, and stock availability. Collaborate with after-sales service teams to ensure client satisfaction and timely resolution of technical issues. Market Analysis & Expansion Research and analyze market trends, competitor offerings, and customer feedback to refine product positioning. Identify opportunities in new and emerging sectors or geographies. Develop pricing strategies in collaboration with internal stakeholders to remain competitive and profitable. Technical Liaison Coordinate with internal engineering and service teams to ensure the seamless installation, commissioning, and handover of generator systems. Deliver product presentations, technical demonstrations, and training sessions to clients. Stay updated on advancements in generator technology, regulatory standards, and environmental compliance. Requirements Experience: Minimum of 3–5 years of hands-on sales experience in diesel generator sales, particularly with Perkins, Cummins, Kirloskar, and Mahindra brands. Education: Diploma or Bachelor’s degree in Mechanical, Electrical, or Power Engineering is preferred. Technical Proficiency: In-depth knowledge of diesel generators, control systems, and genuine spare parts. Sales Skills: Demonstrated ability to achieve and exceed sales targets, with a strategic and consultative

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec - Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: As a Consultant, you are responsible for performing following activities as a SAST/DAST professional: Integrate SAST and DAST tools into CI/CD pipelines to automate security testing throughout the development lifecycle. Perform regular static (SAST) and dynamic (DAST) security assessments on applications to identify vulnerabilities such as SQL injection, cross-site scripting, and other OWASP Top 10 risks. Analyze scan results, triage findings, and provide actionable remediation guidance to development teams. Collaborate with developers to ensure secure coding practices and support secure design reviews. Define and maintain security roles, responsibilities, and ownership between Deloitte and client stakeholders for test preparation, execution, and support. Ensure that vulnerabilities are tracked, reported, and resolved in accordance with organizational policies and client requirements. Conduct root cause analysis (RCA) workshops and publish performance and security testing reports. Stay current with industry trends, emerging threats, and advancements in SAST/DAST tools and methodologies. Required Skills Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304772

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304773

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304773

Summary Position Summary Job title: SAST/DAST AppSec - Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: As a Consultant, you are responsible for performing following activities as a SAST/DAST professional: Integrate SAST and DAST tools into CI/CD pipelines to automate security testing throughout the development lifecycle. Perform regular static (SAST) and dynamic (DAST) security assessments on applications to identify vulnerabilities such as SQL injection, cross-site scripting, and other OWASP Top 10 risks. Analyze scan results, triage findings, and provide actionable remediation guidance to development teams. Collaborate with developers to ensure secure coding practices and support secure design reviews. Define and maintain security roles, responsibilities, and ownership between Deloitte and client stakeholders for test preparation, execution, and support. Ensure that vulnerabilities are tracked, reported, and resolved in accordance with organizational policies and client requirements. Conduct root cause analysis (RCA) workshops and publish performance and security testing reports. Stay current with industry trends, emerging threats, and advancements in SAST/DAST tools and methodologies. Required Skills Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304772

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec - Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: As a Consultant, you are responsible for performing following activities as a SAST/DAST professional: Integrate SAST and DAST tools into CI/CD pipelines to automate security testing throughout the development lifecycle. Perform regular static (SAST) and dynamic (DAST) security assessments on applications to identify vulnerabilities such as SQL injection, cross-site scripting, and other OWASP Top 10 risks. Analyze scan results, triage findings, and provide actionable remediation guidance to development teams. Collaborate with developers to ensure secure coding practices and support secure design reviews. Define and maintain security roles, responsibilities, and ownership between Deloitte and client stakeholders for test preparation, execution, and support. Ensure that vulnerabilities are tracked, reported, and resolved in accordance with organizational policies and client requirements. Conduct root cause analysis (RCA) workshops and publish performance and security testing reports. Stay current with industry trends, emerging threats, and advancements in SAST/DAST tools and methodologies. Required Skills Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304772

