3 Mend Jobs

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud. You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What You Will Be Doing Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, and notification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of the SDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What We&aposll Want You To Have You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for: DAST: Burp Suite, OWASP Zap, Invicti, AppScan SAST/SCA: Fortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface Management: OWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful security?initiatives.? Understanding of software development; how applications and systems are designed, built, and break is critical. Understand?DevSecOps?cultural mindsets, and an engineering-focused approach to solving?complex?security problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes.? The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Show more Show less

DevSecOps Engineer Experience: 5 to 9 Years Budget: Up to 36 LPA Location: Hyderabad, Bangalore, Pune, Gurgaon, Chennai Notice Period: Immediate Joiners Only About the Role: Were seeking a skilled DevSecOps Engineer with a strong security mindset and hands-on experience in secure cloud deployments. This role demands practical knowledge of cloud platforms, Infrastructure as Code (IaC), CI/CD pipelines, and modern security tooling. You will be at the forefront of embedding security in every stage of the software development lifecycle. Key Skills & Responsibilities: Cloud: Experience with Azure or AWS IaC Tools: Expertise in Terraform Containerization: Working knowledge of Kubernetes CI/CD: Hands-on with any modern CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI, etc.) Security Tools (any): WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot Secret Management: Experience with HashiCorp Vault or Akeyless DevSecOps: Strong experience in integrating security into DevOps pipelines Mandatory Requirement: Security experience is mandatory DevSecOps exposure is highly preferred

Key Qualifications: A bachelors degree in computer science, software engineering, or a related discipline. An advanced degree (e.g., MS) is preferred but not required. Experience is the most relevant factor. Strong software engineering foundation with deep understanding of OOP/OOD, functional programming, data structures and algorithms, software design patterns, code instrumentations, etc. 5+ years proven experience with Python, Bash, PowerShell, JavaScript, C#, and Golang (preferred). 5+ years proven experience with CI/CD tools (Azure DevOps and GitHub Enterprise) and Git (version control, branching, merging, handling pull requests) to automate build, test, and deployment processes. 5+ years of hands-on experience in security tools automation SAST/DAST (SonarQube, Fortify, Mend), monitoring/logging (Prometheus, Grafana, Dynatrace), and other cloud-native tools on AWS, Azure, and GCP. 5+ years of hands-on experience in using Infrastructure as Code (IaC) technologies like Terraform, Puppet, Azure Resource Manager (ARM), AWS Cloud Formation, and Google Cloud Deployment Manager. 2+ years of hands-on experience with cloud native services like Data Lakes, CDN, API Gateways, Managed PaaS, Security, etc. on multiple cloud providers like AWS, Azure and GCP is preferred. Strong understanding of methodologies like, XP, Lean, SAFe to deliver high quality products rapidly. General understanding of cloud providers security practices, database technologies and maintenance (e.g. RDS, DynamoDB, Redshift, Aurora, Azure SQL, Google Cloud SQL) General knowledge of networking, firewalls, and load balancers. Strong preference will be given to candidates with AI/ML and GenAI. Excellent interpersonal and organizational skills, with the ability to handle diverse situations, complex projects, and changing priorities, behaving with passion, empathy, and care.