3198 Owasp Jobs - Page 11

Python Solution Architect (10+ Years) Location: Trivandrum/Cochin We are seeking an experienced Python Solution Architect to join our dynamic team. In this role, you will be responsible for designing and implementing scalable, high-performance software solutions that meet business requirements. You will collaborate with cross-functional teams to define architecture, best practices, and oversee the development process. Job Responsibilities • Architect scalable, efficient, and high-performance Python-based applications. • Design microservices architecture and cloud-native solutions using Python frameworks (e.g., Django, Flask, FastAPI). • Ensure Python solutions align with business goals and enterprise architecture. • Design and manage RESTful APIs and web services, leveraging Python's capabilities. • Expertise in selecting the right Python frameworks, libraries, and tools for different use cases. • Architect and optimize database interactions, including SQL and NoSQL databases. • Ensure efficient data processing, ETL pipelines, and integrations with data analytics platforms (e.g., Pandas, NumPy, SQLAlchemy). • Design seamless integrations with third-party services, APIs, and external systems using Python-based solutions. • Ensure smooth data flow between Python applications and other enterprise systems. • Architect solutions in cloud environments (AWS, GCP, Azure) using Python. • Implement CI/CD pipelines for Python projects and manage infrastructure-as-code (Terraform, Ansible). • Ensure security best practices in Python code (e.g., OWASP, cryptography, input validation). • Lead efforts to comply with data protection and regulatory requirements in Python solutions. • Provide guidance to Python developers on architectural decisions, design patterns, and code quality. • Mentor teams on Python best practices, writing clean, maintainable, and efficient code. • Work closely with customers, business analysts, project managers, and development teams to understand requirements. • Communicate complex technical concepts to non-technical stakeholders. • Ensure solutions address functional and non-functional requirements (e.g., performance, scalability, security). Preferred Skills • Deep knowledge of Python frameworks like Django, Flask, or FastAPI. • Proficiency with asynchronous programming in Python (e.g., asyncio, concurrent.futures). • Hands-on experience with designing and deploying microservices-based architectures. • Understanding of containerization technologies like Docker and orchestration tools like Kubernetes. • Strong experience with AWS, GCP, or Azure for deploying and scaling Python applications. • Familiarity with cloud services like Lambda (AWS), Cloud Functions (GCP), or similar. • Experience with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI, CircleCI). • Knowledge of Infrastructure-as-Code (IaC) tools like Terraform or Ansible. • Proficiency with relational databases (PostgreSQL, MySQL) and NoSQL databases (MongoDB, Redis). • Experience with database optimization, indexing, and query tuning. • Strong understanding of RESTful APIs, GraphQL, and API documentation standards (e.g., OpenAPI/Swagger). • Experience with integrating third-party services via APIs. • Proficient with Git, GitHub, or GitLab for version control and collaboration in Python projects. • Familiarity with branching strategies (e.g., GitFlow) and code review practices. • Experience with Python security tools and practices (e.g., PyJWT, OAuth2, secure coding). • Familiarity with encryption, authentication, and data protection standards. • Hands-on experience working in Agile environments, familiar with Scrum or Kanban. • Ability to break down complex technical tasks into sprints and manage backlogs. • Knowledge of popular Python AI/ML libraries such as TensorFlow, PyTorch, and Scikit-learn. • Experience with deploying machine learning models in production environments

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Information Protection. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Consulting. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Identity Manager. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Process. Experience: 3-5 Years.

