3229 Owasp Jobs - Page 13

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description RESPONSIBILITIES: Establish security best processes and practices for our mobile, on-premises and cloud-based platforms. Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls. Support and consult with product and development teams in the area of application security, including threat modeling and Application Security reviews. Implement, continuously develop, and maintain secure Software Security Development Lifecycle processes and software maturity model. Perform threat modeling, secure design, and source code review. Conduct security assessments, security testing and validation of vulnerability scan results. Assist teams in reproducing, triaging, and addressing application security vulnerabilities. Incorporate security tools/tasks to automate product development and deployment. Develop, implement, and automate defensive controls, creating and tuning tools and rules to detect and address malicious activity. Responsible for integration of security controls into SDLC. Establish supply chain security process and ensure 3rd party software meet the standards. Facilitate injection, integration, and compliance for Static Application Security Testing (SAST), Container Security Scanning & Open-Source Security Analysis during development phase. Facilitate injection, integration, and compliance for Dynamic Application Security Testing (DAST) Contribute to triaging, addressing security issues and tracking remediation. Own and manage Secure SDLC tooling. Develop and customize security tools used by security teams and developers. Work closely with development teams to build security directly into their SDLCs. Provide remediation guidance to programmers and management. Support bug bounty program Support the preparation of security releases Mentor and train development teams on secure coding standards and techniques. Develop Secure Coding Program. Constantly innovate at the pace of the adversary using latest techniques. EDUCATIONAL REQUIREMENTS: Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience Certifications in the field of Information Security (at least one of the following: CISSP, CEH, GIAC CPEN, OSCP, OSWE, CWAPT, GWAPT, GWEB) Experience Required A minimum of 3 to 5 years of experience. GENERAL KNOWLEDGE, SKILLS & ABILITIES: In-depth knowledge of web and mobile security vulnerabilities, attack vectors and mitigation techniques Experience with multiple programming languages (Java, JavaScript, Go, Python, Ruby, Objective-C, C#, PHP) with hands on level coding experience with at least one scripting and one objected oriented programming language. Fluent with security testing with SAST, SCA, DAST, IAST, Fuzz and penetration testing tools Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25 Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond). Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP. Knowledge of DevSecOps to maintain security in CI/CD pipeline. Solid experience with security tools like Semgrep, CheckMarx, VeraCode, BurpSuite, Snyk, Nessus Familiar with tools like Git, Jenkins, CircleCI, Maven, Ant, Gradle, Nexus, SonarQube, Artifactory, Chef, Splunk Experience writing custom rules for static analysis tools. Experience with API Security, IaC, Containerization, RASP, IAST Experience with micro services, container deployment and service orchestration Strong knowledge of cryptography, API security, and secret management Ability to clearly and effectively communicate concerns and issues to the management and engineers. Experience with Cloud (AWS, Azure, GCP) Security Experience writing tools to automate tasks and integrate systems using scripting languages like Go, Python and REST APIs. Experience in delivering and educating development groups in Secure Coding Expertise with common vulnerabilities and attack vectors. Experience integrating security tools into developer pipelines. DevOps experience managing deployment and configuration. General Skills Include Strong critical thinking and analytical skills Ability to approach problem solving in a constructive and collaborative way that does not require absolute security. The ability to communicate complicated technical issues and risks to programmers, network engineers and managers. Strong leadership, project, and team-building skills Exceptional communication skills with diverse audiences; the ability to be an application security subject matter expert who can explain relevant topics to general audiences.