639 Fortify Jobs - Page 8

About The Opportunity Job Type: Permanent Application Deadline: 15 July 2025 Job Description Title (Senior Test Analyst) Department (FIL India Technology - GPS) Location (Gurgaon) Reports To (Test Manager) Level (3) We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our GPS Platform Delivery team and feel like you’re part of something bigger. About Your Team The GPS Delivery - is to develop and maintain the pensions and investments of our 1.5m+ workplace and retail customers in UK. In doing this we critical to the delivery of our core product and value proposition to these clients today and in future. ` About Your Role Our TA/STA are experts in Test Automation. The role would focus on services, functional, data test automation. The key outcomes shall be (but not limited to) to create services and functional automation suite keeping DevOps principle of speed and quality in mind.Your role would be key to implementing modern engineering principles like Test Pyramid during the delivery lifecycle. About You Expertise and experience in designing and implementing Automation Strategy. Expert level experience on Core Java and J2EE development. Experience of test automation framework design for service layer/API. ( SoapUI/Rest Assure knowledge) Expert in atleast one functional test automation tool like selenium, Test complete etc. Relevant experience in Application development tools and frameworks like maven, ant, check style, PMD, fortify, junit, fitnesse, SOAP UI etc. Experience with Oracle (preferably Oracle 10G), stored procedures, queries Experience of using source code management tools, e.g. SVN/GitHub Good understanding of Development Methodologies like “Test Driven Development” and “Test Pyramid” Candidate needs to have rich experience around engineering skills, CI / CD and build/ deployment automation tools. Understanding on build pipelines is also nice to have. Knowing development methodologies such as Scrum, Agile, and Kanban. Experience in contract and pact testing will be added advantage along with stubbing and mocking (virtualisation) services. Familiarity with cloud concepts is also nice to have. Feel rewarded For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

Our software engineers at Fiserv bring an open and creative mindset to a global team developing mobile applications, user interfaces and much more to deliver industry-leading financial services technologies to our clients. Our talented technology team members solve challenging problems quickly and with quality. We're seeking individuals who can create frameworks, leverage developer tools, and mentor and guide other members of the team. Collaboration is key and whether you are an expert in a legacy software system or are fluent in a variety of coding languages you're sure to find an opportunity as a software engineer that will challenge you to perform exceptionally and deliver excellence for our clients. Full-time Entry, Mid, Senior Yes (occasional), Minimal (if any) Responsibilities Requisition ID R-10367333 Date posted 07/14/2025 End Date 07/31/2025 City Bengaluru State/Region Karnataka Country India Location Type Onsite Calling all innovators – find your future at Fiserv. We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv. Job Title Specialist, Software Development Engineering What does a great Application developer resource do in Fiserv? Consults with project teams and functional units on the design of important projects or services. Helps support existing business systems applications and demonstrates proficiency and leadership within agile methodologies. Balances and prioritizes project work efficiently. Design applications, analyze, lead and coordinate business enterprise solutions. Develops high performance application functionalities and sets high standards of code quality. What you will do The candidate for this position will leverage their knowledge of Unix systems to focus on production and non-production technology systems. North-east Reconciliation is part of the back-end suite of applications that support NE Debit Processing functions. The application reconciles transactions between external payment networks and Fiserv as payment processor. This position is responsible for improvising the features in Recon applications and also maintaining and providing Level 3 application support as and when required. Their day-to-day responsibilities will include developing and maintaining functionalities in Recon applications , addressing client/vendor/internal escalated requests for assistance; engaging with implementation, systems, and/or development teams on the build-out of Recon applications, improving execution by scripting of repetitive tasks, and automate error notification. Must have an overall understanding of DevOps. Rotating on-call, project participation, and business continuity support for the card services processing Linux applications. Assist and develop scripting alerts to monitor production systems, respond to and troubleshoot escalated incidents. Must have excellent communication skills, as the role interfaces with key stakeholders across product and program management. What you will need to have: B. E / B. Tech Degree in Computer Science /Information Science or other equivalents. Must have at least 2-6 years of experience in software or application development. Must have at least 2-6 years of experience in C, C++ or Java. Must have at least 2-6 years of experience in Oracle SQL and PL/SQL. Experience with Unix/Linux OS. Strong Object-oriented programming skills. Experience in an Agile development environment, particularly SCRUM. Excellent troubleshooting and problem-solving ability. Knowledge of CI/CD and hands-on experience with Github, Github Actions and Harness. Experience in Python programming- desired but not required. Experience in React JS programming- desired but not required. Knowledge of code quality audits and remediate security issues (Fortify, Webinspect, Sonatype) Ability to write high quality code with automated testing. Ability to analyze business requirements, functional /technical designs, business level documentation and code development. Install code changes and identify root-cause analysis. What would be great to have Knowledge of financial technologies, standards, and industry regulations (i.e., Payment Card Industry Data Security Standards) are highly preferred Experience with Generative AI and prompt engineering. Knowledge of and experience with JIRA, Service Point and Confluence products. Experience with monitoring tools like Splunk, Dynatrace. Moogsoft etc. Knowledge of test automation frameworks – Tosca, Qtest or Selenium. Conclusion The role demands a detail-oriented professional with a balance of development, testing, and support capabilities. Offering a combination of critical thinking and technical expertise, the successful candidate will be instrumental in delivering high-quality solutions within a dynamic working environment. Thank you for considering employment with Fiserv. Please: Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable). Our commitment to Diversity and Inclusion: Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. Note to agencies: Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions. Warning about fake job posts: Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done. There’s another option. Freshworks. With a fresh vision for how the world works. At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world. Fresh vision. Real impact. Come build it with us. Job Description As the Lead Cloud Security Engineer, you will be the primary driver for securing our AWS cloud ecosystem. You will architect, implement, and manage our cloud security framework, ensuring the protection of our infrastructure, applications, and data. This role requires a hands-on expert who can lead complex security initiatives, provide strategic consultation on secure architecture, and mentor engineers on security best practices to fortify our overall security posture. Key Responsibilities: Cloud Security Strategy: Lead the continuous enhancement of our AWS security posture by identifying risks, implementing mitigation strategies, and managing cloud security policies. Secure Architecture & Implementation: Architect and implement robust security controls for our cloud infrastructure. Provide expert consultation on secure design for services like EC2, S3, RDS, Lambda, and containerized environments. Automation & Policy as Code: Develop and manage security policies and infrastructure using Infrastructure as Code (Terraform/CloudFormation) and automate security operations using Python (Boto3). Identity & Access Management (IAM): Own the IAM strategy, including the management of roles, permissions, access controls, and secrets management to enforce the principle of least privilege. Compliance & Governance: Implement and maintain controls to ensure our cloud environment is compliant with global security and privacy standards (e.g., SOC 2, ISO 27001). Security Leadership: Lead new security initiatives from conception to completion and act as a key advisor and mentor to Product and DevOps engineers on security best practices. Qualifications Core Experience: 7-9 years of dedicated experience within the information security domain. Proven track record of designing, implementing, and managing security for a large-scale AWS environment. Hands-on experience in a DevOps, SRE, or SecDevOps role is highly preferred. Experience working in a global SaaS-based product environment is a significant plus. Technical Proficiency (Required): Cloud Platform: Expert-level knowledge of AWS and its core services (e.g., IAM, EC2, S3, RDS, Lambda, VPC, Security Groups, KMS). Infrastructure as Code (IaC): Expert, hands-on proficiency with Terraform or CloudFormation. Automation & Scripting: Expert proficiency in Python and the Boto3 library for AWS automation. Container & Serverless Security: Strong experience with securing Docker , Kubernetes , and serverless architectures. Operating Systems & Networking: Deep understanding of Linux/UNIX, Active Directory, and common network protocols (TCP/IP, DNS, HTTP/S). Security Expertise: Security Fundamentals: Deep knowledge of least privilege, vulnerability management, threat modeling, and common attack vectors. Identity & Data Security: Expertise in implementing and managing IAM policies, SSO, KMS, secrets handling, and data encryption. Vulnerability Management: Solid understanding of application, infrastructure, and network vulnerabilities and their mitigation. Core Competencies: Problem-Solving: Exceptional critical thinking, analytical, and decision-making skills. Leadership & Influence: Ability to lead security initiatives and mentor other engineers effectively. Communication: Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences. Preferred Skills & Experience: Published contributions to the security community (e.g., blog posts, open-source tools). Experience presenting at security conferences or industry events. Direct experience working with compliance, privacy, or IT audit functions. Additional Information At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.