We’re Hiring: Software Engineer Front End! Looking for a role that fosters collaboration, creativity and career growth in a vibrant office environment? We got you covered! We are currently on the lookout for a Software Engineer Front End to join our team at Cloudstaff, the #1 workplace everywhere! Think you qualify for the role? Attach a 1-2 minute video intro and introduce yourself to us so we can meet you virtually. Attach this together with your updated CV to become a priority applicant! Role : Software Engineer Front End Work Arrangement : Work from Home Location : India Schedule : Morning shift As a frontend engineer on the VPN team , you'll contribute to developing our browser extension and enhancing our B2B feature set. This role requires close interactions with product owners and engineers across the company. Work closely with a group of Web, Backend Engineers, and Architects to build resilient, massively scalable solutions for millions of people to rely on. Collaborate with teams of client application developers and product management to ensure our solutions meet critical business and reliability requirements. Document front-end capabilities and their proper use so that all our VPN clients can implement correctly functioning solutions. Qualification and requirements (non-negotiable): Minimum 3-5 years of professional software development experience is required, including at least 2 years of experience in the following: Experience with NodeJS Proficiency with TypeScript or any typed language Experience with React or similar frameworks, developing performant and reusable components Your experience should also demonstrate: Strong understanding of software engineering best practices, such as SOLID, Design Patterns Deep understanding of JavaScript methodologies and design patterns Experience with backend principles and practices (databases, APIs) Experience with source control flow through Git or other distributed version control systems Familiarity with issue and project tracking software such as Jira It's a bonus if you have: Awareness of common security issues in client-side development, such as those in the OWASP top ten, and how to mitigate them Familiarity with UX, accessibility, internationalization, and localization concerns and solutions Experience with Grafana or other monitoring platforms Experience with breaking down product requirements into architecture design and implementation High-level understanding of cryptography concepts such as key exchange and the difference between symmetric and asymmetric encryption Experience working as part of a regionally distributed team Perks & Benefits: Comprehensive health and life insurance on your 16th day of employment, covering 1 free dependent on the 16th day of employment Flexible leave credits which may be used for vacation, emergency and sick leaves Quarterly perks boxes for WFH staff, offering groceries and snacks to keep you fueled Superb and exciting Mid-Year Parties – with items to give away and cash prizes! Endless opportunities for career advancement Annual Performance Review with Salary Increase We set you up for success with a company-provided PC/Laptop and fiber internet connection Tech-on-wheels Support Participate and join our CS Social Clubs and Special Interest Groups to connect with colleagues International career growth and connections Unlimited cash incentives for hired referrals Mental Wellness Employee Assistance program through Lifeworks In-house psychiatrist available to support employees' well-being Become part of the Employee Share Units program Cloudstaff Dream Points - To be used for bidding useful items like appliances, kitchenettes etc. Cloudstaff : Build Your Career, Anywhere Established in 2005, Cloudstaff is a leading outsourcing company that empowers businesses to thrive through smarter talent solutions. We're passionate about creating a work environment that fosters your professional growth and overall well-being. Why Cloudstaff is the #1 Workplace? Award-winning Culture: We're committed to building the #1 Workplace Everywhere, with a proven track record of staff engagement initiatives and industry recognition Invest in You: We support your development through comprehensive training programs, mentoring and opportunities for career advancement Thrive as an Individual: We offer a strong work-life balance with flexible schedules, meaningful perks and a collaborative team environment. **To become a priority applicant, please share a 1-2 minute video introduction detailing you experience in this specific role. You can upload your video to the CSJobs platforms. Please use a clean, distraction-free background and speak clearly and articulately.**

