1625 Owasp Jobs

About ValGenesis ValGenesis is a leading digital validation platform provider for life sciences companies. ValGenesis suite of products are used by 30 of the top 50 global pharmaceutical and biotech companies to achieve digital transformation, total compliance and manufacturing excellence/intelligence across their product lifecycle. Learn more about working for ValGenesis, the de facto standard for paperless validation in Life Sciences: https://www.youtube.com/watch?v=tASq7Ld0JsQ About the Role: We are looking for experienced product development engineers/experts who could join our flagship VLMS product engineering team to implement the product enhancements and support our global customers. If you are a technology enthusiast and have passion to develop enterprise products with quality, security, and performance, we are eager to discuss with you the potential role. Responsibilities Understand the business requirements and technical constraints and architect/design/develop. Participate in the complete development life cycle. Review the architecture/design/code of self and others. Develop enterprise application features using C#, ASP .NET development framework. Own and be accountable for the Quality, Performance, Security and Sustenance of the respective product deliverables. Strive for self-excellence along with enabling success of the team/stakeholders. Requirements 2 to 4 years of experience in developing enterprise software products Must have strong experience in ASP .NET Web Forms with C# Strong experience in SQL, MS SQL Server Experience in Javascript, JQuery, AngularJS Good knowledge of Web Services, Web API, WCF, LINQ, IIS 7.0+ Knowledge/Experience in SSO integration using LDAP, ADFS, OKTA, PING Knowledge/Experience in HTML5, XML, OOXML, XAML, WPF, CSS, Bootstrap Knowledge/Experience in XSS, SSL, TLS, OWASP standards Knowledge/Experience in DevExpress report, SSRS, Crystal Reports, BI Components Knowledge of Code Quality, Code Monitoring, Performance Engineering, Test Automation Tools We’re on a Mission In 2005, we disrupted the life sciences industry by introducing the world’s first digital validation lifecycle management system. ValGenesis VLMS® revolutionized compliance-based corporate validation activities and has remained the industry standard. Today, we continue to push the boundaries of innovation enhancing and expanding our portfolio beyond validation with an end-to-end digital transformation platform. We combine our purpose-built systems with world-class consulting services to help every facet of GxP meet evolving regulations and quality expectations. The Team You’ll Join Our customers’ success is our success. We keep the customer experience centered in our decisions, from product to marketing to sales to services to support. Life sciences companies exist to improve humanity’s quality of life, and we honor that mission. We work together. We communicate openly, support each other without reservation, and never hesitate to wear multiple hats to get the job done. We think big. Innovation is the heart of ValGenesis. That spirit drives product development as well as personal growth. We never stop aiming upward. We’re in it to win it. We’re on a path to becoming the number one intelligent validation platform in the market, and we won’t settle for anything less than being a market leader. How We Work Our Chennai, Hyderabad and Bangalore offices are onsite, 5 days per week. We believe that in-person interaction and collaboration fosters creativity, and a sense of community, and is critical to our future success as a company. ValGenesis is an equal-opportunity employer that makes employment decisions on the basis of merit. Our goal is to have the best-qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, gender identity, national origin, disability, or any other characteristics protected by local law.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud.You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What you will be doing: Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, andnotification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of theSDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What we'll want you to have: You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for DASTBurp Suite, OWASP Zap, Invicti, AppScan SAST/SCAFortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface ManagementOWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful securityinitiatives. Understanding of software development; how applications and systems are designed, built, and break is critical. UnderstandDevSecOpscultural mindsets, and an engineering-focused approach to solvingcomplexsecurity problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes. The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Role Profile Senior Application Security Engineer Department Information Security/ Cybersecurity Reports ToManager / Lead Security Engineer Location :Hyderabad (WFO) Role Summary: The Security Engineer will play a critical role in strengthening the security posture of applications and infrastructure by implementing secure development practices, performing vulnerability assessments, and integrating security into the SDLC. The ideal candidate will have hands-on experience with OWASP ASVS, security testing tools like ZAP, and a solid understanding of Python-based backend systems. Key Responsibilities: Implement and enforce security policies aligned with OWASP ASVS 4.0.3. Conduct Static and Dynamic Application Security Testing (SAST/DAST) using tools such as ZAP, Fortify, Burp Suite, and GitHub security. Collaborate with DevOps teams to embed security in CI/CD pipelines. Perform threat modelling and risk assessments for applications and APIs. Identify and remediate security vulnerabilities in Python-based services. Prepare and support documentation for STQC audits and other compliance processes. Create and maintain secure coding guidelines for developers. Track and manage vulnerabilities using centralized dashboards or ticketing systems. Collaborate with developers and QA teams during SDLC to ensure secure code deployment. Required Qualifications & Skills: 810 years of Overall experience in IT . 56 years of hands-on experience in Application Security. Strong knowledge of OWASP Top 10 and OWASP ASVS frameworks. Practical experience with ZAP, Fortify, Burp Suite, or similar tools. Good understanding of Python backend services and typical security flaws. Knowledge of CI/CD security integration tools and methodologies. Familiarity with STQC security processes and regulatory compliance documentation. Knowledge of SAST/DAST/IAST methodologies and modern DevSecOps practices. Bachelors degree in computer science, Cybersecurity, or related discipline. Soft Skills: Strong analytical and problem-solving abilities. Excellent written and verbal communication skills. Collaboration and team orientation. High attention to detail and documentation. Strong stakeholder management across development, DevOps, and compliance teams. Preferred Qualifications: Certifications such as OSCP, CISSP, CEH, or GWAPT. Exposure to cloud security (AWS/GCP/Azure). Scripting knowledge for automation using Python or Bash. Experience with container and Kubernetes security tools. Key Relationships: InternalDevelopment Teams, DevOps Teams, QA Teams, Compliance Team, Product Owners ExternalAuditors, Regulatory Authorities (e.g., for STQC), Security Vendors Role Dimensions: Team Size: Individual contributor or small security team lead Scope: Application security coverage across all internal and external apps Impact: High directly impacts risk mitigation, compliance, and secure software delivery Success Measures (KPIs): % of vulnerabilities resolved within SLA Number of applications onboarded to security tools Security issues found in pre-production vs post-deployment Developer adoption rate of secure coding practices STQC and other audit clearance rates Mean time to detect and remediate vulnerabilities Competency Framework Alignment: Technical Expertise Deep understanding of of AppSec tools and practices Results Orientation Works cross-functionally with technical teams Problem Solving Strong in analysing and resolving security issues Communication Explains complex security concepts to non-tech teams Adaptability Takes ownership of vulnerabilities and resolutions

