5 Iast Jobs

Join us as an Application Security Consultant at Barclays, where you will play a key role in supporting the successful delivery of Location Strategy projects while adhering to plan, budget, agreed quality, and governance standards. You will be at the forefront of evolving our digital landscape, driving innovation, and ensuring excellence in our digital offerings to provide unparalleled customer experiences. To excel in this role, you should possess a strong understanding of CVEs, CWEs, and their impact on applications. Additionally, you must have in-depth knowledge of various AppSec technologies such as SAST, DAST, SCA, IAST, and RASP. Proficiency in at least one programming language and framework, as well as experience in writing scripts in languages like Python and JavaScript, are essential skills for this position. Desirable skill sets to have include the ability to showcase expertise in low-level technical topics, such as native development on any platform, and experience with languages used in modern mobile development like Java+JNI, Objective C, and Swift. Familiarity with concepts like reverse engineering, assembly, and mobile code hardening techniques will be beneficial. Furthermore, the ability to replicate vulnerabilities in a lab environment is a plus. As an Application Security Consultant, you will be based in Pune and will be responsible for supporting various business areas with day-to-day tasks, including processing, reviewing, reporting, trading, and issue resolution. You will collaborate with teams across the bank to align operational processes, identify areas for improvement, and implement operational procedures and controls to mitigate risks while maintaining efficiency. In this role, you will also develop reports and presentations on operational performance, identify industry trends, and participate in projects to enhance operational efficiency. As an Assistant Vice President, you will consult on complex issues, advise People Leaders on escalated matters, and contribute to risk mitigation and policy development. You will take ownership of managing risk, collaborate with other business areas, and engage in data analysis to creatively solve problems and communicate complex information effectively. Your role will also involve influencing stakeholders to achieve desired outcomes. All colleagues at Barclays are expected to embody the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset of Empower, Challenge, and Drive. Your commitment to these values and mindset will serve as our moral compass and guide our behavior within the organization.,

Organization: At CommBank, we never lose sight of the role we play in other peoples financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things. Job Title: : Staff Security Engineer Location: Bangalore Business & Team: We&aposre building tomorrows bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australias future economy. CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk. The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers. The Security Engineering team protects the group and our customers from theft, loss and risk events, through effective and proactive management of cyber security, privacy and operational risk. Impact & Contribution: Designing and implementing secure solutions that align with group security policies, standards, and reference architecture. Work on threat modelling and can interpret and understand key cyber controls across the Group. Identify security requirements, qualify threats to design the IT systems and build countermeasures to minimise cyber risks. Collaborating with cross-functional teams to drive security outcomes throughout the design, build, and run phases of product development Supporting the adoption of modern scalable and high-velocity security practices, including Secure By Design, DevSecOps, and Automation Contributing to the continuous innovation and re-engineering of existing security engineering practices, including the development of practice strategies, patterns, and processes Staying up-to-date with the evolving technology landscape and providing expert guidance on security engineering best practices Supporting the response to high-profile security incidents, technology strategy and selection, and automation of security services Roles & Responsibilities: Provide deep technical hands-on Experience in security engineering, with a focus on design, strategy and implementation of secure solutions. Have strong understanding of security policies, standards, and reference architecture, and expertise in threat modelling, threat detection, control mapping, vulnerability analysis and control engineering risk identification. Are experienced in designing and building reusable security patterns and or solutions. Essential Skills: 8-12 years of experience in security engineering. Have experience with secure by design, DevSecOps, and Security automation (SAST, DAST, IAST) practices. Are experienced in designing and implementing enterprise Security Guidelines and Practices should have hands on experience in developing code , doing secure code Review , Threat modelling. Should have hands on experience securing Docker , Container and kubernitess. Experience with penetration testing and vulnerability assessment , and tool like OWASP ZAP or Burp Suite Familiarity with compliance frameworks, such as PCI-DSS or HIPAA Experience with AI/ML frameworks, libraries, and tools, such as TensorFlow, PyTorch, or Keras . Familiarity with Australian financial industry regulations and standards, such as the Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) Education Qualification: Bachelors degree or masters degree in engineering in Computer Science/Information Technology If you&aposre already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you&aposll need to apply through Sidekick to submit a valid application. Were keen to support you with the next step in your career. We&aposre aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 30/08/2025 Show more Show less