Job Description for Senior Quality Analyst Job Title: Senior Quality Analyst Experience: 4+ years Location: Kolkata (Work From Office / 5 days) Employment Type: Full-Time Salary Bracket: Up to INR 7 LPA Notice Period: Immediate Joiners Only Role Overview: As a Senior Quality Analyst, you will lead the design and execution of end-to-end test strategies to ensure flawless software delivery. You will drive innovation in automation, optimize testing frameworks, and mentor junior team members while collaborating with cross-functional teams to deliver exceptional user experiences. Key Responsibilities: Technical Leadership: Architect, develop, and maintain automation frameworks from scratch (Selenium, Playwright, TestNG, BDD Cucumber). Implement parallel execution, retry mechanisms, and Selenium Grid for scalable testing. Design data-driven tests (Excel, CSV, JSON) and integrate DataFaker/JavaFaker for realistic test data. Process & Collaboration: Partner with DevOps to integrate testing into CI/CD pipelines (Jenkins, GitHub Actions). Lead Agile practices (daily stand-ups, sprint planning, retrospectives) and ensure QA alignment with sprint goals. Mentor junior analysts and promote TDD/BDD adoption across teams. Advanced Testing: Conduct API testing (REST Assured, Postman) and performance/load testing (k6, JMeter). Perform security testing (OWASP Top 10, Burp Suite) and VAPT to identify vulnerabilities. Validate cloud-native applications (AWS/Azure/GCP) and containerized environments (Docker). Quality Governance: Define KPIs (test coverage, defect leakage rate, CI/CD pipeline efficiency) and track improvements. Generate actionable insights using Extent/Allure reports, logs, and video recordings. Perform root cause analysis and lead defect triage with developers. Innovation: Explore AI/ML-driven testing tools for predictive analytics and test optimization. Stay updated with industry trends (e.g., shift-left testing, chaos engineering). Essential Skills: Programming: Java, JavaScript Automation: Selenium, Cucumber, Gherkin, TestNG Tools: REST Assured, Postman, JMeter, k6, Docker, Selenium Grid, Cypress, Playwright, Robot Framework, Protractor Cloud: Hands-on with AWS/Azure/GCP (testing SaaS apps or cloud infrastructure). Reporting: Extent, Allure, advanced logging strategies Methodologies: Agile, DevOps, TDD/BDD Desirable Skills: Security Testing: SAST/DAST tools (OWASP ZAP, Burp Suite), VAPT Mobile Testing: Appium, Espresso (if applicable) Database Testing: SQL, NoSQL (MongoDB, Cassandra) AI/ML in Testing: Familiarity with AI-driven test generation tools Domain Knowledge: Risk Management Soft Skills: Strong communication to translate technical issues for non-technical stakeholders. Problem-solving mindset with a focus on continuous improvement. Leadership in driving QA initiatives and process innovation.

Role Overview As Senior Mananger/AVP – Offensive security services, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK

This role is for one of the Weekday's clients Min Experience: 6 years Location: Mumbai JobType: full-time Qualifications: Bachelor's or Master's degree in Computer Science, Information Technology, Engineering, or a related field Relevant certifications preferred: CISSP, OSCP, CRISC, CSSLP Experience: 10-12 years in cyber security, including 8+ years of hands-on experience in: Security assessments for web, mobile, APIs, network, infrastructure, and platforms Risk evaluation for AI-driven products Requirements Technical Expertise: In-depth understanding of security frameworks and standards such as OWASP, SANS, MITRE ATT&CK Strong knowledge of threat vectors, exploitation techniques, and mitigation strategies Proficiency in threat modeling and gap analysis of security controls Familiarity with containerization technologies (Docker, OpenShift, Kubernetes) is a plus Experience in coding (1-2 years) is advantageous Key Responsibilities: Perform architecture and data-flow reviews, threat modeling, and risk analysis Evaluate design documents (SRS, HLD/LLD, BCP) for potential security weaknesses Develop and maintain control checklists aligned with global security standards Conduct security risk assessments across applications, APIs, mobile platforms, microservices, infrastructure, and AI solutions Prepare comprehensive risk reports, classify risks based on severity, and monitor project adherence to security controls Recommend mitigation strategies and compensating controls to development and operations teams Collaborate effectively with internal teams, project managers, and customers Escalate high-impact risks that affect the overall security posture Keep up-to-date with evolving cyber threats and actively contribute to team knowledge sharing Train and mentor team members on security best practices and methodologies Personal Attributes: Strong communication skills—both written and verbal High attention to detail and critical thinking ability Capable of explaining complex risk concepts in a clear, simple manner Skilled at managing multiple priorities in a fast-paced environment Self-motivated, adaptable, and able to work independently or as part of a team Key Skills: Cybersecurity Risk Assessment & Advisory OWASP, MITRE, SANS CISSP, OSCP, CRISC (preferred) Threat Modeling Application & Infrastructure Security AI Product Risk Evaluation Container Security