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Job Description Your Impact: You will work in the spirit of agile & a product engineering mindset - delivering the sprint outcomes, iteratively & incrementally, following the agile ceremonies You’re expected to write clean,modular,production ready code and take it through production and post-production lifecycle. You will groom the stories functionally & help define the acceptance criteria (Functional & Non-Functional/NFRs) You will have breadth of concepts, tools & technologies to address NFRs like security, performance, reliability, maintainability and understand the need for trade-offs You will bring in expertise to optimize and make the relevant design decisions (considering trade-offs) at the module / components level Manage the product lifecycle from requirements gathering and feasibility analysis through high-level and low-level design, development, user acceptance testing (UAT), and staging deployment. Integrate SAST,DAST in detecting OWASP vulnerabilities, thereby securing a robust and scalable product journey roadmap Qualifications Your Skills & Experience: A Bachelor’s degree in engineering with 3.5+ years of experience in building large-scale, large-volume services & distributed apps. Proficiency in Java, Spring/Springboot/Micronaut framework,NodeJs,React,K8(Container Orchestrator),Message Queues(Kafka/ActiveMQ,Rabbit MQ/Tibco/JMS) You are aware of Multi-Cloud Platforms like AWS, GCP, Azure, etc. You apply SOLID, DRY design principles, design patterns & practice Clean Code You are an expert at String Manipulation, Data/Time Arithmetic, Collections & Generics You build reliable & high-performance apps leveraging Eventing, Streaming, Concurrency, You design and build microservices from the ground up, considering all NFRs & applying DDD, Bounded Contexts You use one or more databases (RDBMS or NoSQL) based on the needs You understand the significance of security aspects & compliance to data, code & application security policies; You write secure code to prevent known vulnerabilities. You understand HTTPS/TLS, Symmetric/Asymmetric Cryptography, CertificatesYou use logging frameworks like Log4j, NLog, etc. You use Logging/Monitoring solutions (Splunk, ELK, Grafana) Set Yourself Apart With You understand infra. as code (cattle over pets via Terraform/Cloud-Formation/Ansible) You understand reactive programming concepts, Actor models & use RX Java / Spring React / Akka / Play, etc. You are aware of distributed tracing, debugging, and troubleshooting You are aware of side-car, service mesh usage along with microservices You are aware of gateways, load-balancers, CDNs, Edge caching You are aware of gherkin and cucumber for BDD automation You are aware of one distributed caching solution like Redis, MemCache, etc. Additional Information A Tip From The Hiring Manager Software Development Engineers (SDE-I) are bright, talented, and motivated young minds with strong technical skills, developing software applications and services that make life easier for customers. The SDE-I is expected to work with an agile team to develop, test, and maintain digital business applications. As an SDE-I you will get an opportunity to work with industry-leading clients and global teams to solve complex business problems and build your skills on the full stack of application development technologies Education Bachelor’s/Master’s Degree in Computer Engineering, Computer Science, or a related field Additional Information Gender Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting, and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of the next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Hiring Application Security Exp: 5+ Years Notice Period : Preferring Immediate Joiners - 30 Days(If Serving and have LWD Confirmation) - Candidate who are in bench or not serving notice period dont apply Location: Marathahalli-Bangalore Mode Of Work : Hybrid Mandatory Skills Required : Application Security,Penetration Testing,SAST,DAST,IT Risk Assesment, Hands-on experience in penetration testing and tools like Apisan, WebInspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity CEH/SSCP/OSCP certified. Mode of interview - 1st technical virtual & 2nd technical face to face in Marathahalli - Bangalore location - If you're available for face to face discussions on weekdays - Apply for this role. Interested candidates share your updated resume to suvetha.b@twsol.com

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Description: Participate in team prioritization discussions with Product/Business stakeholders Estimate and own delivery tasks (design, dev, test, deployment, configuration, documentation) to meet the business requirements • Automate build, operate, and run aspects of software • Drive code/design/process trade-off discussions within their team when required Report status and manage risks within their primary application/service • Drive integration of services focusing on customer journey and experience Understands operational and engineering experience, actively works to improve experience and metrics in ownership area Develop complete understanding of end-to-end technical architecture and dependency systems Drive adoption of technology standards and opinionated frameworks, and review coding, test, and automation work of team members Identify opportunities to improve an overall process and trim waste. Skills: Net core, API Development, SQL Server DB, Windows Services.