As a highly organized Cybersecurity Officer at AmeriPharma, you will play a crucial role in managing system-wide healthcare compliance, information security, and privacy regulations. Reporting to the Director of Regulatory Affairs, you will be responsible for ensuring regulatory excellence, information security, and adherence to federal and state laws. Your primary focus will be on fostering a culture of accountability, trust, and risk management across all IT infrastructures. Your duties will involve developing and managing a comprehensive cybersecurity program in compliance with regulations such as HITECH, providing cybersecurity support during software and network development, conducting security and risk assessments, and managing annual risk assessments, vulnerability management, and penetration testing. You will also be responsible for implementing security measures, overseeing compliance with patient data protection regulations, and managing cyber threats, incident response, and forensic investigations. To be successful in this role, you must have expertise in HIPAA, HITECH, HITRUST, and cybersecurity frameworks, along with extensive experience in risk management, information security, and regulatory compliance auditing. Strong technical knowledge in network security, cloud security, and identity access management is essential, as well as exceptional communication skills and the ability to make strategic, data-driven decisions in high-pressure environments. You will collaborate with IT teams to improve security controls across cloud, network, and endpoints, lead cybersecurity awareness training programs for employees, align cybersecurity initiatives with business objectives, and innovate in cybersecurity frameworks, AI-driven threat detection, and cloud security. Additionally, you will engage with industry leaders and regulatory bodies on emerging cybersecurity threats and develop and test software applications using Agile methodologies. The ideal candidate will have a Bachelor's degree in Computer Science, Information Technology, or a related field, along with certifications such as CompTIA A+, Network+, CISSP, CCNA, MSCE, or MCSD. A minimum of 4 years of experience in Engineering, Software Engineering, or related fields is required, as well as proficiency in cybersecurity tools and platforms. If you are passionate about cybersecurity, have a strong background in regulatory compliance and risk management, and are looking for a challenging and rewarding opportunity to make a difference in healthcare IT security, we invite you to join our dynamic team at AmeriPharma.,

Job Description Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm’s robust risk strategy. As a Compliance and Operations Risk Test Lead in the Testing Center of Excellence, you will play a pivotal role in enhancing our compliance and operational risk management. Your expertise in test execution will be crucial in managing and conducting precise and accountable tests, ensuring alignment with the firm's highest risks. Your analytical thinking and problem-solving skills will be key in identifying control coverage gaps and driving remediation of control issues. You will also be responsible for planning and organizing your own work, and potentially that of a team, while liaising and coordinating activities across various departments. Your role will be integral in ensuring a cohesive and efficient testing framework, contributing to the seamless delivery of quality outcomes. Job Responsibilities Conduct comprehensive testing processes, ensuring all activities are completed accurately and on time, while adhering to the firm's highest risk priorities. Utilize advanced analytical thinking to identify control coverage gaps and verify that controls are properly designed and implemented. Apply problem-solving skills to address complex situations, develop alternate solutions, and interpret policies to ensure compliance with technical standards. Collaborate with cross-functional teams to align testing efforts and maintain open communication with stakeholders, ensuring effective execution of tasks. Continuously improve control evaluation methods and interpret control ratings and metrics to enhance the firm's compliance and operational risk management. Required Qualifications, Capabilities, And Skills 3+ years of experience in executing and managing testing processes within a professional or specialized field. Demonstrated proficiency in analytical thinking, with a track record of systematically organizing, comparing, and evaluating various aspects of a situation to identify key information. Proven ability to perform assessments of the control environment, identifying control coverage gaps and verifying the proper design and implementation of controls. Experience in coordinating activities across multiple departments, with the ability to adapt to changing priorities and manage a team if required. Proficiency in utilizing Project Management methodologies, tools, and techniques to lead and manage aspects of the project management lifecycle. ABOUT US JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. About The Team Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.

As an Associate Cybersecurity Consultant at Bulletproof, a GLI company headquartered in Canada with a global presence, you will be part of a team with decades of technology, security, and compliance expertise. Our work in the security space has been recognized nationally and globally for excellence. Our vision at Bulletproof is to serve, secure, and empower the world through people and technology, one customer at a time. We believe in ensuring the safety and security of all individuals and organizations we serve. Challenging Work: At Bulletproof, we thrive on solving complex problems and encourage all employees to contribute their best ideas. You will have the opportunity to work on highly challenging projects and make a real impact. Great People: We value openness, honesty, and authenticity. Each member of our team is essential to our collective success, and we believe in fostering a culture of inclusivity and collaboration. Global Impact: Being part of a global team means that your work will have a significant impact on colleagues, customers, communities, and the world at large. We are inspired by the positive influence our work has in various regions and cultures. Diversity, Equity, and Inclusion: We celebrate diversity, strive for equality, and understand that inclusion strengthens us as individuals, as a company, and as global citizens. Role Overview: As an Associate Cybersecurity Consultant specializing in penetration testing, you will be responsible for conducting thorough security assessments on web-based applications, networks, and systems to identify and mitigate vulnerabilities. Your role will involve defining assessment scopes, generating detailed security test reports, collaborating with clients on remediation plans, and delivering exceptional service in a professional manner. Additionally, you will provide technical expertise in security testing, stay updated on the latest tools and technologies, and contribute to the continuous improvement of our Information Security practice. Key Responsibilities: - Conduct comprehensive security assessments for a diverse range of clients - Define scopes for security testing assignments - Generate high-quality security test reports and documentation - Collaborate with clients on remediation strategies - Offer technical support as a subject matter expert in security testing - Stay informed about current tools, technologies, and vulnerabilities - Work collaboratively with cross-functional teams to meet client security needs - Perform other related duties as assigned Requirements: - Degree in Computer Science, Information Systems, Engineering, or related field - Prior experience in vulnerability assessments and penetration testing preferred - Proficiency in Linux, Windows, and network security - Strong communication skills in English, both written and oral - Ability to work independently and as part of a team - Familiarity with security testing tools such as Nessus, MetaSploit, Burp Suite, etc. - Relevant certifications like CEH, LPT, CPEN, OSCP, etc., are an asset - Knowledge of PCI ASV, CREST certifications, and threat modeling methodologies is a plus - Experience with mobile application security testing and social engineering techniques is advantageous Note: This job description outlines the primary responsibilities and qualifications for the role of Associate Cybersecurity Consultant at Bulletproof. It is not exhaustive and may involve additional tasks based on business needs. Bulletproof is an equal opportunity employer committed to diversity, equity, and inclusion.,