About ValGenesis ValGenesis is a leading digital validation platform provider for life sciences companies. ValGenesis suite of products are used by 30 of the top 50 global pharmaceutical and biotech companies to achieve digital transformation, total compliance and manufacturing excellence/intelligence across their product lifecycle. Learn more about working for ValGenesis, the de facto standard for paperless validation in Life Sciences: https://www.youtube.com/watch?v=tASq7Ld0JsQ About the Role: We are looking for experienced product development engineers/experts who can join our flagship VLMS product engineering team to implement the product enhancements and support our global customers. If you are a technology enthusiast and have passion to develop enterprise products with quality, security, and performance, we are eager to discuss with you the potential role. Responsibilities Understand the business requirements and technical constraints and architect/design/develop. Participate in the complete development life cycle. Review the architecture/design/code of self and others. Develop enterprise application features using C#, ASP .NET development framework. Own and be accountable for the Quality, Performance, Security, and Sustenance of the respective product deliverables. Strive for self-excellence along with enabling the success of the team/stakeholders. Requirements 4 to 10 years of experience in developing enterprise software products Must have strong experience in ASP .NET Web Forms with C# Strong experience in SQL, MS SQL Server Experience in Javascript, JQuery, AngularJS Good knowledge of Web Services, Web API, WCF, LINQ, IIS 7.0+ Knowledge/Experience in SSO integration using LDAP, ADFS, OKTA, PING Knowledge/Experience in HTML5, XML, OOXML, XAML, WPF, CSS, Bootstrap Knowledge/Experience in XSS, SSL, TLS, OWASP standards Knowledge/Experience in DevExpress report, SSRS, Crystal Reports, BI Components Knowledge of Code Quality, Code Monitoring, Performance Engineering, Test Automation Tools We’re on a Mission In 2005, we disrupted the life sciences industry by introducing the world’s first digital validation lifecycle management system. ValGenesis VLMS® revolutionized compliance-based corporate validation activities and has remained the industry standard. Today, we continue to push the boundaries of innovation ― enhancing and expanding our portfolio beyond validation with an end-to-end digital transformation platform. We combine our purpose-built systems with world-class consulting services to help every facet of GxP meet evolving regulations and quality expectations. The Team You’ll Join Our customers’ success is our success. We keep the customer experience centered in our decisions, from product to marketing to sales to services to support. Life sciences companies exist to improve humanity’s quality of life, and we honor that mission. We work together. We communicate openly, support each other without reservation, and never hesitate to wear multiple hats to get the job done. We think big. Innovation is the heart of ValGenesis. That spirit drives product development as well as personal growth. We never stop aiming upward. We’re in it to win it. We’re on a path to becoming the number one intelligent validation platform in the market, and we won’t settle for anything less than being a market leader. How We Work Our Chennai, Hyderabad and Bangalore offices are onsite, 5 days per week. We believe that in-person interaction and collaboration fosters creativity, and a sense of community, and is critical to our future success as a company. ValGenesis is an equal-opportunity employer that makes employment decisions on the basis of merit. Our goal is to have the best-qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, gender identity, national origin, disability, or any other characteristics protected by local law.