Role Summary: We are looking for a skilled and hands-on Mid-Level Penetration Tester to join our offensive security team. The ideal candidate should have strong manual testing skills and experience assessing diverse environments including web applications, APIs, mobile apps, wireless networks, infrastructure, and thick client applications. You’ll be responsible for identifying vulnerabilities, exploiting them ethically, and delivering actionable insights to help improve the organization’s security posture. Key Responsibilities: Perform manual penetration tests on: Web applications (OWASP Top 10, business logic flaws) REST/SOAP APIs Mobile applications (Android/iOS) Wireless networks (WPA2/Enterprise, rogue APs) Internal/external network infrastructure Thick client applications (custom-built software) Simulate real-world attack scenarios, leveraging custom scripts, payloads, and tools to bypass defenses. Document detailed findings with proof-of-concept, risk ratings, and tailored mitigation recommendations. Assist with threat modeling and scoping of penetration tests with relevant stakeholders. Collaborate with developers, system admins, and IT teams during remediation and retesting phases. Stay current on emerging threats, techniques, and exploits through continuous research. Contribute to the improvement of internal testing methodologies and reporting templates. Required Skills & Experience: Hands-on experience in penetration testing with a strong emphasis on manual testing techniques. In-depth understanding of web technologies (HTML, JavaScript, HTTP/S, cookies, sessions). Familiarity with OWASP Top 10, MITRE ATT&CK, and CWE/SANS 25. Experience with tools like Burp Suite Pro, OWASP ZAP, Postman, Wireshark, Nmap, and custom scripts. Knowledge of common authentication/authorization mechanisms (OAuth2, JWT, SSO). Hands-on experience in testing mobile apps using tools like MobSF, Frida, or JADX. Proficiency in scripting (Python, Bash, PowerShell) for custom exploit development or automation. Ability to manually analyze application logic and chain vulnerabilities creatively.

Job Title: Mobile Application Security Lead (AppSec) Location: Mumbai Experience Required: 4 5 Years Job Type: Full-time, On-site Job Overview: Talakunchi Networks Pvt Ltd is seeking a skilled and motivated Mobile Application Security Lead to oversee and deliver comprehensive security assessments across Android and iOS platforms. The ideal candidate will have a strong background in mobile app penetration testing and will serve as both a technical lead and client-facing expert, ensuring high-quality delivery across multiple engagements. Key Responsibilities: Lead and execute mobile app security testing for Android and iOS platforms. Perform both automated and manual penetration testing including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Runtime instrumentation and analysis Reverse engineer APKs/IPAs to identify vulnerabilities such as hardcoded secrets and logic flaws. Identify and report security issues based on OWASP Mobile Top 10, insecure storage, transport layer issues, and platform-specific flaws. Use advanced tools: Frida, Objection, MobSF, Burp Suite, Jadx, APKTool, Xposed, Postman, etc. Prepare detailed technical reports with: Risk ratings (CVSSv4/custom) Proof of Concept (PoC) Practical remediation recommendations Interact with client-side stakeholders such as AppDev, QA, and InfoSec teams. Review and validate deliverables prepared by junior team members. Assist in pre-sales efforts: scope definition, effort estimation, and technical discussions. Mentor and train junior security analysts in mobile AppSec practices. Stay up-to-date with the latest mobile vulnerabilities, trends, and tools. Required Skills: Strong understanding of mobile security architecture, Android/iOS internals, and sandboxing In-depth knowledge of OWASP Mobile Top 10 and MASVS Proficient in tools such as: Frida, Objection, Burp Suite, MobSF, Charles Proxy, APKTool, Jadx Postman/Insomnia for API testing Experience with Jailbreaking/Rooting, SSL pinning bypass, and secure coding practices Familiarity with software development life cycle (SDLC) and CI/CD environments Experience in ticketing systems like Jira, ServiceNow, etc. Preferred Certifications: CEH eMAPT eWPTXv2 Bonus Points For: Knowledge of mobile CI/CD security pipeline Familiarity with banking/fintech security standards (RBI, PCI DSS, etc.) Experience in effort estimation and VAPT project planning

By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Sr. Cyber Security Analyst Description Job Description We re looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you ll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organization s digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Skills Key Skills 3+ years of experience in cybersecurity or a related technical role. Bachelor s degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Responsibilities Roles and Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organization s security posture. Position: Sr. Cyber Security Analyst Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Job Profile Summary Expert responsible for developing and administering solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Information Security Operations and Architecture function. This position will collaborate extensively with business, technology, risk and other corporate teams to establish and strengthen adoption of security by design. We operate within a complex landscape driven by client expectations and the diverse needs that comes with operating in countries across the globe. This role is part of the Information Security organization, aligning to Business Information Security Officer (BISO) for Asset Servicing and Chief Operating Office. This role will report to the BISO who reports to the Global Chief Information Security Officer (CISO). Responsibilities Works with management and the architecture team to develop the security strategy and plan and ensures objectives are met. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication. Participate in Architecture Review Boards and help teams create secure design. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements. Displays a balanced, cross-functional perspective, constantly liaising with the business to improve efficiency, effectiveness and productivity. Work with Enterprise Security Architecture team to develop Security blueprints and patterns. Good understanding of vulnerability management. Interfaces frequently with information security industry groups to stay abreast of emerging security trends. Focus of role is on execution of strategic direction of business function activities. Identifies alternative functional security strategies to balance organizational IT security concerns and business requirements. Description Guides the development, specification and communication of application or infrastructure architectures used by business or application systems. Security architect primarily focused on technologies related to authentication, authorization, access management, governance, controls, regulatory requirements etc. As a key member of Workforce authorization and authentication team this candidate will play a vital role in ensuring the secure and compliant implementation of various solutions (Hybrid and Cloud). Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements. Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc. Evaluates and selects from existing and emerging technologies those options best fitting business/project needs Promotes sharing of expertise through consulting, presentations, and documentations, etc. Experienced, functional expert with technical and/or business knowledge and functional expertise Carries out complex initiatives involving multiple disciplines and/or ambiguous projects Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness, and productivity Qualifications Knowledge of network architecture concepts including topology, protocols, components and the application of Defense-In-Depth principles Ten years of experience in the Information Security roles preferred; wide range of technical experience across multiple Cyber Security domains. Five years of experience as a Security Architect In-depth knowledge and experience on Entra ID, EPM, Sentinel, Azure, M365, AWS Security is required Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills Thoroughly understands and provides solutions considering Security technology choices, such as design, protocols support, secrets management, data security, client server communication, token handling, Session management, credential vaulting, OIDC/ OAuth flows, Okta usage and implementations, authorization patterns, identity federation, cloud architectures, cryptography, cloud native services, cloud security etc. Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure continuous improvement in Security Posture by providing consultations to application teams Exposure to API Management, Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc. Deep understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies Displays a balanced, cross-functional perspective under information security, liaising with other towers and business to help improve Security centric designs Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc. Strong knowledge of: Security architecture patterns, requirements, and security controls; Security controls like Authentication, Authorization, Data Security, IAM; Threat modeling frameworks and methodologies Secure code reviews and utilizing outputs Common frameworks and standards such as CRI and NIST Knowledge of penetration testing tools and techniques (e.g., metasploit, neosploit, etc.) Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experience in delivering VAPT in Web(Thin and Thick Client), Mobile and APIs Should have good and effective communication skills in English. (Oral and written) Technical and Professional Requirements: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting languages(e.g. Shell) Knowledge on DevSecOps Preferred Skills: Technology-Security Testing-Security Testing - ALL

Job Summary This position is a Contractor at Senior Specialist Cyber Security role for performing Application Security Testing in Cyber Security Organization. This profile will be passionate in preventing risk by performing remediation validation of vulnerabilities identified during the testing process. While doing so they will also be identifying vulnerabilities in the applications of the enterprise by configuring scan settings for effective vulnerability enumeration, Identify and document findings, approve false positives and define/document approved mitigations used by AppSec Testers. Experience Level: 8 years Location: Hyderabad or Bengaluru Roles and Responsibilities: ¿ Perform SAST/SCA/DAST scans using industry vulnerability scanner ¿ SAST/SCA ¿ Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE¿s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. ¿ DAST ¿ Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. ¿ This person will be primarily tasked to execute scan retest by performing revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. ¿ During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities. ¿ Tester must ensure results from scanner are present in Vulnerability reporting platforms and visible to approved app users. ¿ Perform manual validation and false positive analysis on the automated scan results.¿ ¿ Provide remediation support will analyze the top rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Primary / Mandatory skills: Overall ¿ 8+ years of IT experience ¿ 7+ years of application security Experience ¿ 5+ years of Application Security testing Experience ¿ Bachelor's degree required. ¿ Deep familiarity with the OWASP Top 10 and other security concerns for web applications ¿ Deep Understanding of OWASP Application Security Verification Standards (ASVS) ¿ Deep understanding of SAST, DAST, SCA Scanning practices ¿ Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. ¿ Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools. ¿ Understanding of SAST, DAST tools and dependency scanning tools ¿ Experience working/integrating with secret management systems. ¿ Advanced knowledge of front end and back end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.) ¿ Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications. ¿ Strong documentation skills ¿ Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required) ¿ Team oriented thinking with demonstrated ability to produce high quality work as part of a fast paced, dynamic team. ¿ Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas. Technical Skills: SAST, DAST, SCA