Your Impact: Fortify on Demand is an end-to-end platform for all your AppSec needs. We are the only application security provider to offer SAST, SCA, DAST, IAST, and MAST as a service. We help our customers to achieve fast remediation throughout the software lifecycle with robust assessments by a team of security experts. Experience in Production Operations (or Support), driving Incident management calls for escalations are a must. What it takes: This is a Principal technical support engineer role in the Fortify on Demand team, with a goal to provide the highest level of customer satisfaction. As an Enterprise Support Engineer, you will act as a single point of contact your assigned customers, providing technical support on the Fortify on Demand offering. The role is to provide expert technical support guidance to customers for the Application Security needs, working proactively to avoid issues and ensuring rapid incident resolution when problems occur. As a Technical Account Manager, you will conduct troubleshooting, gather diagnostics, reproduce problems, diagnose faults and escalate software change requests to Fortify Product Engineering. The goal is to become a trusted support advisor and ensure that customers are successful in their use of their FoD service. What you need to succeed: Technical University or Bachelor's degree preferred. Typically 8-10 years experience in technical support and/or consulting. Experience in AppSec desired Experience with AppSec tools (Fortify SCA, Fortify WebInspect or equivalent tools) Excellent verbal and written communication skills in English Knowledge of German and/or French would be a plus Advanced troubleshooting skills in a technical environment. Advanced proficiency with case management databases and tools. Superior customer service skills. Phone and remote support experience. Knowledge and resolution ability. Ability to solve and document solutions for usage of other technicians and customers. Ability to train peers on solutions. Ability to take ownership for resolution with escalated customers. Ability to lead technical action plans. Lead or provide expertise to teams or projects. Good To Have Knowledge of cloud platforms AWS, Azure, Google Pipelines Jenkins, Azure DevOps Containers Docker, Kubernetes Git/Version control/SCCM CEH or equivalent certification DevOps Open-source platforms

Role: Director - Ntwk & Info Sec Location: Chennai, Hyderabad Experience: 18 years-22 years You will lead a team of cybersecurity engineers with both application development and network & infrastructure background, threat intelligence analysts and risk management personnel who work closely with our Chief Information Security Office (CISO), Global Network and Technology (GN&T) teams to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. To be successful in this role, the leader must have a keen understanding of the evolving cyber landscape, inspire creativity and the ability to both encourage and empower teams to excel in this mission. Network & Infrastructure Security Governance Identify, implement and operationalize metrics, dashboards, scorecards, and tracking to consistently measure the current state of cybersecurity across Network & Infrastructure, leveraging industry best practices and standards. Ensure effectiveness and coverage of the Security Policies and Controls of Network & Infrastructure, prioritizing risk level. Instill ownership and accountability for security-based metrics and drive increased maturity, visibility, and subject-matter expertise for all segments. Develop action plans jointly with all stakeholders to remediate deviations, providing necessary support to close on all key items. Champion a highly collaborative work model with an aptitude of building and maintaining relationships across different teams at multiple senior levels, internally and externally. Develop awareness, training & compliance programs focused on Network & Infrastructure Cyber Security practices, leveraging Security Development program. Ensure Security posture of Network & Infrastructure, e.g., access management, vulnerabilities remediation, etc. Coordinate necessary activities with our CISO Cyber Security organization: pen testing, incident response, data collection, etc. Application Security & Risk Management Drive automation and orchestration of all security tools for visibility and prevention. Interpret the Information Technology threat landscape, security industry best practices, industry threat vectors, new technologies impacting security operations, etc. Technical expert in business applications, IT infrastructure and architecture - Defense in Depth Architecture and Practices. Experience implementing and monitoring security controls, vulnerability management, penetration testing, and identity/access management best practices. Track record with leading high performance operational teams. Background with different cloud computing platforms and the cloud security framework. Manage the budget for security testing, operational and monitoring tools expenses. Recruit, train, and lead security operations team members. Create and communicate security operations metrics, incidents, investigations, etc. Determine SLAs for detecting issues internally and with our external partners. Assist in Crisis Management, Ransomware Recovery and Business Continuity planning. Prepare reports and make presentations on internal investigations, losses, or violations of regulations, policies, and procedures. In partnership with the CISO team, identify, investigate and resolve global security breaches/incidents. Security Automation Platforms Develop and maintain IT Applications, Network & Infrastructure Security reporting dashboards, scorecards and maturity models used to measure our Cyber practice, with a focus on data integrity, working with the SRE teams. Identify, build and maintain the automation platforms supporting Enterprise Network, On-Prem Infrastructure, Datacenters and Cloud organizations in their Cyber practice. Drive a culture of Security by Design, automation to scale cyber security practices. Industry Engagements & Cyber Transformation Establish partnerships with industry leaders and forums to constantly assess new trends and solutions. Lead transformation towards Security by Design and Zero Trust principles for Network & Infrastructure. Operationalize future Cyber Security Architectures and Policies related to Network & Infrastructure, constantly raising our maturity and level of protection. Leadership Lead a team of cybersecurity engineers with both network & infrastructure, security engineers, threat intelligence analysts, security champions and risk management personnel. Focus on employee hiring, career development, rotation and succession planning. Motivate staff through servant leadership. Identify opportunities for automation, partnering with our India team. Stakeholdering with multiple external teams, with sometimes competing, organizationally separate groups and goals. Effective communication of complex technical subjects to non-expert, cross-functional peers, with effective storytelling and proficiency when presenting to leadership. Cross-functional collaboration and relationship building to achieve wider, organizational strategic goals. You’ll need to have: Bachelor’s degree in network engineering, computer science, IT infrastructure or related discipline. Ten or more years of relevant work experience in Security, IT, and/or Network. Strong knowledge of SDLC and DevSecOps One or more of the following certifications - CISSP, CCIE, CCSK, TOGAF, SABSA Experience managing a team of experienced, technical professionals. Willingness to travel. Even better if you have one or more of the following: Bachelor’s degree in cybersecurity, network, engineering, computer science or related discipline. Ability to thrive in a dynamic environment while managing multiple high-priority projects. Strong strategic and collaborative skills required to energize and provide direction to teams that are cross organizational(e.g. IT, Cyber and Business). Experience in planning large budgets and executing on target. Experience with networking concepts and protocols; security and compliance. Strong analytical, interpersonal, project management and communication skills. Strong troubleshooting and problem solving abilities in order to quickly find solutions to problems where no previous examples or methods may exist. Ability to engage people in the vision and demonstrate the meaning of the work for the bigger purpose.