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You’ll be responsible for developing highly efficient and reliable applications for various transformational programs as part of the Wireless Billing system. You'll be Enhancing and developing new features for applications using new and emerging technologies while maintaining coding standards and quality. Defining and clarifying project scope. Developing the project plan with coordination from Onshore, Business Owners, and Users. Coming up with designs for Business requirements in consonance with Security, Performance, and User experience aspects Programming using Java / J2EE using Spring framework / Spring Boot/ Reactive and Oracle & Cassandra database. Implementing solutions hands-on, emphasizing reusable code development. Driving discussions with the stakeholders on delivering the project. Coordinating activities across different organizational functions. Leading a team of 5-6 members on application development. Representing the team in the management and executive meetings Systematic problem-solving approach and a sense of ownership, commitment and dedication. Manage competing priorities and adapt to changes in project scope. Follow the AGILE processes as required by the project. Where you'll be working... In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. What We’re Looking For... You are curious about new technologies and the possibilities they create. You enjoy the challenge of supporting applications while exploring ways to improve upon the technology. You are driven and motivated, with strong communication and analytical skills, you’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple stakeholders within wireless teams in understanding and delivering the requirements and design. You’ll Need To Have Bachelor’s degree or three or more years of work experience. Four or more years of relevant experience. Strong knowledge and working experience on Telecom billing Strong End-to-end designing & development experience in Java, Spring Boot, Microservices Strong concepts in Object Oriented Programming and Design Patterns Good understanding on SQL Queries, Linux, Microservices architecture Good Experience in DevOps (Jenkins, SonarQube, HP Fortify) Hands-on experience with Oracle DB, Cassandra, data modelling, data replication, clustering, indexing for handling for large data sets. Knowledge and hands on in Unix, Shell Scripting. Experience in Agile methodologies and DEVSECOPS implementation. Cloud Implementation Experience. Experience in mentoring the junior team members Experience in product/tools evaluations to suit the project needs Experience with Devops tool chain - Jenkins, docker, Git, Sonar Qube, Fortify, Artifactory and Ansible. Proven experience in creating automation tools for productivity and process improvements. Expertise in trouble shooting the issues. Even better if you have one or more of the following: Strong communication and critical thinking skills. Experience working in Agile/SAFe teams. Knowledge of reusable component development and Databases/SQL. Collaboration skills to manage the peers, partners and other stakeholders. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You’ll be responsible for developing highly efficient and reliable applications for various transformational programs as part of the Wireless Billing system. You'll be Enhancing and developing new features for applications using new and emerging technologies while maintaining coding standards and quality. Defining and clarifying project scope. Developing the project plan with coordination from Onshore, Business Owners, and Users. Coming up with designs for Business requirements in consonance with Security, Performance, and User experience aspects Programming using Java / J2EE using Spring framework / Spring Boot/ Reactive and Oracle & Cassandra database. Implementing solutions hands-on, emphasizing reusable code development. Driving discussions with the stakeholders on delivering the project. Coordinating activities across different organizational functions. Leading a team of 5-6 members on application development. Representing the team in the management and executive meetings Systematic problem-solving approach and a sense of ownership, commitment and dedication. Manage competing priorities and adapt to changes in project scope. Follow the AGILE processes as required by the project. Where you'll be working... In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. What We’re Looking For... You are curious about new technologies and the possibilities they create. You enjoy the challenge of supporting applications while exploring ways to improve upon the technology. You are driven and motivated, with strong communication and analytical skills, you’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple stakeholders within wireless teams in understanding and delivering the requirements and design. You’ll Need To Have Bachelor’s degree or three or more years of work experience. Four or more years of relevant experience. Strong knowledge and working experience on Telecom billing Strong End-to-end designing & development experience in Java, Spring Boot, Microservices Strong concepts in Object Oriented Programming and Design Patterns Good understanding on SQL Queries, Linux, Microservices architecture Good Experience in DevOps (Jenkins, SonarQube, HP Fortify) Hands-on experience with Oracle DB, Cassandra, data modelling, data replication, clustering, indexing for handling for large data sets. Knowledge and hands on in Unix, Shell Scripting. Experience in Agile methodologies and DEVSECOPS implementation. Cloud Implementation Experience. Experience in mentoring the junior team members Experience in product/tools evaluations to suit the project needs Experience with Devops tool chain - Jenkins, docker, Git, Sonar Qube, Fortify, Artifactory and Ansible. Proven experience in creating automation tools for productivity and process improvements. Expertise in trouble shooting the issues. Even better if you have one or more of the following: Strong communication and critical thinking skills. Experience working in Agile/SAFe teams. Knowledge of reusable component development and Databases/SQL. Collaboration skills to manage the peers, partners and other stakeholders. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Role: Manager Information Security (Release Management) Experience-6+Yrs Location-Hyderabad Domain Expertise: Strong understanding of the insurance industry. Experience working with multiple vendors and global teams. Technical Skills: Proficient in tools like JIRA, ServiceNow, Fortify, and vulnerability management platforms. Basic knowledge of Java, Linux, and HTML. Skilled in running scans, generating reports, and troubleshooting tool issues. Process & Operations: Hands-on experience in release and change management. Familiar with ISO and SOC audit processes. Manages L1 and L2 tickets, ensuring SLA compliance. Coordinates production releases and post-implementation reviews. Access & Security Management: Manages application access and license renewals. Owns ServiceNow access/removal request process. Guides teams in resolving access and vulnerability issues. Collaboration & Leadership: Participates in change advisory board meetings. Coordinates with stakeholders for smooth release execution. Leads scan template reviews and vulnerability assessments Regards, Infosys BPM Recruitment team