Date 31 May 2025 Location: Bangalore, IN Company Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Could you be the full-time Security into Project Specialist in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. Youll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, youll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. Youll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. Well look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with cutting-edge security standards for rail signalling Collaborate with transverse teams and supportive colleagues Contribute to innovative projects that shape the future of transportation Utilise our dynamic working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards leadership roles within the cybersecurity domain Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Date 7 Jun 2025 Location: Bangalore, KA, IN Company Alstom Req ID:478631 Could you be the full-time Cybersecurity Engineer Cyber Applications in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and system/network administration expertise in a new cutting-edge field. Youll work alongside innovative, dedicated, and supportive teammates. You'll maintain and enhance the security of Alstoms products and solutions, ensuring the integrity and resilience of our transport networks. Day-to-day, youll work closely with teams across the business (such as V&V, platform validation, and regional cybersecurity), execute design and deployment activities, and much more. Youll specifically take care of the maintenance of cybersecurity tools and applications, but also prepare and execute design & deployment activities for various projects and programs. Well look to you for: Maintaining cybersecurity tools and applications Preparing and executing design & deployment activities Executing specific testing activities and preparing reports Supporting validation and verification teams Acting as the administrator for cybersecurity applications Identifying cybersecurity tools and practices and providing guidance All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Computer Science, Information Technology, or equivalent Experience or understanding of cybersecurity in the context of industrial control systems or network administration Knowledge of design & deployment of NIDS such as Fortinet, Nozomi, Dragos, etc. Familiarity with system administration of Windows or Linux servers/systems A certification like MCSE, RHCE, LPIC, CCNA, or Network+ Preferably a cybersecurity certification like ECSA, Security+ Strong communication skills and the ability to work in a matrix organization Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with new security standards for rail signalling Collaborate with transverse teams and helpful colleagues Contribute to innovative projects Utilise our flexible working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards roles of greater responsibility and leadership Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation: Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development: Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration: Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness: Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration: Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Vulnerability Management Preferred technical and professional experience Qualys