Your Impact As part of the Product Security team, you must have a strong understanding of information security processes across product development lifecycle including secure coding principle, static code / dynamic scanning, application penetration testing, container security, cloud security, supply chain security and threat modelling the applications. You should be familiar with the industry best practices for information security policies and product security. standards. You will have the opportunity to collaborate with the product stakeholders such as product development, cloud operation, system architects, security champions, Global Information Security on the Product security process and customer escalations/support What The Role Offers Please review the below write up and highlight for any corrects Strategic Planning: Align application security initiatives with business goals; refine Product Security processes and tools. Technical Leadership: Stay updated on the latest trends and advancements in application security and apply them to continually improve the organizations security program. Recommend mitigations for vulnerabilities; manage third-party and open-source software risk. Architecture and Design: Review application designs for security best practices. Design, enhance, and advocate for the threat modelling process. Conduct threat modelling and advise product teams on implementing appropriate security controls. Security Reviews: Conduct security assessments throughout the development lifecycle. Collaborate with development teams to remediate security vulnerabilities. Code Review and Analysis: Conduct code reviews and implement automated code analysis tools. Secure Development Practices: Enforce secure coding practices, train developers in secure coding. Incident Response/Customer Escalations: Lead incident response efforts related to application security incidents. Work with cross-functional teams to investigate and remediate security breaches. Policy and Standards: Develop and enforce application security policies; ensure compliance with industry standards. Security Testing: Oversee the implementation of security testing methodologies Conduct Penetration Testing activity for applications/systems Security Awareness: Promote security awareness across engineering; conduct training for development teams on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Collaboration: Collaborate with cross-functional teams, including development, operations, GIS, etc., to integrate security into all aspects of the software development lifecycle and improve security maturity. Documentation and Reporting: Maintain comprehensive documentation of security processes/policies; produce maturity status reports for senior management. Generate reports and conduct peer reviews. Research and Innovation: Stay informed on emerging threats and vulnerabilities, and proactively implement innovative security solutions. Vendor and Tool Evaluation: Evaluate and recommend security tools/technologies; Manage vendor relationships What You Need To Succeed 5 - 8 years of experience with the relevant technologies Bachelors degree in engineering, computer science or equivalent is preferred Industry standard best practices on application security controls, requirements, features, and specifications Application security issues, weaknesses, vulnerabilities, threats, risks, and impacts of exploitation Familiarity with Security Standards and groups (OWASP, PCI, SANS, OSSTMM etc.) Strong vulnerability assessment experience of web, mobile and thick client applications, RESTful & JSON APIs, web servers, databases, and hosting environments (cloud, off-cloud, Containers) Strong experience in manual vulnerability assessment and penetration testing Hands on experience on Application Security tools such as Fortify, WebInspect, Burp, etc. Experience in planning, researching and developing security policies, standards and procedures in line with industry best practices A natural curiosity to learn how things work, and more importantly, how they can be made to work outside of their intended purposes, (i.e. the ethical hacker mentality) Preferably to have application security penetration testing related certifications, (e.g. GWAPT, OSWE, OSCP, GPEN, CPTE, CEH, GWEB, GCIH, etc.) Highly desirable to have general information security related certifications, (e.g. CISSP, CISM, GSEC, CCSP, etc.) Should have excellent team playing and collaborative skills, to work with multiple stake holders. Strong analytical, troubleshooting, writing, communication, and consultancy skills Possess a commitment to quality and a thorough approach to work.

YOUR IMPACT As part of the Product Security team, you must have a strong understanding of information security processes across product development lifecycle including secure coding principle, static code / dynamic scanning, application penetration testing, container security, cloud security, supply chain security and threat modelling the applications. You should be familiar with the industry best practices for information security policies and product security. standards. You will have the opportunity to collaborate with the product stakeholders such as product development, cloud operation, system architects, security champions, Global Information Security on the Product security process and customer escalations/support What The Role Offers Strategic Planning: Align application security initiatives with business goals; refine Product Security processes and tools. Technical Leadership: Stay updated on the latest trends and advancements in application security and apply them to continually improve the organizations security program. Recommend mitigations for vulnerabilities; manage third-party and open-source software risk. Architecture and Design: Review application designs for security best practices. Design, enhance, and advocate for the threat modelling process. Conduct threat modelling and advise product teams on implementing appropriate security controls. Security Reviews: Conduct security assessments throughout the development lifecycle. Collaborate with development teams to remediate security vulnerabilities. Code Review and Analysis: Conduct code reviews and implement automated code analysis tools. Secure Development Practices: Enforce secure coding practices, train developers in secure coding. Incident Response/Customer Escalations: Lead incident response efforts related to application security incidents. Work with cross-functional teams to investigate and remediate security breaches. Policy and Standards: Develop and enforce application security policies; ensure compliance with industry standards. Security Testing: Oversee the implementation of security testing methodologies Conduct Penetration Testing activity for applications/systems Security Awareness: Promote security awareness across engineering; conduct training for development teams on Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). Collaboration: Collaborate with cross-functional teams, including development, operations, GIS, etc., to integrate security into all aspects of the software development lifecycle and improve security maturity. Documentation and Reporting: Maintain comprehensive documentation of security processes/policies; produce maturity status reports for senior management. Generate reports and conduct peer reviews. Research and Innovation: Stay informed on emerging threats and vulnerabilities, and proactively implement innovative security solutions. Vendor and Tool Evaluation: Evaluate and recommend security tools/technologies; Manage vendor relationships What You Need To Succeed Industry standard best practices on application security controls, requirements, features, and specifications Application security issues, weaknesses, vulnerabilities, threats, risks, and impacts of exploitation Familiarity with Security Standards and groups (OWASP, PCI, SANS, OSSTMM etc.) Strong vulnerability assessment experience of web, mobile and thick client applications, RESTful & JSON APIs, web servers, databases, and hosting environments (cloud, off-cloud, Containers) Strong experience in manual vulnerability assessment and penetration testing Hands on experience on Application Security tools such as Fortify, WebInspect, Burp, etc. Experience in planning, researching and developing security policies, standards and procedures in line with industry best practices A natural curiosity to learn how things work, and more importantly, how they can be made to work outside of their intended purposes, (i.e. the ethical hacker mentality) Preferably to have application security penetration testing related certifications, (e.g. GWAPT, OSWE, OSCP, GPEN, CPTE, CEH, GWEB, GCIH, etc.) Highly desirable to have general information security related certifications, (e.g. CISSP, CISM, GSEC, CCSP, etc.) Should have excellent team playing and collaborative skills, to work with multiple stake holders. Strong analytical, troubleshooting, writing, communication, and consultancy skills Possess a commitment to quality and a thorough approach to work Education and Experience: B.E./B.Tech/Bachelors/Master of Computer Science or equivalent Industry Experience: 2 - 4 years of relevant experience