As an experienced Application Security Manager, you will play a crucial role in leading our security initiatives to ensure the integrity, confidentiality, and availability of our systems and data. Your responsibilities will involve integrating security tools, standards, and processes into the product life cycle (PLC), training developers and QA personnel on security knowledge, supporting application security tool deployments, and managing periodic penetration testing exercises. You will be tasked with creating, integrating, and managing threat modeling processes/practices, following SSDLC and application framework, as well as managing secure configuration/hardening guidelines and compliance. Additionally, you will need to create and manage application security KPIs, KRIs compliance reports, and dashboards. Your role will also require hands-on experience with tools and processes related to SAST, DAST, API Security, and Threat Modelling. Furthermore, you will oversee Infosec functions by coordinating with various stakeholders such as the App Team, Vendors, Auditors, and Regulators. It is essential to have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST, as well as experience with cloud environments (AWS) and WAF (Imperva, Akamai). Knowledge of Network and Data Security is considered a plus. In terms of qualifications and experience, we are looking for candidates with 8-10 years of hands-on experience in application security. A strong understanding of application security best practices, frameworks, and security technologies is required. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes is essential. Familiarity with regulatory requirements and compliance standards, such as RBI and SEBI, is beneficial. Excellent communication, interpersonal, analytical, and problem-solving skills are important for this role. A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required, while a Master's degree or relevant certifications are preferred.,

About ValGenesis ValGenesis is a leading digital validation platform provider for life sciences companies. ValGenesis suite of products are used by 30 of the top 50 global pharmaceutical and biotech companies to achieve digital transformation, total compliance and manufacturing excellence/intelligence across their product lifecycle. Learn more about working for ValGenesis, the de facto standard for paperless validation in Life Sciences: https://www.youtube.com/watch?v=tASq7Ld0JsQ About the Role: We are looking for experienced product development engineers/experts who can join our flagship VLMS product engineering team to implement the product enhancements and support our global customers. If you are a technology enthusiast and have passion to develop enterprise products with quality, security, and performance, we are eager to discuss with you the potential role. Responsibilities Understand the business requirements and technical constraints and architect/design/develop. Participate in the complete development life cycle. Review the architecture/design/code of self and others. Develop enterprise application features using C#, ASP .NET development framework. Own and be accountable for the Quality, Performance, Security, and Sustenance of the respective product deliverables. Strive for self-excellence along with enabling the success of the team/stakeholders. Requirements 4 to 10 years of experience in developing enterprise software products Must have strong experience in ASP .NET Web Forms with C# Strong experience in SQL, MS SQL Server Experience in Javascript, JQuery, AngularJS Good knowledge of Web Services, Web API, WCF, LINQ, IIS 7.0+ Knowledge/Experience in SSO integration using LDAP, ADFS, OKTA, PING Knowledge/Experience in HTML5, XML, OOXML, XAML, WPF, CSS, Bootstrap Knowledge/Experience in XSS, SSL, TLS, OWASP standards Knowledge/Experience in DevExpress report, SSRS, Crystal Reports, BI Components Knowledge of Code Quality, Code Monitoring, Performance Engineering, Test Automation Tools We’re on a Mission In 2005, we disrupted the life sciences industry by introducing the world’s first digital validation lifecycle management system. ValGenesis VLMS® revolutionized compliance-based corporate validation activities and has remained the industry standard. Today, we continue to push the boundaries of innovation ― enhancing and expanding our portfolio beyond validation with an end-to-end digital transformation platform. We combine our purpose-built systems with world-class consulting services to help every facet of GxP meet evolving regulations and quality expectations. The Team You’ll Join Our customers’ success is our success. We keep the customer experience centered in our decisions, from product to marketing to sales to services to support. Life sciences companies exist to improve humanity’s quality of life, and we honor that mission. We work together. We communicate openly, support each other without reservation, and never hesitate to wear multiple hats to get the job done. We think big. Innovation is the heart of ValGenesis. That spirit drives product development as well as personal growth. We never stop aiming upward. We’re in it to win it. We’re on a path to becoming the number one intelligent validation platform in the market, and we won’t settle for anything less than being a market leader. How We Work Our Chennai, Hyderabad and Bangalore offices are onsite, 5 days per week. We believe that in-person interaction and collaboration fosters creativity, and a sense of community, and is critical to our future success as a company. ValGenesis is an equal-opportunity employer that makes employment decisions on the basis of merit. Our goal is to have the best-qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, gender identity, national origin, disability, or any other characteristics protected by local law.