**About REA Group:** In 1995, in a garage in Melbourne, Australia, REA Group was born from a simple question: “Can we change the way the world experiences property?” Could we? Yes. Are we done? Never. Fast forward 30 years, REA Group is a market leader in online real estate in three continents and continuing to grow rapidly across the globe.The secret to our growth is staying true to that ‘day one’ mindset; the hunger to innovate, the ambition to change the world, and the curiosity to reimagine the future. Our new Tech Center in Cyber City is dedicated to accelerating REA Group’s global technology delivery through relentless innovation. We’re looking for the best technologists, inventors and leaders in India to join us on this exciting new journey. If you’re excited by the prospect of creating something magical from scratch, then read on. **While no two days are likely to be the same, your typical responsibilities will include:** + Lead, recruit, coach, and develop a high-performing Security Engineering team, building an inclusive and collaborative culture aligned with REA’s values and commitment to diversity. + Act as a mentor for both junior and senior engineers, fostering a growth mindset, curiosity, and technical excellence. + Collaborate with product and design teams to transform user needs into technical specifications. + Contribute to REA’s technical strategy and roadmap, aligning with business goals and stakeholders. + Embed secure-by-design principles in all aspects of system, platform, application, and identity architecture spanning cloud, enterprise, and product environments. + Coach teams to embed security practices throughout the full DevSecOps lifecycle, including code reviews, threat modelling, vulnerability management, and incident response. + Define, advocate and exemplify best practices within the team like writing clean and reusable code using TDD, pair programming, and design patterns. + Champion innovation adopting and adapting next-gen approaches such as AI-driven security, zero trust, and “paved road” patterns to stay ahead of the threat landscape. + Actively collaborate with Product, Engineering, Platform, and other business units to ensure security is embedded and enables speed, quality, and trust. **Who we’re looking for:** + 8-13 years of progressive experience in software engineering, security engineering, or product / application security. + Demonstrated experience leading, mentoring, and managing security engineering or product security teams in a high-scale, agile technology environment (preferably SaaS, cloud-native, or platform-centric). + Track record of successfully delivering security programs, initiatives, or platforms in partnership with engineering leadership and technical program managers. + Strong technical skillset (across one or more of) product / application security, enterprise IAM, endpoint security, cloud security, DevSecOps, vulnerability management, and security automation. + Solid understanding of relevant security frameworks (e.g. OWASP Top 10, ASVS, NIST, MITRE ATT&CK), CI/CD security integration, and modern infrastructure-as-code. + Practical knowledge of secure cloud services (e.g. AWS, Azure), with ability to design “paved roads” and security guardrails for developers. + Is committed to lifelong learning, staying updated on the latest web development trends to tackle complex challenges. + Collaborative, open-minded and experienced in scaling healthy team culture and contributing to diversity and inclusion. + Networking or Endpoint Security. + Knowledge of delivery approaches such as TDD, CI and infrastructure automation. + Skilled communicator, able to influence and explain complex technical risks to diverse audiences, including engineers, business leaders, and executives. **As a Bonus:** + Well-versed in two or more languages (JavaScript, TypeScript, React, and Node.js.) + Advocate for code quality and security. Lead code reviews, unit testing, and deployments to ensure users trust the reliability and security of the code. **What we offer:** + A hybrid and flexible approach to working. + Transport options to help you get to and from work, including home pick-up and drop-off. + Meals provided on site in our office. + Flexible leave options including parental leave, family care leave and celebration leave. + Insurance for you and your immediate family members. + Programs to support mental, emotional, financial and physical health & wellbeing. + Continuous learning and development opportunities to further your technical expertise. **The values we live by:** Our values are at the core of how we operate, treat each other, and make decisions. We believe that how we work is equally important as what we do to achieve our goals. This commitment is at the heart of everything we do, from the way we interact with colleagues to the way we serve our customers and communities. **Our commitment to Diversity, Equity, and Inclusion:** We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We believe teams with diverse ideas and experiences are more creative, more effective and fuel disruptive thinking be it cultural and ethnic backgrounds, gender identity, disability, age, sexual orientation, or any other identity or lived experience.We know diverse teams are critical to maintaining our success and driving new business opportunities. If you’ve got the skills, dedication and enthusiasm to learn but don’t necessarily meet every single point on the job description, please still get in touch. **REA Group in India** You might already recognise our logo. The REA brand does have an existing presence in India. In fact, we set up our new tech hub in Gurugram to be their neighbours! REA Group holds a controlling interest in REA India Pte. Ltd., operator of established brands Housing.com, Makaan.com and PropTiger.com, three of the country’s leading digital property marketplaces.Through our close connection to REA India, we’ve seen first-hand the incredible talent the country has to offer, and the huge opportunity to expand our global workforce.Cyber City Tech Center is an extension of REA Group a satellite office working directly with our Australia HQ on local projects and tech delivery. All our brands, across the globe, connect regularly, learn from each other and collaborate on shared value initiatives.