We are seeking a highly skilled and proactive Senior Consultant to implement security-as-code principles and automate security controls within CI/CD pipelines at Inspira Enterprise India. In this role, you will be instrumental in conducting secure code reviews, assisting developers in adopting secure coding practices, and deploying and managing a suite of security tools to enhance our overall security posture. Roles and Responsibilities: Implement security-as-code principles to embed security practices directly into the development workflow. Automate security controls within Continuous Integration/Continuous Delivery (CI/CD) pipelines to ensure continuous security validation. Conduct thorough secure code reviews to identify vulnerabilities and provide actionable feedback to development teams. Assist and guide developers in adopting and implementing secure coding practices. Deploy and manage various security tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Interactive Application Security Testing (IAST), and container security solutions. Skills Requirement: Proven experience in implementing security-as-code principles. Expertise in automating security controls within CI/CD pipelines. Strong experience in conducting secure code reviews. Ability to guide and assist developers in secure coding practices. Hands-on experience with deploying and managing security tools such as SAST, DAST, SCA, IAST, and container security solutions. QUALIFICATION: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Job Description Strategy is a pioneering organization dedicated to transforming businesses into intelligent enterprises through data-driven innovation. As a market leader in enterprise analytics and mobility software, we have revolutionized the BI and analytics space, empowering individuals to make informed decisions and reshaping the operational landscape of businesses. Additionally, Strategy is at the forefront of a groundbreaking shift in treasury reserve strategy by boldly adopting Bitcoin as a key asset, solidifying our position as an innovative force in the market. Join us in our mission to redefine financial investment and push the boundaries of analytics. At Strategy, we value our people as the cornerstone of our success. Join a team of smart, creative minds engaged in dynamic projects with cutting-edge technologies. Our corporate values bold, agile, engaged, impactful, and united form the foundation of our culture. As we navigate the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Become a part of an organization that thrives on innovation and challenges the status quo every day. Job Location: Pune, India (Full-time in person from Strategy Office, European Hours) Join Strategy's IT Security group as a Senior Application Security Engineer and play a pivotal role in safeguarding Strategy's software applications using modern security and AI tools. In this role, you will be responsible for implementing innovative security practices throughout the software development lifecycle to ensure the resilience of our software products against emerging threats and vulnerabilities. Your responsibilities will include: - Designing and implementing application security architecture and processes aligned with industry best practices and regulatory requirements. - Managing a risk-balanced Secure Software Development Life Cycle (SDLC) by incorporating threat modeling, secure code reviews, and security testing. - Identifying, triaging, and remediating security vulnerabilities through various security testing tools. - Performing advanced penetration testing and red teaming across web, mobile, and cloud applications. - Analyzing source code and providing security recommendations to developers to ensure adherence to secure coding best practices. - Leading and enhancing DevSecOps initiatives by integrating security automation within CI/CD pipelines. - Leading security incident response related to applications and collaborating with engineering teams for effective threat remediation. - Developing and leading customized security training programs for engineering teams. Qualifications: - Bachelor's degree in Computer Science, Engineering, or related field. - Minimum 5 years of software development or software security experience in an agile environment. - Hands-on experience with various security testing tools. - Deep knowledge of API security, containerized applications, AI/ML security risks, and infrastructure as code security. - Fluent in programming languages such as Python, Java, JavaScript. - Strong understanding of secure coding principles, application security frameworks, and security standards. - Experience with cloud security best practices in AWS, Azure, or GCP. - Strong interpersonal skills and ability to collaborate effectively with technical and non-technical stakeholders. - Experience mentoring junior engineers and leading security champions within development teams. Join Strategy and be a part of an organization that values innovation, excellence, and collaboration in shaping the future of analytics and financial investment.,

The Senior Manager of Information Security (External Role Description Application / Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing and executing strategic product/application security roadmap that is based on industry standard software security frameworks. You will plan, implement and track key initiatives focused on product / application security strategy, metrics, compliance, policy, developer awareness, training and stakeholder engagement. You will work closely with multiple teams that make up Information Security, Product Management, Engineering, Legal, Risk and Compliance to improve product / application security controls and drive impactful change to the team and its members. Responsibilities: Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. Lead a team of high performing individuals who create remediation plans, perform security reviews, and recommend security solutions to meet current and future needs for HMH products and applications. Drive the development and implementation of product and application standard security review processes that result in effective methods for reducing security risks before product releases. Demonstrate an ability to influence all project and portfolio stakeholders; communicate relevant security information to both executive leaders and individual contributors in an effective manner. Accountable for all aspects of staff management, hiring, coaching, training, performance reviews and recommending pay actions and promotions for the Security Engineering team Provide input into the Information Security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite of HMH. Collaborate closely with the Architecture teams Demonstrated experience handling the demand/supply of project and program resources and tracking allocation. Track policy exceptions and remediation dates through active engagement with development teams and operations teams. Partner with Audit teams to periodically audit controls and secure coding practices being followed by development teams. Staying abreast of latest cyber security threats both internal and external Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support Drive operational efficiency and excellence leveraging tools, process and automation with appropriate and transparency visibility and metrics that can meet SLAs/SLOs Support and implement controls and visibility to meet third party attestations (SOC2, ISO27001, GDPR, SOX) Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise What you should have: 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP and WAF. 5+ years of application engineering, architecture or development management experience Proficient analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information, translating security risk to business risk to driving actionable decisions across multiple levels and departments Experience in leading application security remediation work, leading the mitigation initiative to accommodate the developer community priority. Proficient experience with common web application attack vectors and related mitigation strategies that translate to controls within the organization You are highly organized. With many people doing many things in a fast-moving company, strong organizational skillsboth for yourself and for the teamwill be required