Vulnerability Assessment and Penetration Testing (VAPT) Team Lead Are you a skilled cybersecurity professional with leadership experience in penetration testing? Join HackIT a CERT-IN empaneled cybersecurity firm as a Vulnerability Assessment and Penetration Testing (VAPT) Team Lead. What You'll Be Doing Lead, manage, and mentor a team of junior penetration testers. Perform Web, Mobile, API, and Network Security Testing using both manual and automated techniques. Conduct Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and develop Proof-of-Concept exploits to demonstrate vulnerabilities. Provide clients with detailed remediation guidance and support to address security gaps. Ensure projects are delivered within deadlines and meet quality standards. Communicate findings effectively with clients, stakeholders, and senior management. Prepare comprehensive, high-quality technical reports that clearly explain vulnerabilities, Risks, And Mitigation Qualifications & Skills 3 - 5 years of experience in Application, Infrastructure, or Network Penetration Testing. Prior experience as a Team Lead or Project Lead in a cybersecurity testing environment. Strong knowledge of security frameworks and methodologies, including OWASP Top 10, NIST, and MITRE ATT&CK. Proficiency with both enterprise-grade and open-source penetration testing tools. Excellent problem-solving skills, leadership capabilities, and report-writing Certifications : OSCP, CREST, GPEN, GXPN, Cloud Certifications, or equivalent (ref:hirist.tech)

As a graduate engineer at Pentair, you will have the opportunity to showcase your passion for smart & connected IoT product implementation and contribute to turning innovative ideas into technical solutions using the latest tools and techniques. In this role, you will be part of a team that is dedicated to digital technologies and innovation, providing a friendly and engaging work environment. Pentair offers a unique chance to gain insights into the entire IoT product development process, from inception to the final product. Selected candidates will have exposure to various areas of IoT product implementation based on project requirements. Your responsibilities will include understanding and analyzing product requirements, translating them into specifications and programming deliverables, collaborating with architects and business teams to enhance existing applications and develop new ones, coding, testing, and debugging applications in real-world scenarios, and creating technical documentation such as requirement documentation and architecture documentation. You will also participate in Scaled Agile Framework scrum activities, provide product support, and contribute to the overall success of IoT projects. To excel in this role, you must have a strong technical understanding in areas such as smartphone application development (Android or iOS, React Native), web app development (ReactJS), knowledge of Node.js and Go, data structures, databases, AWS cloud services, DevOps, analytical skills for data interpretation, business analysis skills for documenting product requirements, cloud, mobile, and web application security, electronics, embedded systems, PLC, SCADA, and hands-on experience with programming languages like C, Python, C++, and Java. Additionally, you should be proficient in documenting requirements and designs using flowcharts and state diagrams, working on Windows and Linux machines, troubleshooting complex issues, and possessing excellent analytical skills. Qualifications for this position include a B.E./B. Tech in Computer Science, Masters in Computer Applications, or Masters in Computer Science. Other requirements include good communication and presentation skills, the ability to multitask, design thinking mindset, a passion for design and technology, a can-do attitude, and excellent interpersonal skills. The title/designation for this role will be determined based on your performance during the interview and years of relevant work experience.,

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS) Strong understanding of security risks in networks and application platforms Strong understanding of network security, infrastructure security and application security Strong understanding of OSI, TCP/IP model and network basics Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms Broad knowledge of security technologies for applications, databases, networks, servers, and desktops Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones. Scripting and programming experience is beneficial Ability to perform manual penetration testing Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments. Perform technical writing to communicate the preparation, testing, and recommendation phases for various security tests. Work with stakeholders to remediate system vulnerabilities. Train team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skill of the firm Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises considered a plus. Good Understanding of OWASP top 10 and mitigation techniques Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues Database testing: MySQL, Oracle, NoSQL Understanding of cyber security management, cyber analytics, security intelligence platforms and threat intelligence frameworks Writing business proposals and response to client RFP/ RFIs Identifying business opportunities and lead delivery and program management for large cyber security programs Delivery team and client relationship management Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Qualifications B.Tech, B.E.