The position is for a senior full stack Java developer in GLOSS team. It requires hands on knowledge in coding. The person should have experience in designing full scale multi-tier applications. Good knowledge of software engineering practices is a must to be able to inspire other team members to drive for better quality coding. The person should be able to work on POCs to establish new features to be tried out in applications. Responsibilities Direct Responsibilities Should have good in depth understanding on Java, Database & SDLC Should be able to design service-oriented architecture using micro services Review current design to show how the application can be modularized. Be able to build features from scratch to demonstrate how frameworks function Peer Review code to improve quality and implement best practices Contributing to design the best solution that meets the functional needs while respecting the overall workflow of the existing application. Writing/Amending code that conforms to the best practice standards, both documented and de-facto. Escalation of barriers to progress via his/her team leader in a timely and succinct manner. Providing Technical guidance to other developers; assisting other team members in design related discussions Contributing Responsibilities Technical & Behavioral Competencies Java Core, 1.8 or above. Hibernate, Spring, Spring Boot Good understanding on DB SQL & Stored Procedures in Sybase or Oracle. JUnit, mocking techniques (e.g., easymock, jmock, mockito,..) Experience with Architectural Paradigms like DDD, notions of division by domain/sub-domain, API First, Data Driven Knowledge of Integration Patterns - Event Driven Architecture Knowledge of Apache Camel/Kafka Experience with deployment models like modular, monolith and microservice Should have good exposure to application performance tuning Exposure to DevSecOps tools and pipelines BitBucket, Jenkins, Artifactory, Fortify, NexusIQ, SONAR, Ansible Knowledge of Agile methodologies, e.g., TDD, XP, Scrum. Excellent communication skills Be able to understand complex systems and take the initiative, to seek out and accept new responsibilities Have drive, self motivation, good interpersonal skills, and work in a team Specific Qualifications (if required) Skills Referential Communication skills - oral & written Ability to collaborate / Teamwork Personal Impact / Ability to influence Ability to deliver / Results driven Decision Making Transversal Skills: Ability to understand, explain and support change Ability to develop and adapt a process Ability to inspire others & generate people's commitment Ability to develop others & improve their skills Analytical Ability Education Level: Bachelor Degree or equivalent Experience Level At least 7 years

The squad of IT APS Customers, CS&E Robotics, Data and AI Platform Support is looking for a Ops Engineer with a proven track record deploying python applications and/or data science models. You should be specialized or have a strong interest in Kubernetes, Ansible, Terraform, Linux system administration and Python deployment. As an Ops Engineer within the Tribe APS, you will have the opportunity to work at the centre of the banks initiatives in generative AI, smart automation and traditional machine learning. You will work to maintain both the workbench environment of the data scientists as well as monitor and deploy their models and applications. . Responsibilities As part of your responsibilities, you will have to work on the following: - Evaluate sizing and infrastructure requirements for new use cases. - Setup self-service deployment pipelines for AI applications. - Ensure reproducibility of deployments in both environment Non-Prod and Production. - Make sure that all applications are properly monitored, and alerting is in place. - Evolve in an environment where innovation and lean processes are praised, straight-forward communication is encouraged, and peers understand the meaning of team up. - Work with a team of colleagues who are ready to collaborate and to share their experience. Technical & Behavioral Competencies Mandatory: Knowledge of Python ecosystem. Experience with http rest APIs with focus on Django Experience with Git (version control system). E.g. Gitlab, Gitlab CI Experience in DevOps /OPS Linux operating system experience Experience in containerization (docker, podman) LLM operations Cloud experience (e.g. IBM Cloud / Azure) Preferable: Kubernetes/Helm Familiar with code quality gating (Sonar, Nexus, Fortify) Ansible Domino Datalab, Jupyter Artifactory Kafka SQL Postgres Terraform Dynatrace Business Experience: Knowledge of the financial services industry. Specific Qualifications (if required) Agile environment. Follows the Customer processes for projects, incident and change management. Being standalone and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented, understand risk awareness. Motivated self-starter, process-oriented with high attention to detail Quick self-starter, pro-active attitude. Good communication skills, Good analytical and synthesis skills. Autonomy, commitment and perseverance. Ability to work in a dynamic and multicultural environment. Flexibility (in peak periods extra efforts may be required). Open minded and show flexibility in self-learning new technologies/tools. You are customer minded and can translate technical issues into non-technical explanations. You are always conscious about continuity of services. You have a very good team spirit and share your knowledge and experience with other members of the team. Working in collaboration with team. Client-oriented, analytical, initiative oriented and able to work independently. Be flexible and ready to provide support outside of Business hours (on-call). Able to take additional responsibility. Able to work from base location Mumbai (Whichever is your base location) during hybrid model. You are flexible and ready to provide support outside of Business hours (on-call). Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Ability to deliver / Results driven Ability to share / pass on knowledge Client focused Transversal Skills: Ability to understand, explain and support change Ability to develop and adapt a process Ability to develop others & improve their skills Analytical Ability Ability to inspire others & generate people's commitment Education Level: Bachelor Degree or equivalent