Requisition ID: 45114 Job Location(s): Oragadam, IN Employment Type: Full Time Segment: Danfoss Climate Solutions Segment Job Function: Supply Chain and Operations Work Location Type: On-site The Impact You'll Make As a Customs & Trade Compliance Specialist, you will play a critical role in upholding the integrity of our global trade practices. With a strong emphasis on detail, you will ensure that all cross-border transactions adhere to both Indian and international trade laws, regulations, and our internal company policies. Your expertise will be vital in navigating the complexities of customs regulations, export controls, and sanctions laws. Collaborating with various regulatory bodies will be a key aspect of your role, fostering strong relationships while promoting compliance. A legal background (LLB) will enhance your ability to interpret and manage legal frameworks effectively, positioning you as a trusted advisor within our organisation. What You’ll Be Doing Ensure rigorous compliance with import/export laws and trade regulations, focusing on EU dual-use regulations and regional legal standards. Proactively interpret and assess changes in trade law, advising internal stakeholders on necessary adaptations and actionable insights. Review and update trade compliance policies in alignment with governmental changes, internal procedures, and guidelines to ensure seamless operations. Conduct thorough screening of transactions, shipments, and business partners against denied party lists and sanction regulations. Collaborate with customs consultants, brokers, freight forwarders, and logistics teams to streamline import/export processes while guaranteeing compliance. Accurately classify products using Harmonised Tariff Schedule (HTS) codes and Export Control Classification Numbers (ECCNs), maintaining comprehensive documentation for audits. Support internal and external audits, investigations, and risk assessments to fortify our trade compliance regime. Respond to inquiries from government authorities and regulatory bodies, building positive relationships to facilitate compliance. Deliver training sessions to internal teams to enhance understanding of trade regulations and policies, cultivating a culture of compliance. Assist in the procurement and management of necessary export/import licenses, exemptions, and permits, ensuring all operations are legally sound. Partner with legal, procurement, logistics, and business teams to align strategic initiatives with trade compliance objectives. What We're Looking For Educational Background: A bachelor’s or master’s degree in Logistics, Supply Chain, International Business, or International Trade is essential. An LLB degree is recognised as a significant advantage, enhancing your capability in legal compliance. Experience: You should possess 5–8 years of hands-on experience in a trade compliance, legal, or regulatory affairs role, ideally within an international company or consulting environment. An in-depth knowledge of global trade compliance frameworks and best practices is essential. Experience in product classification, licensing procedures, export/import documentation, and customs regulations is highly valued. Demonstrable evidence of excellent legal drafting, analytical, and research capabilities will set you apart. Strong communication and interpersonal skills are necessary for effective collaboration across diverse global teams. Familiarity with trade compliance software tools such as SAP GTS is considered a beneficial asset. You must be detail-oriented, with robust organisational and project management skills to support various initiatives. What You'll Get from Us We offer a supportive environment where your professional growth is a priority. Our commitment to an inclusive workplace ensures that all team members are respected and appreciated for their unique contributions. We invite you to inquire further about what we offer, as we believe our benefits are exceptional. Ready to Make a Difference? If this role excites you, we’d love to hear from you! Apply now to start the conversation and learn more about where your career can go with us. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or other protected category. . Danfoss engineers solutions that increase machine productivity, reduce emissions, lower energy consumption, and enable electrification. Our solutions are used in such areas as refrigeration, air conditioning, heating, power conversion, motor control, industrial machinery, automotive, marine, and off- and on-highway equipment. We also provide solutions for renewable energy, such as solar and wind power, as well as district-energy infrastructure for cities. Our innovative engineering dates back to 1933. Danfoss is family-owned, employing more than 39.000 people, serving customers in more than 100 countries through a global footprint of 95 factories.