As an Attack Surface Reduction Analyst at H&M, you will play a crucial role in identifying potential security risks and vulnerabilities within the organization's systems, applications, and networks. Your responsibilities will include conducting comprehensive vulnerability assessments and penetration tests, utilizing industry-standard tools to identify weaknesses in our attack surface, and collaborating with cross-functional teams to prioritize and remediate vulnerabilities in a timely manner. Additionally, you will be involved in managing third-party penetration testing engagements, developing security policies and procedures, and staying up to date with the latest cybersecurity trends. To excel in this role, you should possess a Bachelor's degree in computer science, information security, or a related field, along with 3-5 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Strong knowledge of common vulnerabilities, security best practices, and industry frameworks such as NIST, OWASP, and CIS is essential. Proficiency in using industry-standard vulnerability assessment and penetration testing tools, effective communication skills, and relevant certifications like SANS, OSCP, or CompTIA Security+ are also advantageous. At H&M, we value our employees and offer attractive benefits, extensive development opportunities, and a vibrant work culture. If you are looking to grow your career in a supportive and inclusive environment, we encourage you to join our team. Please apply by submitting your CV in English through SmartRecruiters or our career page before the 30th of June 2025. We look forward to welcoming you on board in August 2025.,

Overview We’re looking for a skilled and experienced VAPT Engineer (Level 2/3) with 8+ years of hands-on experience in vulnerability assessment and penetration testing across enterprise environments. In this role, you’ll lead advanced security testing efforts, simulate real-world attack scenarios, and guide remediation strategies to strengthen the organization’s security posture. Total Experience 8+ years of hands-on experience Job Skills Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related field Strong understanding of network protocols, OS internals (Linux/Windows), and cloud platforms (AWS, Azure, or GCP) Hands-on scripting skills in Python, Bash, or PowerShell Experience with DevSecOps practices, CI/CD integration, and container security (Docker/Kubernetes) Solid grasp of secure coding principles, reverse engineering, and exploit development Relevant certifications such as OSCP, CEH, GPEN, LPT, or CISSP are highly preferred Responsibilities Lead penetration testing across web, mobile, cloud, and infrastructure (Black-box, Grey-box, White-box) Perform manual and automated vulnerability assessments using tools like Burp Suite, Nessus, Metasploit, Nmap, and custom scripts Conduct threat modeling and risk assessments for business-critical systems Document findings with clear, actionable remediation plans and deliver comprehensive technical reports Collaborate with DevOps, IT, and Security teams to prioritize and resolve vulnerabilities Mentor junior VAPT engineers and review their assessment reports for quality and accuracy Stay current with emerging threats, zero-day vulnerabilities, and modern attack techniques Ensure testing practices align with industry standards including OWASP, NIST, ISO 27001 Participate in security audits, incident response activities, and red team engagements Apply Now

Total Experience 5 years of experience Responsibilities Monitor network traffic and detect DDoS attack patterns at both Layer 3 and Layer 7. Mitigate volumetric attacks such as TCP SYN floods, UDP floods, and amplification attacks. Configure and optimize Akamai WAF to prevent OWASP Top 10 threats and other vulnerabilities. Implement Akamai Guardicore Micro segmentation for Zero Trust Security. Apply rate limiting, filtering, and access control mechanisms to prevent malicious traffic. Collaborate with ISPs and stakeholders to mitigate large-scale cyber threats. Conduct post-attack forensic investigations, root cause analysis (RCA), and more. ZTNA, SWG, CASB, SSE skills (Checkpoint, Palo Alto, Zscaler). Apply Now