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About Team The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes. About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 3-7 years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures. Key Responsibilities: Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. Follow up on and ensure closure of non-compliance issues identified during audits. Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure. Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Experience/ Skills Required: Minimum 5 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries. Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation. Hands-on experience with vulnerability management, risk management, physical security, identity & access management, encryption, secure development, incident management, security infrastructure, and security policy for both on-premises and cloud environments. Expertise in third-party risk management, regulatory compliance, and managing IT audit findings in both traditional and cloud-based contexts. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Qualifications & Certification: Bachelor's / Master s degree in Information Technology, Cyber Security, or a related field. ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Why join us 1. A collaborative output driven program that brings cohesiveness across businesses through technology 2. Improve the average revenue per use by increasing the cross-sell opportunities 3. A solid 360 feedback from your peer teams on your support of their goals 4. Respect, that is earned, not demanded from your peers and manager Compensation: If you are the right fit, we believe in creating wealth for you With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants - and we are committed to it. India s largest digital lending story is brewing here. It s your opportunity to be a part of the story!

Hello Visionary! We know that the only way a business thrive is if our people are growing. That’s why we always put our people first. Our global, diverse team would be happy to support you and challenge you to grow in new ways. Who knows where our shared journey will take you We are looking for Product and Solution Security Expert (PSSE) How do you craft the future Smart BuildingsWe’re looking for the makers of tomorrow, the hardworking individuals ready to help Siemens transform entire industries, cities and even countries. Get to know us from the inside, develop your skills on the job. You’ll make a difference by: 1. Integration with SDLC: Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Perform security code reviews and analyze vulnerabilities during different SDLC phases. Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. 2. Security Activities: Develop and implement security protocols, guidelines, and best practices for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. 3. Stakeholder Interaction: Work closely with key stakeholders, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical stakeholders. Foster a security-aware culture within the development teams and across the organization. 4. Security Tools and Technologies: Implement and manage security tools such as static and dynamic analysis tools, intrusion detection systems, and vulnerability scanners. Stay updated with the latest security tools, trends, and best practices to enhance the organization's security posture. 5. Incident Response: Assist in the development and implementation of incident response plans and procedures. Participate in security incident investigations and provide expertise in resolving security breaches. 6. Training and Awareness: Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security. You’ll win us over by: 1. Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. 3. Certification Preferred: Certified Secure Software Lifecycle Professional (CSSLP). Experience: Proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key stakeholders and supporting security activities within software products. You’ll win us over by: Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. Minimum 5 years of experience in cybersecurity, with a focus on application security. We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Create a better #TomorrowWithUs! This role, based in Pune, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow Find out more about the Digital world of Siemens here[1] www.siemens.com/careers/digitalminds Find out more about Siemens careers at[2] www.siemens.com/careers

Hello Visionary ! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. We are looking for a highly skilled and motivated Product & Solution Security Professional to join our team. The ideal candidate will be responsible for defining secure design principles and supporting cross-functional teams to ensure secure architecture, implementation, and testing of products and solutions. Key Responsibilities Integration with SDLC Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. Perform security code reviews and analyze vulnerabilities during different SDLC phases. 2. Security Activities Develop and implement security protocols, guidelines, and best practices for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. Stakeholder Interaction Work closely with key stakeholders, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical stakeholders. Foster a security-aware culture within the development teams and across the organization . 4. Security Tools and Technologies Implement and manage security tools such as static and dynamic analysis tools and vulnerability scanners. Stay updated with the latest security tools, trends, and best practices to enhance product’s security posture. 5. Training and Awareness Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security . Skills and Qualifications 1. Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. 3. Certification Preferred CEH, Certified Secure Software Lifecycle Professional (CSSLP) or equivalent. Experience Proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key stakeholders and supporting security activities within software products. Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. 7 - 10 years of experience in cybersecurity, with a focus on application security. Make your mark in our exciting world at Siemens . This role, based in Bangalore , is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow We’ll support you with Hybrid working opportunities. Diverse and inclusive culture. Variety of learning & development opportunities. Attractive compensation package. Find out more about Siemens careers at www.siemens.com/careers