OPENTEXT - THE INFORMATION COMPANY OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. AI-First. Future-Driven. Human-Centered. At OpenText, AI is at the heart of everything we do—powering innovation, transforming work, and empowering digital knowledge workers. We're hiring talent that AI can't replace to help us shape the future of information management. Join us. OPENTEXT OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. Your Impact As part of the Product Security team, you must have a strong understanding of information security processes across product development lifecycle including secure coding principle, static code / dynamic scanning, application penetration testing, container security, cloud security, supply chain security and threat modelling the applications. You should be familiar with the industry best practices for information security policies and product security. standards. You will have the opportunity to collaborate with the product stakeholders such as product development, cloud operation, system architects, security champions, Global Information Security on the Product security process and customer escalations/support What The Role Offers Please review the below write up and highlight for any corrects Strategic Planning: • Align application security initiatives with business goals; refine Product Security processes and tools. Technical Leadership: • Stay updated on the latest trends and advancements in application security and apply them to continually improve the organization’s security program. Recommend mitigations for vulnerabilities; manage third-party and open-source software risk. Architecture and Design: • Review application designs for security best practices. Design, enhance, and advocate for the threat modelling process. Conduct threat modelling and advise product teams on implementing appropriate security controls. Security Reviews: • Conduct security assessments throughout the development lifecycle. Collaborate with development teams to remediate security vulnerabilities. Code Review and Analysis: • Conduct code reviews and implement automated code analysis tools. Secure Development Practices: • Enforce secure coding practices, train developers in secure coding. Incident Response/Customer Escalations: • Lead incident response efforts related to application security incidents. Work with cross-functional teams to investigate and remediate security breaches. Policy and Standards: • Develop and enforce application security policies; ensure compliance with industry standards. Security Testing: • Oversee the implementation of security testing methodologies Conduct Penetration Testing activity for applications/systems Security Awareness: • Promote security awareness across engineering; conduct training for development teams on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Collaboration: • Collaborate with cross-functional teams, including development, operations, GIS, etc., to integrate security into all aspects of the software development lifecycle and improve security maturity. Documentation and Reporting: • Maintain comprehensive documentation of security processes/policies; produce maturity status reports for senior management. Generate reports and conduct peer reviews. Research and Innovation: • Stay informed on emerging threats and vulnerabilities, and proactively implement innovative security solutions. Vendor and Tool Evaluation: • Evaluate and recommend security tools/technologies; Manage vendor relationships What You Need To Succeed 5 - 8 years of experience with the relevant technologies Bachelor’s degree in engineering, computer science or equivalent is preferred Industry standard best practices on application security controls, requirements, features, and specifications Application security issues, weaknesses, vulnerabilities, threats, risks, and impacts of exploitation Familiarity with Security Standards and groups (OWASP, PCI, SANS, OSSTMM etc.) Strong vulnerability assessment experience of web, mobile and thick client applications, RESTful& JSON APIs, web servers, databases, and hosting environments (cloud, off-cloud, Containers) Strong experience in manual vulnerability assessment and penetration testing Hands on experience on Application Security tools such as Fortify, WebInspect, Burp, etc. Experience in planning, researching and developing security policies, standards and procedures in line with industry best practices A natural curiosity to learn how things work, and more importantly, how they can be made to work outside of their intended purposes, (i.e. the ethical hacker mentality) Preferably to have application security penetration testing related certifications, (e.g. GWAPT, OSWE, OSCP, GPEN, CPTE, CEH, GWEB, GCIH, etc.) Highly desirable to have general information security related certifications, (e.g. CISSP, CISM, GSEC, CCSP, etc.) Should have excellent team playing and collaborative skills, to work with multiple stake holders. Strong analytical, troubleshooting, writing, communication, and consultancy skills Possess a commitment to quality and a thorough approach to work OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us athr@opentext.com. Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenText's vibrant workplace.