Sr. Cyber Security Analyst Panchkula, India - Date Posted July 22, 2025 Description Were looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, youll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organizations digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Skills Key Skills 3 years of experience in cybersecurity or a related technical role. Bachelors degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Responsibilities Roles And Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organizations security posture. Application Position: Sr. Cyber Security Analyst Name * E-mail * Phone * CV & Documents * Add file Required fields Phone Thank you for submitting your application. We will contact you shortly! Contacts Email: careers@grazitti.com Address HSIIDC Technology Park, Plot No 19, Sector 22, 134104, Panchkula, Haryana, India

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description RESPONSIBILITIES: Establish security best processes and practices for our mobile, on-premises and cloud-based platforms. Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls. Support and consult with product and development teams in the area of application security, including threat modeling and Application Security reviews. Implement, continuously develop, and maintain secure Software Security Development Lifecycle processes and software maturity model. Perform threat modeling, secure design, and source code review. Conduct security assessments, security testing and validation of vulnerability scan results. Assist teams in reproducing, triaging, and addressing application security vulnerabilities. Incorporate security tools/tasks to automate product development and deployment. Develop, implement, and automate defensive controls, creating and tuning tools and rules to detect and address malicious activity. Responsible for integration of security controls into SDLC. Establish supply chain security process and ensure 3rd party software meet the standards. Facilitate injection, integration, and compliance for Static Application Security Testing (SAST), Container Security Scanning & Open-Source Security Analysis during development phase. Facilitate injection, integration, and compliance for Dynamic Application Security Testing (DAST) Contribute to triaging, addressing security issues and tracking remediation. Own and manage Secure SDLC tooling. Develop and customize security tools used by security teams and developers. Work closely with development teams to build security directly into their SDLCs. Provide remediation guidance to programmers and management. Support bug bounty program Support the preparation of security releases Mentor and train development teams on secure coding standards and techniques. Develop Secure Coding Program. Constantly innovate at the pace of the adversary using latest techniques. EDUCATIONAL REQUIREMENTS: Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience Certifications in the field of Information Security (at least one of the following: CISSP, CEH, GIAC CPEN, OSCP, OSWE, CWAPT, GWAPT, GWEB) Experience Required A minimum of 3 to 5 years of experience. GENERAL KNOWLEDGE, SKILLS & ABILITIES: In-depth knowledge of web and mobile security vulnerabilities, attack vectors and mitigation techniques Experience with multiple programming languages (Java, JavaScript, Go, Python, Ruby, Objective-C, C#, PHP) with hands on level coding experience with at least one scripting and one objected oriented programming language. Fluent with security testing with SAST, SCA, DAST, IAST, Fuzz and penetration testing tools Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25 Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond). Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP. Knowledge of DevSecOps to maintain security in CI/CD pipeline. Solid experience with security tools like Semgrep, CheckMarx, VeraCode, BurpSuite, Snyk, Nessus Familiar with tools like Git, Jenkins, CircleCI, Maven, Ant, Gradle, Nexus, SonarQube, Artifactory, Chef, Splunk Experience writing custom rules for static analysis tools. Experience with API Security, IaC, Containerization, RASP, IAST Experience with micro services, container deployment and service orchestration Strong knowledge of cryptography, API security, and secret management Ability to clearly and effectively communicate concerns and issues to the management and engineers. Experience with Cloud (AWS, Azure, GCP) Security Experience writing tools to automate tasks and integrate systems using scripting languages like Go, Python and REST APIs. Experience in delivering and educating development groups in Secure Coding Expertise with common vulnerabilities and attack vectors. Experience integrating security tools into developer pipelines. DevOps experience managing deployment and configuration. General Skills Include Strong critical thinking and analytical skills Ability to approach problem solving in a constructive and collaborative way that does not require absolute security. The ability to communicate complicated technical issues and risks to programmers, network engineers and managers. Strong leadership, project, and team-building skills Exceptional communication skills with diverse audiences; the ability to be an application security subject matter expert who can explain relevant topics to general audiences.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.