The key requirement is to have a passion for developing high quality, highly available services. Candidates that have been successful in this area are typically proficient using a CLI, have a strong desire to work within a CI/CD environment, have a passion for embracing new cloud technologies, and are great team workers that are willing to turn their hand to whatever the highest priority issue of the day happens to be. You need to be collaborative, tenacious, be able to handle responsibility, and love learning new techniques and tools. As a member of the data services team you will join the primary on-call rotation (includes weekends) where you will be the primary responder for day to day operational issues. Working closely with our worldwide teams, this provides a unique opportunity to gain first-hand experience with the latest database technologies. The services must meet stringent availability targets 24x7 in all datacenters across the globe. You will follow runbooks to resolve such issues and use your troubleshooting and analytical skills to diagnose or troubleshoot platform or Data Service issues. Key Responsibilities: Design, build, and maintain our RESTful Ruby on Rails API, adhering to OpenAPI standards. Utilize OpenAPI (Swagger) to create clear and comprehensive API documentation, ensuring easy adoption and integration by other teams and external developers. Write clean, maintainable, and well-tested code, ensuring high standards of code quality and performance. Work closely with front-end developers, product managers, and other stakeholders to translate requirements into technical solutions. Develop automated tests to ensure API reliability and stability. Identify and fix bugs and performance bottlenecks. Manage API versioning to ensure backward compatibility and a smooth transition between different API versions. Adhere to best practices including unit and automated testing, code quality, and peer review of pull requests. Participate in sprint planning and backlog grooming sessions, providing insights on the size and complexity of tasks. Mentor other members of the team, fostering a culture of continuous learning and improvement. Offer opinions and insights on new and upcoming features, shaping the functionality within the product. Stay updated with the latest developments in the open-source community and front-end technologies. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Technical Skills: 3+ years of experience in backend development with Ruby on Rails, specifically in building and maintaining RESTful APIs. Strong experience with OpenAPI standards, including API design, documentation, and versioning. Experience with RSpec, Minitest, or similar testing frameworks. Knowledge of CI/CD pipelines, cloud deployment practices, and Kubernetes environments. Knowledge of OWASP best practices and vulnerability management. Prior experience in a similar role within a development organization preferably cloud based. Experience with Go and Python and is preferred Preferred technical and professional experience Strong problem-solving skills. Strong communication skills to interact with various stakeholders. Ability to work collaboratively with a small cross-functional team of engineers, PMs, designers, and researchers. Empathy for user challenges and focus on building user-centric solutions. Ability to scope solutions collaboratively and work comfortably with ambiguity. Ability to mentor team members and foster a culture of continuous improvement. Enjoy high-visibility work and presenting to stakeholders. Comfortable working in an agile, fast paced environment. Passion for following the latest developments in the open-source community and front-end technologies. Preferred Qualifications: A degree in Computer Science, Engineering, or a related field is preferred, but equivalent practical experience is also considered.