Role Description We are looking for a skilled and motivated DevOps Engineer to join our team. The ideal candidate will have extensive experience in cloud infrastructure (particularly AWS), automation, and security best practices. You will be responsible for delivering resilient application stacks, supporting critical business applications, and collaborating with cross-functional teams to ensure system reliability, scalability, and security. Key Responsibilities Deliver resilient application stacks using Infrastructure as Code and other DevOps practices. Monitor and provide ongoing support for critical, high-revenue business applications. Diagnose and resolve complex system and application issues. Maintain strong security postures and remediate identified vulnerabilities. Collaborate with Development, QA, IT Operations, Customer Operations, and Project Management teams. Create and maintain documentation for systems and applications for both technical and non-technical stakeholders. Essential Skills And Experience Hands-on experience with AWS and public cloud environments. Proficiency in Infrastructure as Code (IaC) tools such as Terraform. Experience with CI/CD tools like GitLab CI/CD, GitHub Actions, Jenkins. Scripting and coding proficiency in PowerShell, Bash, Python, or similar languages. Familiarity with configuration management tools such as Ansible, Puppet, Chef. Strong experience with Linux server administration and troubleshooting. Proven track record in analytical and complex troubleshooting scenarios. Exposure to security tools such as Wiz, Qualys, or similar. Desirable Skills Monitoring tools: Prometheus, Grafana, CloudWatch. Log management solutions: Elastic Stack, Graylog, Splunk. Experience with relational databases: MySQL, MS SQL Server, etc. Knowledge of secret management systems like HashiCorp Vault. Familiarity with change control and related procedures. Hands-on experience with security testing and tools such as: Wiz, SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP, WebInspect, Fortify, Veracode, Nessus, etc. Skills Aws Cloud,Terraform,Powershell,Github

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line/Function At PI Germany IT Solutions we provide modern development services and IT products that our consumers can use. This includes Frontend Applications like Web, Mobile or other fat client applications and furthermore, we develop and maintain necessary middleware applications and API products which can be used by internal or external customers. In addition, we integrate and maintain 3rd party components, products into our solutions and providing additional services to business departments to archive the overall business objectives of BNPP PI Germany Job Title Software Development Date 01-JUL-2025 Department PI IT SOL PS DEV-MOB Location: Chennai Business Line / Function PI IT Reports To (Direct) Karthik GANESAN Grade (if applicable) Development Level 5 (Functional) Number Of Direct Reports 0 Directorship / Registration NA Position Purpose The developer helps with the development of Mobile-related information systems, Business Applications and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in Mobile activities of BNP Paribas Developing Mobile products in banking, trading and beyond banking Co-designing technical implementation of Mobile strategy. Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the Mobile platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications. Ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process. To define and to execute 3rd level support tasks for systems and applications in charge. To do necessary bug fix and to execute small enhancement tasks. To take care about prevention of obsolete components and libraries. Analysis und Continuous Improvement: To support optimization of software development processes & methods and possible usage of advanced tools and technologies To maintain and to improve stability and performance of development software solutions To develop prototypes which are based on new technologies by PoCs To improve operational aspects of developed solutions together with IT Production teams Contributing Responsibilities Cooperation within team and company To define necessary infrastructure with configuration for software development activities To support the implementation and testing, acceptance of necessary infrastructure To contribute to system stability of the infrastructure and affected system components To support troubleshooting of urgent software or infrastructure issues. Knowhow And Knowledge To support sharing and transferring Knowhow and Knowledge with others colleagues To continuously support code reviews and pair programming with other colleagues To foster exchange of software development knowledge with internal channel and network, in order to share best practices To ensure necessary training and continuous improvement of knowledge and knowhow To ensure successful participation in mandatory regulatory trainings on-time Technical & Behavioral Competencies Degree in business informatics, computer science, engineering or comparable and several years of professional experience At least 8 years of experience in software development Knowhow of modern software architectures and modern development concepts & processes Deep know how and understanding of respective development domain (Web, Mobile, Middleware, API, Platform, CRM, CMS etc.) Expert knowhow in necessary development tools and programming languages Expert knowhow in software requirement engineering and managing requirements Knowledge in software testing incl. unit test design & execution as well as E2E tests Basic knowledge in IT cyber security and secure software development Basic knowledge of banking economics (banking, trading, investing; products and transactions) Working in an agile environment with Scrum Very good English skills in words and writing Specific Qualifications (if Required) Segment B: Analyst / Developer Level 4 BANA4 Android Java / Kotlin Jetpack Compose Skills Referential Experience with Gitlab / Gitlab CI (nice to have) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability to develop and adapt a process Ability to develop and leverage networks Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 8 years