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing… You will be part of the Network Planning group in GNT organization supporting development of deployment automation pipelines and other tooling for the Verizon Cloud Platform. You will be supporting a highly reliable infrastructure running critical network functions. You will be responsible for solving issues that are new and unique, which will provide the opportunity to innovate. You will have a high level of technical expertise and daily hands-on implementation working in a planning team designing and developing automation. This entitles programming and orchestrating the deployment of feature sets into the Kubernetes CaaS platform along with building containers via a fully automated CI/CD pipeline utilizing Ansible playbooks, Python and CI/CD tools and process like JIRA, GitLab, ArgoCD, or any other scripting technologies. Leverage monitoring tools such as Redfish, Splunk, and Grafana to monitor system health, detect issues, and proactively resolve them. Design and configure alerts to ensure timely responses to critical events. Work with the development and Operations teams to design, implement, and optimize CI/CD pipelines using ArgoCD for efficient, automated deployment of applications and infrastructure. Implement security best practices for cloud and containerized services and ensure adherence to security protocols. Configure IAM roles, VPC security, encryption, and compliance policies. Continuously optimize cloud infrastructure for performance, scalability, and cost-effectiveness. Use tools and third-party solutions to analyze usage patterns and recommend cost-saving strategies. Work closely with the engineering and operations teams to design and implement cloud-based solutions. Provide mentorship and support to team members while sharing best practices for cloud engineering. Maintain detailed documentation of cloud architecture and platform configurations and regularly provide status reports, performance metrics, and cost analysis to leadership. What We’re Looking For... You’ll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Four or more years of work experience in Kubernetes administration. Hands-on experience with one or more of the following platforms: EKS, Red Hat OpenShift, GKE, AKS, OCI GitOps CI/CD workflows (ArgoCD, Flux) and Very Strong Expertise in the following: Ansible, Terraform, Helm, Jenkins, Gitlab VSC/Pipelines/Runners, Artifactory Strong proficiency with monitoring/observability tools such as New Relic, Prometheus/Grafana, logging solutions (Fluentd/Elastic/Splunk) to include creating/customizing metrics and/or logging dashboards Backend development experience with languages to include Golang (preferred), Spring Boot, and Python Development Experience with the Operator SDK, HTTP/RESTful APIs, Microservices Familiarity with Cloud cost optimization (e.g. Kubecost) Strong experience with infra components like Flux, cert-manager, Karpenter, Cluster Autoscaler, VPC CNI, Over-provisioning, CoreDNS, metrics-server Familiarity with Wireshark, tshark, dumpcap, etc., capturing network traces and performing packet analysis Demonstrated expertise with the K8S ecosystem (inspecting cluster resources, determining cluster health, identifying potential application issues, etc.) Strong Development of K8S tools/components which may include standalone utilities/plugins, cert-manager plugins, etc. Development and working experience with Service Mesh lifecycle management and configuring, troubleshooting applications deployed on Service Mesh and Service Mesh related issues Expertise in RBAC and Pod Security Standards, Quotas, LimitRanges, OPA & Gatekeeper Policies Working experience with security tools such as Sysdig, Crowdstrike, Black Duck, etc. Demonstrated expertise with the K8S security ecosystem (SCC, network policies, RBAC, CVE remediation, CIS benchmarks/hardening, etc.) Networking of microservices, solid understanding of Kubernetes networking and troubleshooting Certified Kubernetes Administrator (CKA) Demonstrated very strong troubleshooting and problem-solving skills Excellent verbal communication and written skills Even better if you have one or more of the following: Certified Kubernetes Application Developer (CKAD) Red Hat Certified OpenShift Administrator Familiarity with creating custom EnvoyFilters for Istio service mesh and integrating with existing web application portals Experience with OWASP rules and mitigating security vulnerabilities using security tools like Fortify, Sonarqube, etc. Database experience (RDBMS, NoSQL, etc.) Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Overview: The Information Security Assessment Lead is responsible for safeguarding PepsiCo's digital assets by assessing the cyber risk and compliance of new and changing systems against information security requirements and managing risks associated with IT and Information Security systems throughout the project lifecycle. The ISA Lead will collaborate with various security teams and businesses to facilitate compliance with Information Security standards, provide technical guidance for key strategic initiatives, and drive the secure delivery of technology solutions within PepsiCo. The role heavily focuses on security risk-based assessments, and data-driven decision-making and automation. Responsibilities: Security Design Expertise: Proven track record in assessing security designs, including data flow diagrams, architectural blueprints, low-level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as NIST 800-53, ISO 27002, CIS, and OWASP to ensure robust security postures. Skilled at identifying potential security gaps and implementing best practices to fortify system architectures against emerging threats. Familiarity with the latest security tools and technologies, as well as experience in integrating security measures into complex IT environments, is essential. Compliance Assessment: Assess new and changing application designs and requirements to ensure compliance with PepsiCo information security standards. Risk Communication: Identify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Threat Modeling: Utilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture. Project Lifecycle Reviews: Review IT and Information Security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated Risk Assessments: Conduct risk-based assessments using automated tools and techniques to prioritize and address security risks. Collaboration and Education: Collaborate with various IT and Business teams to ensure they are knowledgeable about Information Security processes and requirements, influencing them to eliminate or reduce risks. ServiceNow Utilization: Experience using ServiceNow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics Management and Reporting: Manage operational metrics related to the ISA and GRC processes, utilizing Power BI for advanced reporting, tracking project progress, and developing corrective action plans. Process Improvement and Proactive Security: Govern Information Security services from the ISA, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage Azure and cloud security knowledge, and implement Agile and DevSecOps methodologies to integrate security into the development process. Qualifications: A minimum of 8 years of experience in Information Security, IT Risk Management, or a similar role. Mandatory Technical Skills: In-depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as NIST 800-53, CIS, and ISO 27002. Proficient in ServiceNow, with the ability to leverage its modules for information gathering, data analysis, and automation of the ISA service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in Power BI for developing reports and dashboards to support data-driven decision-making. Strong skills in developing ad hoc reports and managing metrics. Knowledge of Azure and general cloud security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non-technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory Non-Technical Skills: Proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent PepsiCo Information Security in complex situations with business and IT partners. Ability to collaborate with various stakeholders, including business units and product managers.

Role overview and responsibilities: Dhruva Space is seeking a Senior Business Development Manager - GeoIntelligence to drive the sales and market penetration of high-resolution satellite imagery and geospatial solutions across India. This strategic role focuses on both Government and commercial sectors and requires a deep understanding of the geospatial industry, government procurement cycles, and solution-based selling. The ideal candidate will have strong stakeholder engagement skills and the ability to lead cross-functional teams for successful business outcomes. This is a full-time and on-site role, based at our headquarters in Hyderabad, Telangana. Key Responsibilities: Drive revenue by promoting satellite imagery and related solutions to Central/State Government and private sector clients. Identify and develop new business opportunities in strategic sectors where geospatial data would be the need of the hour. Spearhead the full sales cycle: opportunity identification, tendering, proposal preparation, and contract negotiation. Define, implement and nurture a strong and effective Go-to-Market strategy for Dhruva Space's offerings Build and nurture long-term relationships with government bodies, corporate clients, and strategic partners. Conduct client visits, presentations, and meetings to understand their needs and propose tailored geospatial solutions. Ensure consistent and high levels of client acquisition, success, satisfaction and retention. Oversee project timelines and ensure deliverables are met in line with client contracts and expectation Mentor and guide junior business development professionals and cross-functional technical teams. Collaborate effectively and efficiently with Engineering, Business Development, Marketing, Legal, and Regulatory teams to ensure alignment in pre-sales, proposal development, and post-sales execution. Maintain accurate and up-to-date sales pipeline documentation, client communication records, and contract compliance as per internal and regulatory standards. Share comprehensive and detailed market intelligence, sales reports, and client updates with leadership (CXOs, relevant Department heads) regularly. Navigate Government procurement policies, budgeting processes, and RFPs to fortify Dhruva Space's visibility and positioning. Represent Dhruva Space in industry forums, pre-bid meetings, and relevant conferences. Candidate Requirements: Bachelor’s or Master’s degree in Geospatial Sciences, Remote Sensing, GIS, Business Administration, or a related field. Minimum 7 - 10 years of experience in business development in the geospatial or satellite imagery domain. Proven expertise in government tendering, sales strategy development, and technical proposal writing. Evident passion and excitement to contribute to this maturing sector Strong understanding of satellite data, remote sensing, GIS software platforms, and spatial analytics tools. Exposure to sectors such as Urban Planning, Agriculture, Smart Cities, or Disaster Management is a plus. Effective and clear communication, presentation, and negotiation skills. Strong interpersonal skills to manage cross-functional teams and engage with external stakeholders. Willingness to travel in an official capacity, extensively across India.