As a Security Consultant, you play a pivotal role as a key advisor for IBM's clients. Your primary responsibility is to analyze business requirements and leverage your expertise to design and implement optimal security solutions tailored to meet the unique needs of our clients. Your technical skills will be crucial in finding the delicate balance between enabling and securing our client's organization, utilizing cognitive solutions that have contributed to making IBM the fastest-growing enterprise security business globally. - Develop a deep technical understanding of IBM Public Cloud offerings and infrastructure - Plan and perform red team exercises against various cloud offerings - Plan and perform full stack security tests against various system(s) and application(s) independently as well as within a team - Engage in security monitoring and visibility improvement activities across the IBM Public Cloud organization - Thoroughly document techniques, tactics, and proof of concepts used during security testing and red team exercises - Communicate with various business and technology leaders to interpret identified vulnerabilities and assist in the development and planning for risk mitigation plans - Research and continuously improve skills in attacker tools, methods, and techniques - Lead by example for the greater red team in professionalism, communication, and technical expertise Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 3+ years of demonstrating experience in planning and executing penetration tests/red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies Demonstrates strong understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications. Demonstrates strong ability to communicate highly technical aspects to Executives and IT staffs, respectively Demonstrates ability by creating custom tools for penetration testing and contributing to opensource technologies Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.) Possess one or more of the following credentialsOSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, CRTP, Crest Penetration Certification. Familiarity with serverless services, containerization and other cloud technologies Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK 3+ years of demonstrating experience in system or application administration role(s) Preferred technical and professional experience 5+ years of demonstrating experience in planning and executing penetration tests/red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies Understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications. Ability to communicate highly technical aspects to Executives and IT staff, respectively Demonstrates ability by creating custom tools for penetration testing and contributing to opensource technologies Expertise in developing exploits and customized attack tooling and approaches Demonstratedsecurity research leading to bug bounty and CVE awards Deep understanding of serverless services, containerization and other cloud technologies Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.) CGood to have one of these certsCRTP, CEH, OSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, CRTP, Crest Penetration Certification. Familiarity with serverless services, containerization and other cloud technologies Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK 5+ years of demonstrating experience in system or application administration role(s)

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of. *Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations Job Description & Summary: Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: · Good interpersonal skills (written and oral communication) and ability to articulate complex issues · Ability to communicate technical · information clearly and concisely, commensurate with the audience · Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. · Good communicator (written and verbal) and listener. · Must be a team player and motivated self-starter with ability to work independently with limited supervision. · Must be assertive, methodical and detail oriented Technical Experience: · Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing · Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities · Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools · Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. · Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) · Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets · Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools · Map out a network, discover ports and services running on the different exposed network and security devices · Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. · In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. · Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage · Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 2-10 Years Education qualification: B.Tec Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: · Good interpersonal skills (written and oral communication) and ability to articulate complex issues · Ability to communicate technical · information clearly and concisely, commensurate with the audience · Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. · Good communicator (written and verbal) and listener. · Must be a team player and motivated self-starter with ability to work independently with limited supervision. · Must be assertive, methodical and detail oriented Technical Experience: · Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing · Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities · Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools · Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. · Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) · Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets · Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools · Map out a network, discover ports and services running on the different exposed network and security devices · Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. · In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. · Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage · Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 2-10 Years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage {+ 13 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Senior Security Consultant Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity As a Security Consultant, the individual will provide security guidance to internal IT project teams responsible for delivering business solutions, with a focus on end user technology and related solutions. They will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout the system development life cycle (SDLC) in an agile environment. Your Key Responsibilities The successful candidate is expected to perform risk assessments of mobile applications, mobile and desktop end user technology platforms, infrastructure systems and solutions; effectively articulate findings and recommendations to internal customers and management; and they will be expected to work on multiple projects and tasks concurrently. Skills And Attributes For Success Solid understanding of key security and privacy issues, risks and threats, and ability to apply this expertise across business needs via internal consulting and security risk assessment types of activities. Strong written and verbal communication skills are essential Proven background in IT risk assessments, and knowledge of good security practices and controls used in applications and infrastructure. Translate technical vulnerabilities and security risks into business risk terminology for business units and recommend corrective actions to customers and project stakeholders. Ability to document and produce important artefacts on risk assessments, engagement Statements of Work, process, minimum security baselines and presentations on security risks. Manage customer expectations and deliver quality security consulting services while balancing business objectives with security requirements. Ability to partner with technical teams in a practical manner when conflicting interests arise while preserving EY core security principles and policies. Ability to proactively lead, own and research security related subject matters when required to take a position or resolve issues. Ability to collaborate to facilitate and enhance the understanding & compliance to security policies. To qualify for the role, you must have A minimum of 8-10 years of experience in an Information Security or Information Technology subject area. Two or more years of experience with iOS and Android security such as mobile application security analysis, mobile application penetration testing, mobile threat modelling, mobile device forensics, and assessing mobile device security capabilities. Three or more years of experience with understanding and defining good security practices for end user technology platforms (e.g., iOS, Android, macOS, Windows 10), multi-tier information systems, applications (e.g., web, mobile, desktop), and End Point Security solutions. Working experience in performing security risk assessments for information systems and applications such as those for web, desktop, and mobile. Develop appropriate risk treatment and mitigation options to address security risks identified during security reviews or risk assessments. Good interpersonal, communication, organizational and project management skills. Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change. Ideally,you will also have One or more years of experience with iOS and Android mobile application development, Agile Methodology, Continuous Integration / Continuous Delivery, and IoT security. Knowledge or experience with Microsoft Azure cloud technology stack (e.g., M365, SharePoint, OneDrive for Business, Intune, Conditional Access) and Azure cloud applications. Knowledge of common information security standards and risk analysis methodologies, such as: ISO 27001/27002, NIST, PCI, COBIT, ISF IRAM2, and OWASP. What We Look For We look for people who are customer-centric with good interpersonal, communication and organizational skills. The ideal candidate will have flexibility in adjusting to multiple demands, shifting priorities, ambiguity, rapid change, and an ardent desire to learn. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here is a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less