Are you ready to make an impact at DTCC? Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. Pay And Benefits Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance and well-being benefits, based on location Pension / Retirement benefits Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact You Will Have In This Role Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture. Your Primary Responsibilities Set up, customize, and maintain SAST tools (e.g., SonarQube, Fortify, Checkmarx, Veracode) to align with project-specific requirements. Perform manual and automated code reviews to identify and advise on secure coding issues. Integrate SAST tools into CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI, etc.) to support shift-left security. Work with development teams to fine-tune SAST rules, reduce false positives, and ensure meaningful results. Assist developers in understanding and fixing security issues by providing actionable feedback. Implement basic security checks for Infrastructure as Code (IaC) and secrets detection in repositories. Collaborate with DevOps teams to ensure security tooling is seamlessly embedded into build and deployment workflows. Qualifications Minimum of 4 years of related experience Bachelor's degree preferred or equivalent experience Talents Needed For Success Fosters a culture where honesty and transparency are expected. Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date. Collaborates well within and across teams. Communicates openly with team members and others. Resolves disagreements between colleagues effectively, minimizing the impact on the wider team. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

The Impact You'll Make As a Customs & Trade Compliance Specialist, you will play a critical role in upholding the integrity of our global trade practices. With a strong emphasis on detail, you will ensure that all cross-border transactions adhere to both Indian and international trade laws, regulations, and our internal company policies. Your expertise will be vital in navigating the complexities of customs regulations, export controls, and sanctions laws. Collaborating with various regulatory bodies will be a key aspect of your role, fostering strong relationships while promoting compliance. A legal background (LLB) will enhance your ability to interpret and manage legal frameworks effectively, positioning you as a trusted advisor within our organisation. What You’ll Be Doing Ensure rigorous compliance with import/export laws and trade regulations, focusing on EU dual-use regulations and regional legal standards. Proactively interpret and assess changes in trade law, advising internal stakeholders on necessary adaptations and actionable insights. Review and update trade compliance policies in alignment with governmental changes, internal procedures, and guidelines to ensure seamless operations. Conduct thorough screening of transactions, shipments, and business partners against denied party lists and sanction regulations. Collaborate with customs consultants, brokers, freight forwarders, and logistics teams to streamline import/export processes while guaranteeing compliance. Accurately classify products using Harmonised Tariff Schedule (HTS) codes and Export Control Classification Numbers (ECCNs), maintaining comprehensive documentation for audits. Support internal and external audits, investigations, and risk assessments to fortify our trade compliance regime. Respond to inquiries from government authorities and regulatory bodies, building positive relationships to facilitate compliance. Deliver training sessions to internal teams to enhance understanding of trade regulations and policies, cultivating a culture of compliance. Assist in the procurement and management of necessary export/import licenses, exemptions, and permits, ensuring all operations are legally sound. Partner with legal, procurement, logistics, and business teams to align strategic initiatives with trade compliance objectives. What We're Looking For Educational Background: A bachelor’s or master’s degree in Logistics, Supply Chain, International Business, or International Trade is essential. An LLB degree is recognised as a significant advantage, enhancing your capability in legal compliance. Experience: You should possess 5–8 years of hands-on experience in a trade compliance, legal, or regulatory affairs role, ideally within an international company or consulting environment. An in-depth knowledge of global trade compliance frameworks and best practices is essential. Experience in product classification, licensing procedures, export/import documentation, and customs regulations is highly valued. Demonstrable evidence of excellent legal drafting, analytical, and research capabilities will set you apart. Strong communication and interpersonal skills are necessary for effective collaboration across diverse global teams. Familiarity with trade compliance software tools such as SAP GTS is considered a beneficial asset. You must be detail-oriented, with robust organisational and project management skills to support various initiatives. What You'll Get from Us We offer a supportive environment where your professional growth is a priority. Our commitment to an inclusive workplace ensures that all team members are respected and appreciated for their unique contributions. We invite you to inquire further about what we offer, as we believe our benefits are exceptional. Ready to Make a Difference? If this role excites you, we’d love to hear from you! Apply now to start the conversation and learn more about where your career can go with us. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or other protected category.