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Job Description: Head - Technical Training (Lidar/ADAS) preferred, not mandatory Location: Kolkata Company Overview : We are a rapidly expanding technology-driven services firm specializing in the meticulous annotation of ground truth training data across diverse datasets, including image, video, LiDAR, text, audio, and multi-modal formats. Our mission centers around providing top- tier trainingdata essential for advancingstate-of-the-art AI and machine learning models. These models find applications in an array of industries, ranging from Autonomous Mobility and Healthcare to Geo-Spatial, Agri Tech, and Finance. Of particular emphasisin our endeavors is the burgeoning field of Generative AI. To fortify our trajectory of growth, we are actively seeking an adept and seasoned Training Department Head. In this pivotal role, you will be instrumental in steering our training department, ensuring proficiency in our Lead to Cash process, through the creation and sustenance of an expert workforce at all levels within the organization. Job Description : We are looking for a dynamic and visionary Training Department Head to build and lead a team of trainers and training managers. In this role, you will be responsible for overseeing the end-to-end training process, from production data analysis to training need identification, content creation, train the trainers, training delivery, and training efficacy measurement and reporting. Your expertise in training and development, along with your leadership skills, will be vital in ensuring the success of our training programs. This position reports to the Chief Delivery Officer. Responsibilities: Develop and implement a comprehensive training strategy aligned with the company's goals and objectives. Lead a team of trainers and training managers, providing guidance, mentorship, and support in all aspects of training and development. Conduct thorough analysis of production data to identify training needs and areas for improvement. Collaborate with cross-functional teams in US, India and Bhutan to understand business requirements and translate them into effective training programs. Oversee the creation and maintenance of training materials, including curriculum, presentations, job aids, and other resources. Design and deliver train-the-trainer programs to ensure consistency and qualityin training delivery. Monitor and evaluate training effectiveness using appropriate metrics and assessment tools. Continuously improve training programs based on feedback, industry best practices, and emerging technologies. Stay updated with the latest trends and advancements in AI/ML algorithms and training methodologies. Qualifications: Bachelor's degree in a relevant field (e.g., Education, Instructional Design, Computer Science); a master's degree is a plus. Proven experience (15+ years) in training and development, preferably in a technology- focused company. Strong knowledge of AI/ML algorithms and their applications. Demonstrated experience in building and leading high-performing training teams. Experience in analyzing production data and identifying training needs. Proficient in instructional design methodologies and adult learning principles. Excellent presentation and communication skills, with the ability to engage and inspire learners. Familiarity with training evaluation methods and measurement tools. Strong project management and organizational skills, with the ability to handle multiple priorities and meet deadlines. Self-motivated, proactive, and results-oriented mindset. Ability to adapt to a fast-paced and rapidly changing environment.

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

You will be responsible for providing IT infrastructure support with a focus on ensuring the smooth and efficient operation of various systems and applications. With over 6 years of experience, you will have the opportunity to work on projects that involve AWS, PCF (Pivotal Cloud Foundry), Chef, Ansible, Jenkins, Git, Maven, SonarQube, Gradle, Nexus, Bitbucket, UDeploy, Fortify, and Python. Your key responsibilities will include analyzing the current IT infrastructure, designing and implementing projects, integrating systems and applications, troubleshooting and resolving issues, and maintaining system security. You will collaborate with client teams to understand their requirements and provide technical support and guidance as needed. It is essential to stay updated on industry trends and best practices to deliver cutting-edge solutions. To excel in this role, you should have proven experience in IT infrastructure support and integration, strong expertise in automation tools like Chef, Ansible, and Jenkins, proficiency in cloud platforms such as AWS and PCF, hands-on experience with version control systems like Git and Bitbucket, knowledge of build tools like Maven and Gradle, familiarity with security and quality tools like SonarQube, Nexus, UDeploy, and Fortify, solid programming skills in Python, excellent troubleshooting and problem-solving abilities, and strong communication and collaboration skills. If you are interested in this opportunity, please share your CV with rupal@liveconnections.in.,

Python+DevOps Engineer - Associate - Software Engineering Profile Description We’re looking for a skilled Developer with minimum 3 years of experience to join our team. CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Cyber The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Software Engineering This is a Associate position that develops and maintains software solutions that support business needs. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You’ll Do In The Role The role will see the design and build of APIs which allow developers to apply, re-configure, deploy and run multiple code scanning tools on their projects. In addition, the infrastructure will be able to process the results from these systems and calculate whether a project can proceed with a release based on the firm’s policies. The role further extends to performing POCs on new tools and technologies to determine those that are suitable for adoption to assist keeping Morgan Stanley protected against an evolving threat landscape. The successful candidate will have around 3-5 years development experience (ideally in Python but we will consider other languages). They will have worked on building distributed systems and understand the complexities of building such systems. They will be a pro-active, driven individual that loves to take on new problems and figure out ways to solve them. In addition, they will have a mindset for automation and have experience in the SDLC and associated tooling right through from developing code, to writing automated tests, deploying it to production and providing subsequent production support. Responsibilities Hands-on engineering and integration will form the majority of this role, as part of a collaborative, agile squad. This will include work at all stages of the SDLC across a broad range of activities within Application Security. Take an active part in the architecture, design, build and implementation of the solution, implementing software development lifecycle best practices through the adoption of standard tools/services for reliability. Implementing different types of automated testing for resilience and reliability, e.g. unit, integration and load testing. Monitor usage of products through monitoring products, open telemetry and by building dashboards, alerts, and optimized queries for observability of system reliability with a focus on SLOs, error budgets, and toil management. Building documentation for both tribal knowledge and SRE processes within the squad through documentation-as-code framework. Setting up and performing PoCs within lab environments as well as in non-prod environments to enable stakeholders to test/validate solutions and soliciting real world feedback to drive meaningful evaluation and subsequent adoption. Documenting findings/presenting recommendations back to stakeholders to enable the Firm to make informed and effective product choices. Automating manual operational processes and integrating automations into CI/CD pipelines, including developing configuration-as-code models that align to CI/CD pipelines and SRE best practices and implementing self-service tools to reduce toil both within the squad and for our customers. Required Skills What you’ll bring to the role: A developer background/strong understanding of modern development practices, experience building usable APIs that others can consume. Strong research, analytical, and problem-solving skills. Ability to write robust, object-oriented and maintainable code in Python or similar language. Ability to write secure code, including an understanding of concepts such as authentication, authorisation and various web-based attacks such as XSS or CSRF/XSRF. Good knowledge of DevOps CI/CD workflows, tools (such as Jenkins/Circle/GitHub Actions) and their integration points. Experience with modern deployment tooling including Docker, Kubernetes, Helm, Ansible. Experience with distributed database/data storage systems, either SQL or No-SQL. Excellent verbal and written communication skills, including the ability to express and deliver technical ideas to a wide range of audiences, coupled with a collaborative approach. Desired Skills Product experience with DAST/SAST tooling such as Snyk, Fortify or Contrast Security. Experience with GitHub Enterprise and integrating SaaS solutions. Experience with distributed tools such as Apache Kafka & Zookeeper. Familiarity with public cloud and public cloud management. An automation/orchestration mind-set, enabling the product squads to spend more time coding and less time on manual processes. Some experience with front-end development NPM, Node, JavaScript, TypeScript or similar. Additional depth to their knowledge of application security. What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