Themesoft is seeking Java Web Application Developers for one of our clients. Experience: 5-10 years of experience is mandatory. Location: Chennai (Hybrid) Position: Senior Java Developer Type: Full-Time Notice Period: Maximum 45 days of Notice period ✅ Requirements: 5+ years of hands-on experience in Java web application development. Strong proficiency in JSP , Servlets , and Java frameworks Proven experience managing and upgrading dependencies using Maven or Gradle Experience using Eclipse IDE for Java development Solid understanding of secure coding principles and familiarity with the OWASP Top 10 Comfortable with Git version control, including branching strategies, pull requests, and code reviews Strong communication skills with the ability to work both independently and in distributed teams If you are interested, share updated resume with mythili@themesoft.com #SeniorJavaDeveloper #JavaJobs #ChennaiJobs #HybridJobs #FullTimeJob #JavaDevelopment #SecureCoding #OWASPTop10 #LegacyCode #Maven #Gradle #EclipseIDE #GitWorkflow #JavaCareers #HiringNow #TechJobsIndia #SoftwareEngineering #BackendDeveloper #JavaExperts #ExperiencedProfessionals Show more Show less

Job Summary Auriga is looking for a Software Engineer who can develop and deploy APIs and Web applications using Java MVC Frameworks and power a variety of leading-edge digital products. You’ll need to bring creative thinking and architectural problem solving to the table, to devise optimal technical solutions, along with highly performant user experiences. Responsibilities Work with business users to gather functional requirements Combine your technical expertise and problem-solving passion to turn complex problems into end-to-end solutions Work with client architect/senior developers to do high level/low level design/architecture. Design and implement high-quality, test-driven BE code for various projects Unit Testing/Integration Testing Code Configuration and Release Management. Create and maintain documentation, implement and follow best practices for development workflow. Work collaboratively with team members to ensure deadlines are met. Stay current on changes in technology and keep adding to your skillset. Qualifications Minimum 2 Years of experience in Web Application and API development in Java 8 and above Working experience with MVC frameworks like Spring, Play, etc. Experience with Multi-threading, Collections, and concurrent API Working experience with web-services and APIs (REST, SOAP) Working experience with data platforms (relational and/or NoSQL) and messaging technologies Excellent OOPs, data structure, and algorithm knowledge Understanding & experience in API management, Swagger Working knowledge of API Testing Tools (e.g. Postman), Version control systems like GIT. Working experience with LINUX/UNIX environment and shell scripts Proficiency in English Strong collaborator and comfortable to work in an agile, remote and distributed team environment Follow secure coding practices and ensure data protection, authentication, and authorization mechanisms are implemented effectively (e.g., OAuth2, JWT). Knowledge of OWASP Top 10 and implementation of security controls in APIs. Nice to have Experience in one or more front-end development technologies Experience in developing microservices in Spring Boot. Experience writing high-quality code with fully automated unit test coverage (Junit, Mockito, etc.) Experience defining and applying design/coding standards, patterns, and quality metrics depending on the solution Working experience with various CI/CD systems (Jenkins, Docker, Kubernetes) and build tools (ant, maven, gradle, etc.). Working experience creating high performing applications, including profiling and tuning to improve performance Experience with application logging and monitoring using tools like ELK Stack, Prometheus, Grafana, or New Relic Experience in Scrum/Agile Knowledge of public cloud infrastructures (AWS, Azure, GCP) Knowledge of one or more security or integration framework (PING, Octa) Familiarity with services such as S3, Lambda, EC2, IAM, CloudWatch, or RDS is a plus. Understanding of API rate limiting, request throttling, caching strategies (e.g., Redis), and gateway tools like Kong, Apigee, or AWS API Gateway. Ability to take full ownership of assigned modules or projects with minimal supervision. About Company Hi there! We are Auriga IT. We power businesses across the globe through digital experiences, data and insights. From the apps we design to the platforms we engineer, we're driven by an ambition to create world-class digital solutions and make an impact. Our team has been part of building the solutions for the likes of Zomato, Yes Bank, Tata Motors, Amazon, Snapdeal, Ola, Practo, Vodafone, Meesho, Volkswagen, Droom, ICICI and many more. We are a group of people who just could not leave our college-life behind and the inception of Auriga was solely based on a desire to keep working together with friends and enjoying the extended college life. Who Has not Dreamt of Working with Friends for a Lifetime Come Join In! https://www.aurigait.com/