Job Title: Senior Java Developer Organization: Mobile First Applications Pvt Ltd Experience: 8+ Years Location: Pune Contract: 4+ months(extensible) Job Summary: We are looking for a Senior Java Developer with 8+ years of hands-on experience in Java development, particularly focused on cryptography, security compliance, and scalable system design. The ideal candidate should possess strong technical expertise in Core Java, secure application development, cryptographic implementations, and database systems. As an individual contributor, you will take full ownership of modules, contributing to the design and development of secure, reliable, and high-performance systems. Key Responsibilities: ● Design, develop, and maintain secure, high-performance Java-based applications. ● Implement and manage cryptographic algorithms, ensuring adherence to industry-standard protocols (e.g., AES, RSA, SHA, TLS). ● Apply secure coding and compliance practices to mitigate security threats (e.g., OWASP Top 10). ● Ensure system architecture aligns with Core and MVC patterns, and promote best practices across the team. ● Collaborate with architecture and DevOps teams to embed security-first design principles into the development lifecycle. ● Perform code reviews, threat modeling, and contribute to internal security audits. ● Maintain strong working knowledge of SQL (e.g., MySQL, PostgreSQL) and NoSQL databases (e.g., MongoDB, Cassandra), ensuring optimal data access and storage strategies. ● Keep documentation updated for cryptographic and security processes and mentor junior developers on technical and security aspects. ● Stay current with emerging security technologies, threats, and regulations. Required Skills & Qualifications: ● 8+ years of strong Java development experience. ● Deep knowledge of Java Cryptography Architecture (JCA), Java Security Manager, and encryption protocols. ● Proficiency in Core Java concepts and application of MVC architectural pattern. ● Strong hands-on experience with SQL and NoSQL databases including schema design, indexing, and optimization. ● Knowledge of security standards such as OWASP, PCI-DSS, ISO 27001, or NIST. ● Familiarity with Spring Security, OAuth2, JWT, and SAML. ● Experience working with build tools (Maven/Gradle) and version control systems (Git). ● Exposure to security testing tools like OWASP ZAP, Burp Suite, or Fortify. ● Strong analytical, debugging, and problem-solving skills. ● Ability to work independently as an individual contributor and take ownership of modules. Preferred Qualifications: ● Certifications such as Oracle Certified Java Developer, CISSP, or CEH. ● Experience in regulated industries like finance, banking, or healthcare. ● Knowledge of cloud security (AWS/GCP/Azure), container security, and API security.

Job Overview: We are looking for a talented and experienced Application Security Engineer to join our team. The ideal candidate will have a strong understanding of application security standards, tools, and methodologies and will be responsible for conducting security assessments, penetration testing, and vulnerability analysis for web and mobile applications. This role requires hands-on experience with both automated and manual testing tools, familiarity with security mechanisms, and a commitment to improving the overall security posture of the organization. Key Responsibilities: • Conduct security assessments for both web and mobile applications. • Perform vulnerability assessments and penetration tests using tools such as Burp Suite Pro, AppScan, Veracode, Fortify, WebInspect, Acunetix, etc. • Leverage mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, and IDA for iOS and Android applications. • Conduct thorough testing of APIs to identify security flaws. • Utilize OWASP and SANS standards to guide security practices. • Stay up to date with the latest security testing tools, techniques, and ethical hacking methodologies. • Compile and present risk-based findings to stakeholders, providing detailed reports and suggesting appropriate mitigations. • Provide expertise on penetration testing methodologies, including black box, grey box, and white box testing. • Demonstrate proficiency with common penetration testing tools such as nmap, Wireshark, Kali Linux, Metasploit, OpenVAS, OWSAP ZAP, Accunetix, Nikto, Nessus, and sqlmap. • Assist development teams with implementing penetration tests as part of the Secure Software Development Life Cycle (Secure SDLC). • Create and refine security checklists tailored to organizational needs. • Ensure continuous security improvement by making suggestions for system and process enhancements. • Experience working with SaaS, IaaS, and PaaS environments, helping integrate and optimize security technologies and processes. Skills and Qualifications: • Proficiency with OWASP Top 10 and SANS security standards. • Strong experience in using security assessment tools, including both static (SAST) and dynamic (DAST) application security testing tools. • Hands-on experience with mobile application security testing and mobile-specific vulnerabilities. • Proficient with web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX. • Basic programming knowledge in Java, JavaScript, and SQL. • Familiarity with encryption, authentication, and authorization techniques for secure software development. • Experience in automating security testing using scripting languages like Python, Bash, or Java. • Knowledge of network security and vulnerability assessment practices. • Experience in Secure Code Review and identifying vulnerabilities in the source code. • Strong understanding of various security techniques and risk assessment processes. Certifications: • Certified Ethical Hacker (CEH) or equivalent certifications related to application security. Desired Competencies: • OWASP, Burp Suite, Web Application Security, Acunetix, Vulnerability Assessment, Network Security, Mobile Application Security. • Proficient in Secure Code Review, Python, Bash, Java, and Automation scripting.