Role Overview The ideal candidate will be responsible for overseeing **Static Application Security Testing (SAST)** and **Software Composition Analysis (SCA)** processes, strong secure coder, ensuring secure coding practices, and managing security risks within the software development lifecycle (SDLC). This role requires close collaboration with development, DevSecOps, and risk management teams to identify and remediate vulnerabilities effectively. Key Responsibilities 1. SAST & SCA Strategy and Implementation Define, implement, and manage **SAST & SCA frameworks** to secure the banks applications. Lead the integration of security tools (e.g., Fortify, Checkmarx, SonarQube, Veracode, Snyk, Black Duck) into CI/CD pipelines. Continuously evaluate and enhance scanning methodologies to improve detection and remediation of vulnerabilities. 2. Vulnerability Management & Risk Mitigation Oversee the assessment, triage, and remediation of vulnerabilities identified through SAST & SCA scans. Establish risk-based prioritization for vulnerabilities, collaborating with development teams for timely fixes. Ensure compliance with industry standards (OWASP, NIST, ISO 27001, PCI-DSS) and internal security policies. 3. Collaboration & Stakeholder Management Work closely with development, DevOps, and security teams to promote secure coding practices Collaborate with third-party vendors for security tool management and support Present vulnerability trends, remediation progress, and risk insights to senior leadership and risk committees. 4. Governance, Training & Awareness Develop and enhance secure coding guidelines and best practices for development teams. Conduct security awareness sessions and training for developers on SAST/SCA findings and secure coding practices. Define and track key security metrics (KPIs/KRIs) to measure the effectiveness of the SAST & SCA programs. Qualifications & Experience 8-10 years (SM) and 12-15 years (AVP) of experience in Application Security**, with a strong focus on SAST and SCA. Deep understanding of secure SDLC, DevSecOps, and CI/CD integration. Hands-on experience with **SAST & SCA tools** (Fortify, Veracode, Checkmarx, Snyk, Black Duck, SonarQube, etc.) Strong knowledge of **secure coding practices**, vulnerability remediation, and risk management Comprehensive Experience with **programming languages** (Java, .NET, Python, JavaScript) and their security implications Able to write secure code Experience in **regulatory compliance** frameworks (OWASP Top 10, NIST, ISO 27001, PCI-DSS, RBI Guidelines) Strong leadership and stakeholder management skills Certifications preferred:** CISSP, OSWE, OSCP, CSSLP or any relevant security certification

Job Description: 5+ years of proven experience as a Full Stack Developer or similar role Strong hands-on Experience developing in Microsoft technologies: Visual Studio, C# .Net, VB Net, ASP .Net, ADO .Net, WCF,Web Services, IIS Strong development experience in Microsoft .NET framework and C#.NET and database systems such as SQL Server. Experience in writing SQL Stored Procedures, Functions, packages and debugging the code. Experience of using source control tools such as GIT. Experience in creating documents like required document, functional/technical specs, use case, test plans, ER diagrams, data flow diagrams etc. for allotted projects. Experience in working with multiple stakeholders, onshore/offshore Effectively communicate and understand project requirements Ability to self-manage development projects with good turn-around time Experience in Jenkins, CI/CD, Automation pipeline tools(nexus, harness, Jenkins ) Experience in Vulnerability fixation (Fortify, Webinspect, Sonatype, Sonarcube) .net technology stack (C#) and JavaScript frameworks (React, Node.js) MVC, API development HTML/ CSS, JavaScript, XML, jQuery MS-SQL database test-driven development with frameworks Experience with CI/CD tool About Virtusa Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 27,000 people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us. Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company, and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence. Virtusa was founded on principles of equal opportunity for all, and so does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

Associate, Learning and Development Key Specifications Education Qualification : Masters in HR preferable. Certification in L&D and psychometrics will be a value add No. of Years of Experience : Minimum 7 – 10 years working experience in Learning & Development Certifications: Certified Professional in Learning and Performance Psychometrics – MBTI, DISC, Hogan Functional Skills : Facilitation Content development L & D program Management Working knowledge of technologies used for Learning design & delivery TNA Learning Environment & Learner Profile Analysis Working knowledge of LMS Technical toolset: Expertise with e-development tools - Articulate 360, Adobe Captivate, Adobe Connect, HTML5, Experience with graphic design and video editing software - Adobe tools like Illustrator, Photoshop, will be a value add Behavioral & Leadership skills: Excellent Communication Stakeholder management Influencing & Collaboration Good to have: Use of personality assessment tools Instruction Design Learning Effectiveness Measurements – Creation & Deployment Experience with integrating media and media-based technology tools into online content Key Roles and Responsibilities of Position: Is invested with the responsibility of continuously scanning the internal and external environments to strategize and stay relevant to business needs and demonstrate L & D thought leadership. Strategize adoption of digital learning platforms and technologies that will strengthen the learning experience Will be accountable to deliver key projects to fortify the Skilling journey and experience in FBS India Facilitation : Facilitate / Deliver Leadership & Professional Development programs Support conceptualizing & designing interventions based on business needs. Facilitating Leadership workshops 2. Program Management : Own and manage identifying, creating, and implementing of learning solutions. Own quality, impact and penetration of learning solutions. Work with Learning Partners and HRBPs for creating / deploying programs aligned to business & employee training needs. Design and development of learning solutions leveraging L & D functional, technical and technological expertise Will Manage L & D Programs in line with overall market needs and be responsible for the quality, effectiveness, and penetration of the programs to achieve targeted business objectives. Own implementation of learning solutions inclusive of content creation, roll out, reach, TTT, Delivery & Content quality, Impact assessments. Lead/Support end to end program management for key initiatives Report to Leadership on effectiveness and impact of programs Evaluate vendors and external SMEs for programs that need to be outsourced. 3. Business Liaison - Accountable to deliver L & OD interventions that will create perceptible desired change. Connect regularly with skill team leaders and HR business partners to understand learning needs based on business goals, business pain points and skill gaps Propose learning solutions for employee, team or organization level capability building based on TNA Create Annual Learning Plan for the respective skill teams Report to skill team leaders on a periodic basis on learning plan implementation and L &OD impact 4. Instruction Design & Technology Develop and deliver digital and interactive resources - webinars, online courses, podcasts , online simulations etc Support learning programs through use of online tools and resources Support creation of media content for online learning courses including script development, as well as video, graphic, animation, and interactive elements. 5. Processes: Support in communication and branding of programs and projects in L & D Communicate L & D Metrics in Key Forums Ensure L & D activities adhere to compliance and audit needs

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards.Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Join Strategy’s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy’s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments & Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling & Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response & Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness & Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Qualifications Bachelor’s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP). Fluent in one or more programming languages, such as Python, Java, JavaScript Strong knowledge of secure coding principles and application security frameworks Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners) Understanding of security standards and regulations (e.g., OWASP, NIST) Hands-on experience with Generative AI and/or ML in creating innovative applications that enhance productivity and efficiency, coupled with a strong eagerness to learn Experience with cloud security best practices in AWS, Azure, or GCP. Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills Full-time in person from Strategy Office a minimum of 4 days per week Additional Information The recruitment process includes online assessments as a first step (English, logic, design, technical) - we send them via e-mail, please check also your SPAM folder