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in India. We perform testing of web and smartphone applications, computer networks, cloud infrastructure, hardware devices, employees via social engineering, organizations via red team testing, and more. As an Offensive Security Consultant, you’ll be reporting to a Vice President in our APAC Offensive Security team and deliver projects for some of the biggest enterprises in the world. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. Below are the roles and responsibilities for the Consultant, Offensive Security role based in India: Day To Day Responsibilities Execute offensive security and consultative engagements for our clients’ applications, cloud assets, and infrastructure Author deliverables such as vulnerability reports and executive reports Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations Keep your skills and knowledge up to date with the latest trends in cybersecurity and emerging technology Willingness to work in EST Time zone Essential Traits 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Top 10, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Prerequisites Bachelor’s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration Excellent oral and written communication skills Experience working both as part of a team and independently About Kroll Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll. Kroll is committed to equal opportunity and diversity, and recruits people based on merit. In order to be considered for a position, you must formally apply via careers.kroll.com Show more Show less

Penetration Tester Role: The Penetration Tester, will provide broad and in depth knowledge to conduct offensive cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques. Penetration Testing Duties and Responsibilities: Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired, wireless networks, and mobile applications/devices, Cloud(Azure, AWS, Google Etc) apps and software’s. Set up environment and maintain required tools needed for the team. Lead and manage Penetration Testing team and Supporting vendors to get qualitative deliveries to our customer. Develop and maintain security testing plans Able to automate penetration and other security testing on networks, systems and applications. Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk. Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, vendors and regulators Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests. Foster and maintain relationships with key stakeholders and business partners Certificates: Must Have Offensive Security Certified Professional (OSCP) Good to have CREST Registered Penetration Tester (CRT) Certified Ethical Hacker (CEH) Certification GIAC Certified Penetration Tester (GPEN) Penetration Testing Expert Requirements and Qualification: Previous working experience as a Penetration Testing Expert for 5 - 7 year BE in Computer Information Systems, Management Information Systems, or similar relevant field In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Must know about standard Industry security Practices (OWASP, SANS, etc), Knowledgeable about industry Security guidelines and compliance such as ISO27001, SOC2, HIPPA etc. Hands on experience with testing frameworks such as the PTES and OWASP. Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud Critical thinker and problem solver Excellent organizational and time management skills Show more Show less

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in India. We perform testing of web and smartphone applications, computer networks, cloud infrastructure, hardware devices, employees via social engineering, organizations via red team testing, and more. As an Offensive Security Consultant, you’ll be reporting to a Vice President in our APAC Offensive Security team and deliver projects for some of the biggest enterprises in the world. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. Below are the roles and responsibilities for the Consultant, Offensive Security role based in India: Day To Day Responsibilities Execute offensive security and consultative engagements for our clients’ applications, cloud assets, and infrastructure Author deliverables such as vulnerability reports and executive reports Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations Keep your skills and knowledge up to date with the latest trends in cybersecurity and emerging technology Willingness to work in EST Time zone Essential Traits 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Top 10, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Prerequisites Bachelor’s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration Excellent oral and written communication skills Experience working both as part of a team and independently About Kroll Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll. Kroll is committed to equal opportunity and diversity, and recruits people based on merit. In order to be considered for a position, you must formally apply via careers.kroll.com Show more Show less

Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of penetration testers in India. We perform testing of web and smartphone applications, computer networks, cloud infrastructure, hardware devices, employees via social engineering, organizations via red team testing, and more. As an Offensive Security Consultant, you’ll be reporting to a Vice President in our APAC Offensive Security team and deliver projects for some of the biggest enterprises in the world. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. Below are the roles and responsibilities for the Consultant, Offensive Security role based in India: Day To Day Responsibilities Execute offensive security and consultative engagements for our clients’ applications, cloud assets, and infrastructure Author deliverables such as vulnerability reports and executive reports Engage with our clients to understand their requirements, update them on project status, answer their queries, and present your findings and recommendations Keep your skills and knowledge up to date with the latest trends in cybersecurity and emerging technology Willingness to work in EST Time zone Essential Traits 2+ years in cybersecurity, with at least 1 year in penetration testing, cloud security, or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Top 10, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Prerequisites Bachelor’s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration Excellent oral and written communication skills Experience working both as part of a team and independently About Kroll Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll. Kroll is committed to equal opportunity and diversity, and recruits people based on merit. In order to be considered for a position, you must formally apply via careers.kroll.com Show more Show less

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Senior Security Consultant Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity As a Security Consultant, the individual will provide security guidance to internal IT project teams responsible for delivering business solutions, with a focus on end user technology and related solutions. They will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout the system development life cycle (SDLC) in an agile environment. Your Key Responsibilities The successful candidate is expected to perform risk assessments of mobile applications, mobile and desktop end user technology platforms, infrastructure systems and solutions; effectively articulate findings and recommendations to internal customers and management; and they will be expected to work on multiple projects and tasks concurrently. Skills And Attributes For Success Solid understanding of key security and privacy issues, risks and threats, and ability to apply this expertise across business needs via internal consulting and security risk assessment types of activities. Strong written and verbal communication skills are essential Proven background in IT risk assessments, and knowledge of good security practices and controls used in applications and infrastructure. Translate technical vulnerabilities and security risks into business risk terminology for business units and recommend corrective actions to customers and project stakeholders. Ability to document and produce important artefacts on risk assessments, engagement Statements of Work, process, minimum security baselines and presentations on security risks. Manage customer expectations and deliver quality security consulting services while balancing business objectives with security requirements. Ability to partner with technical teams in a practical manner when conflicting interests arise while preserving EY core security principles and policies. Ability to proactively lead, own and research security related subject matters when required to take a position or resolve issues. Ability to collaborate to facilitate and enhance the understanding & compliance to security policies. To qualify for the role, you must have A minimum of 8-10 years of experience in an Information Security or Information Technology subject area. Two or more years of experience with iOS and Android security such as mobile application security analysis, mobile application penetration testing, mobile threat modelling, mobile device forensics, and assessing mobile device security capabilities. Three or more years of experience with understanding and defining good security practices for end user technology platforms (e.g., iOS, Android, macOS, Windows 10), multi-tier information systems, applications (e.g., web, mobile, desktop), and End Point Security solutions. Working experience in performing security risk assessments for information systems and applications such as those for web, desktop, and mobile. Develop appropriate risk treatment and mitigation options to address security risks identified during security reviews or risk assessments. Good interpersonal, communication, organizational and project management skills. Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change. Ideally,you will also have One or more years of experience with iOS and Android mobile application development, Agile Methodology, Continuous Integration / Continuous Delivery, and IoT security. Knowledge or experience with Microsoft Azure cloud technology stack (e.g., M365, SharePoint, OneDrive for Business, Intune, Conditional Access) and Azure cloud applications. Knowledge of common information security standards and risk analysis methodologies, such as: ISO 27001/27002, NIST, PCI, COBIT, ISF IRAM2, and OWASP. What We Look For We look for people who are customer-centric with good interpersonal, communication and organizational skills. The ideal candidate will have flexibility in adjusting to multiple demands, shifting priorities, ambiguity, rapid change, and an ardent desire to learn. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here is a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less