Summary Position Summary ApplicationSecurity—Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’sCyberRiskServiceshavebeenrecognizedasaleaderbyanumberofindependentanalystfirms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do As a Senior Consultant in the hybrid operate business, you are responsible for adhering to the defined operatingproceduresandguidelinesinoperatingthe applicationsecurityservicesintheManagedServicesmodel, which includes the following: UnderstandandbecompliantwiththeServiceLevelAgreementsdefinedfortheDevSecOps services; Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoringandperformingthe securitydesignreview,architecturereview,threatmodeling, security testing, secure code review, secure build processes; Well versed with the application deployment and configuration baselines, and understanding of how theapplicationenvironmentoperatesinasecureenvironmentandhowexceptionsarehandledduring operations; Facilitateuseoftechnology-basedtoolsormethodologiestocontinuouslyimprovethemonitoring, management and reliability of the service; Performmanualandautomatedsecurityassessmentofthe applications; Involvedintriaginganddefecttrackingprocesswiththedevelopmentteamandhelpingtheteamto fix issues at the code level based on the priority of the tickets; BealiaisonbetweentheApplicationdevelopmentandinfrastructureteam,andintegratethe processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying,researchingandanalyzingapplicationsecurityeventswhichmayincludeemergingand existing persistent threats to the client's environment; and Performingactivemonitoringandtrackingofapplicationrelatedthreatactorsandtactics,techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependenciesfortheirday-to-dayoperations.Theprocessenablestheclienttoaddresskeyvulnerabilitiesandrisks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threattoanorganization.Thisdetectionofapplicationthreats/vulnerabilitiesiscarriedoutusingauniqueblendofour applicationsecuritytestingandmonitoringtoolsandintelligencedatacollectedthroughourvastexperiencewithinthe Advice and Implement business. Required: Minimumof5-7 years’experienceinapplicationsecuritydevelopment,securitytesting,deploymentand security management phases; Deepinterestinapplicationspecificvulnerabilities,codedevelopmentandinfrastructure knowledge; Investigativeandanalyticalproblem-solving skills; Experienceincollecting,analyzing,andinterpretingqualitativeandquantitativedatafromdefinedapplication security services related sources (tools, monitoring techniques etc.) KnowledgeandexperienceofOWASPTop10,SANSSecureProgramming,SecurityEngineering Principles; Hands-onexperienceinperformingcodereviewofdotNet,JavaandSwiftand objectiveC code; Hands-onexperienceinrunning,installingandmanagingSAST,DAST , SCA andIASTsolutions,suchasCheckmarx, Fortify and Contrast in large enterprise Understandingofleadingvulnerabilityscoringstandards,suchasCVSS,andabilitytotranslatevulnerability severity as security risk; Hands-onexperienceonatleastoneCI/CDtoolsetandbuildingpipelines usingTeamcity,Bamboo,Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; HandsonexperienceoncontainertechnologysuchasKubernetes,Dockers,AKS, EKS. Knowledgeofcloudenvironmentsanddeploymentsolutionssuchasserverless computing; Handsonexperiencein penetrationtestingofmobile,desktopandweb applications; Musthaveexperienceinwritingcustomexploitationscriptsand utilities; Possessionofexcellentoralandwrittencommunication skill; Knowledgeofoneormorescriptinglanguagesforautomationandcomplex searches; MusthavecloudsecurityspecializationinSecurity; and Certificationsuchas EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc.are preferred. Preferred: Bachelor’sincomputerscience orothertechnical fields; Experienceincloud service providerssuchasAWS, GCP, Azure, Oracleare preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. SolidanddemonstrablecomprehensionofInformationSecurityincludingOWASP/SANS,SecurityTestCase development(ormis-usecase). Understandingofsecurityessentialsincluding;networkingconcepts,defensestrategies,andcurrentsecurity technologies Abilitytoresearchandcharacterizesecuritythreatstoincludeidentificationandclassificationofapplicationrelated threat indicators Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin theirown way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-basedlearning,andeLearning.DeloitteUniversity(DU):TheLeadershipCenterinIndia,ourstate-of-the-art, world-classlearningcenterintheHyderabadoffice,isanextensionoftheDUinWestlake,Texas,andrepresents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandare continuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesour diversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 301449