Key Responsibilities Technical Leadership Lead Python development teams on enterprise-grade projects Own and drive architectural decisions and code quality Conduct design and code reviews, and ensure adherence to best practices Backend Development Build and maintain robust, scalable backend services using Python frameworks (Django, FastAPI, Flask) Design APIs, background workers, and data pipelines Team Mentoring Mentor and guide junior and mid-level developers Provide training, performance feedback, and career guidance DevOps and Deployment Work with DevOps to define CI/CD pipelines and deployment strategies Collaborate on containerization using Docker, orchestration with Kubernetes Client and Stakeholder Interaction Translate business requirements into technical solutions Participate in client calls for requirement gathering, demos, and feedback sessions Required Skills 7+ years of Python development experience Strong command over frameworks like Django, FastAPI, Flask Proven experience in API development and integration (REST, GraphQL) Experience with relational (PostgreSQL, MySQL) and NoSQL (MongoDB, Redis) databases Solid understanding of system architecture, design patterns, and scalability Familiarity with asynchronous programming (e.g., Celery, asyncio) Hands-on experience with Docker, Git, and CI/CD pipelines Exposure to cloud platforms (AWS/GCP/Azure) Good understanding of security best practices (OWASP, data protection) Preferred Skills Experience with AI/ML pipelines, data engineering, or microservices Prior experience in leading Agile/Scrum teams Familiarity with front-end technologies (React/Angular) is a plus Contributions to open-source projects or technical blogs Soft Skills Strong problem-solving and decision-making abilities Excellent communication and stakeholder management skills Ability to multitask and manage priorities in a fast-paced environment Team-oriented with a proactive and collaborative approach

Noida 5+Years As per Industry Standards At Acompworld, we are trusted technology partners to leading enterprises, transforming their most complex challenges into scalable, intelligent, and secure software solutions. We are looking for a seasoned Senior Full Stack Engineer who is passionate about building high-impact products and thrives in a client-facing, collaborative environment. Job Responsibilities Solution Architecture: Lead the design,development, and deployment of sophisticated, secure, and scalable applicationsusing modern front-end and back-end technologies. AI-Powered Innovation: Integrate and leverageAI/ML services (e.g., OpenAI, Azure AI, Google Vertex AI) to build intelligentfeatures and automate business processes for our enterprise clients. Cloud & DevOps: Architect and managerobust solutions on AWS, Azure, or GCP. Champion a strong DevOps culture bybuilding and maintaining automated CI/CD pipelines using Infrastructure as Code(IaC), Docker, and Kubernetes. Observability & Performance: Implement and manage monitoring, logging, and alertingsolutions (e.g., using Datadog, Prometheus, Grafana, ELK Stack) to ensure highavailability and performance of production systems. Data-Driven Systems: Design and implementsolutions that involve complex data models and integrate with large-scaledatabases and data pipelines. Client Partnership: Collaborate directlywith enterprise stakeholders to translate complex business requirements intodetailed technical specifications, lead solution demos, and iteratively refineproducts based on feedback. Team Mentorship & Quality Advocacy: Mentor junior engineers, conduct rigorous code reviews, andenforce best practices in testing, security (OWASP Top 10), and accessibility(WCAG/ADA) to ensure enterprise-grade quality. Required Skills Frontend: Expert proficiency inat least one modern framework (React, Angular, or Vue) with TypeScript. Deepunderstanding of state management (e.g., Redux, Zustand, NgRx), modern CSS, andbuilding responsive, accessible UIs. Backend: Proven experience withone or more server-side languages (Node.js, Python, .NET Core, Java), includingdesigning and building secure RESTful and/or GraphQL APIs. Databases: Advanced proficiencywith both SQL (e.g., PostgreSQL, SQL Server) and NoSQL (e.g., MongoDB,DynamoDB, Cosmos DB) databases, including data modeling and performance tuning. Cloud Platform: Demonstrable experiencedeploying and managing production applications on AWS, Azure, or GCP (includingserverless, containers, IAM, and networking). DevOps & IaC: Hands-on experience withCI/CD tools (e.g., GitHub Actions, Jenkins, Azure DevOps) and Infrastructure asCode (e.g., Terraform, CloudFormation). Strong knowledge of Docker andcontainer orchestration with Kubernetes. Architecture & Integration: Solid understanding of microservices and event-drivenarchitecture. Proven experience integrating with enterprise systems (e.g., SAP,Salesforce, Oracle) and third-party services (e.g., Auth0, Stripe). Soft Skills: Exceptionalcommunication, problem-solving, and leadership skills. Ability to workautonomously and translate ambiguous client needs into concrete technicalsolutions. Nice-to-Have Skills Experience within aspecific enterprise domain (e.g., Energy, Manufacturing, Supply Chain,Healthcare). Relevant cloudcertifications (e.g., AWS Certified Solutions Architect, Azure DeveloperAssociate). Experience with datavisualization libraries or tools (e.g., D3.js, Power BI, Tableau). Educational Qualifications: B.Tech / M.Tech / MCA

Application Security Risk Classification Analyst Project description Do you have the know-how to apply business analysis techniques to deliver process and control execution in Application Security area? Are you a committed and collaborative team player with an analytical and logical mind-set? Are you motivated to work in a complex, diverse and global environment? ASCA (Application Security Risk Classification (ASCA) is part of a global organization within Technology Information Security Office (TISO). Our services focus on Cyber Hygiene for applications and infrastructure, detecting/remediating/governing measures for cyber threats. . You'll be working as part of our global Application Security team. As an ASCA Analyst, you'll play an important role in ensuring the on-going cyber-security of our client. We offer flexibility in the workplace and equal opportunities to all our team members. Our team is global, diverse and collaborative as we work across organizations to keep our technology, applications and the businesses they support secure. Responsibilities We're looking for a ASCA business analyst to: On-board applications to Application Security Framework (ASF) in cooperation with the Software Component Manager (SWCM) Management of applications in scope of control processes and execution Management of the pipeline of the applications to be onboarded Coordinating entries to Application Security Management System Compliance reporting to stakeholders, including risk and compliance teams. Production Tollgate verification for releasing applications into Production environment. Skills Must have Your expertise Ideally 2-3 years of experience in applying cyber security analysis or administration, preferably in IT Security or Risk Management projects (Application Security area preferred). Experience with data analysis proficiency with Excel is a must. Ability to work independently on assigned tasks and driving them from start to completion. Ability to challenge and propose possible improvements (in various areas, e.g. process, reporting) Ability to explain complex concepts in a clear and concise manner Use to work with stakeholders on different levels of the organization Use to work in a demanding and variable environment Excellent written and verbal communication skills Fluent in English Nice to have Experience within Application Security area preferred

Location: IN - Hyderabad Telangana Goodyear Talent Acquisition Representative: M Bhavya Sree Sponsorship Available: No Relocation Assistance Available: No Required Job Description: 9+ years of experience with AWS (EC2, ECS/EKS, Lambda, IAM, VPC, CloudTrail, CloudWatch). Proven use of GitHub Actions, GitHub Enterprise, Terraform, Ansible. Strong expertise in SonarQube, code quality, and static analysis tooling. Experience with Datadog, APM tools, log aggregation, metrics dashboards. Strong foundation in testing strategies (unit, contract, performance, integration, E2E). Security automation experience (e.g., secrets management, container/image scanning). Proficient in scripting (e.g., Bash, Python) and YAML-based configuration. Preferred Experience with OWASP, threat modeling, or policy-as-code (e.g., OPA). Familiarity with container orchestration (e.g., Kubernetes on EKS). Knowledge of service mesh, API gateways, and secure networking principles. Goodyear is an Equal Employment Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to that individual's race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender identity, age, physical or mental disability, ethnicity, citizenship, or any other characteristic protected by law. Goodyear is one of the world’s largest tire companies. It employs about 68,000 people and manufactures its products in 53 facilities in 20 countries around the world. Its two Innovation Centers in Akron, Ohio and Colmar-Berg, Luxembourg strive to develop state-of-the-art products and services that set the technology and performance standard for the industry. For more information about Goodyear and its products, go to www.goodyear.com/corporate

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Technical Architect – Hybrid Infrastructure, Cloud & Security As enterprises operate in hybrid environments—balancing legacy systems with public cloud adoption—the need for a security-aware infrastructure architect has become mission-critical. This role ensures that architectural decisions are secure by design, scalable, and compliant across on-prem, cloud, and emerging AI-driven ecosystems. The position exists to enable governed transformation while aligning IT infrastructure and cloud strategies with enterprise risk posture, regulatory compliance, and AI/GenAI governance principles. Reporting Line Reports To: AVP – Global IT Security and Compliance Works Closely With: Cloud Engineering, Infrastructure Operations, Cybersecurity, Compliance, Enterprise Architecture, and Data Governance Teams What We Are Looking For We are looking for a strategic Technical Architect with a deep understanding (hands-on not mandatory) of: - Hybrid infrastructure design principles (on-prem and cloud) - Cybersecurity best practices (Zero Trust, segmentation, data protection) - Enterprise governance frameworks (TOGAF, COBIT) - AI/ML platform governance, including GenAI tool oversight, risk assessment, and policy alignment The ideal candidate should be able to evaluate, influence, and architect platforms that align with the organization's security, compliance, and digital transformation goals. Technical & Governance Focus Areas - Cloud Architecture (Azure/AWS/GCP): Understanding of services, architectural patterns, IAM, encryption, and secure connectivity - Infrastructure Design: DC/DR, segmentation, SD-WAN, perimeter design, and HA models - Cybersecurity Alignment: Security zones, threat modeling, CSPM, CNAPP, and DLP strategies - DevOps & Automation Governance: IaC awareness, CI/CD pipeline oversight, policy-as-code understanding - AI/ML & GenAI Governance: - Familiarity with model lifecycle management, data privacy, auditability, and usage control - Alignment to ISO 42001, NIST AI RMF, and enterprise AI/GenAI policy frameworks Governance & Framework Alignment - Strong knowledge of TOGAF, COBIT, ISO 27001, and risk-driven architecture - Participates in Architecture Review Boards, Cloud Governance Councils, and AI oversight groups - Aligns with DSPM, Cloud Compliance Posture, and Zero Trust strategies Preferred Certifications - Cloud: Azure Solutions Architect, AWS SA-Professional, or GCP Architect - Architecture: TOGAF Certified, COBIT 2019 Foundation - Security: CISSP, CCSP (preferred) - AI Governance (Nice to Have): Familiarity with ISO 42001, NIST AI RMF Expanded Cybersecurity Alignment (Updated with OWASP) - Zero Trust and Segmentation: Familiarity with secure network and identity architecture patterns - Data Protection Lifecycle: Understanding of encryption, tokenization, DLP, and secure access - Threat Modeling: Awareness of techniques such as STRIDE, DREAD, and OWASP Top 10 risks, especially relevant for APIs, cloud-native apps, and AI-driven interfaces - API and Web Security: Ensures compliance with OWASP API Security Top 10 and Secure Coding Guidelines - Collaborates with AppSec teams to embed secure architecture practices into CI/CD pipelines AI/ML & GenAI Governance (Extended) - Ensures that GenAI tools and APIs adhere to secure integration principles, including OWASP AI Security & Privacy Guidelines - Participates in defining secure usage boundaries, input sanitization, and output validation frameworks - Collaborates with data scientists and ML engineers to map AI flows to threat models and control objectives Qualifications [Some qualifications you may want to include are Skills, Education, Experience, or Certifications.] Example: Excellent verbal and written communication skills