3229 Owasp Jobs - Page 16

Cialfo is a leading platform connecting students, higher education institutions, and counselors through technology-driven solutions. Launched in 2017 with a mission to make education accessible to 100 million students, Cialfo provides a range of mobile and web solutions to students, K-12 institutions, and higher education institutions. We’re one of the fastest-growing tech startups in the region, consistently charting new heights! About This Role We are looking for a Quality Engineer to help our product team improve the quality of the software we develop. You will collaborate with the product team to understand how product features are meant to work and develop tests to validate and invalidate the features in development. You will participate in the product development process by maintaining and running test scenarios according to the feature being developed. If you are passionate about quality, we’d like to meet you. What You Will Be Doing Review and analyze the Cialfo platform and write test cases and test scripts to test the system. Review requirements, specifications, and technical design documents to provide timely and meaningful feedback. Create detailed, comprehensive, and well-structured test plans and test cases. Perform functional and non-functional testing as needed Troubleshoot and perform root cause analysis of the identified bugs/issues with short-term and long-term solutions. Identify, record, thoroughly document, and track bugs. Communicate efficiently with peers, Engineering, Design, and Product Managers regarding requirements and product issues. About You Qualifications 2+ years of professional experience as SQE in a manual capacity and minimum 1 year in automation testing is a mandate. Bachelor’s or Master’s in Computer Science, Software Engineering, or equivalent. Experience 2+ years of professional experience in non-functional areas: performance. Familiarity with tools like JMeter, and OWASP/ZAP will be considered a plus. Knowledge and experience of Test process in Agile. Knowledge and experience in using Test management and defect management tools i.e. TestRail, ALM, HPQC, Zephyr, JIRA with AIO, etc. Knowledge and experience in API testing using Postman. Sound knowledge of Software Development Life Cycle (SDLC) with experience in working with fast-paced production development teams. Ability to comprehend complex system architecture, and create appropriate test solutions. Applying appropriate test measurements and KPIs in the product/project. Skills & Qualities Good planning and organization skills. Excellent oral and written communication skills in English.

Job Title: Senior Quality Analyst Experience: 4+ years Location: Kolkata (Work From Office) Employment Type: Full-Time Salary Bracket: Up to INR 7 LPA Notice Period: Immediate Joiners Only Role Overview: As a Senior Quality Analyst, you will lead the design and execution of end-to-end test strategies to ensure flawless software delivery. You will drive innovation in automation, optimize testing frameworks, and mentor junior team members while collaborating with cross-functional teams to deliver exceptional user experiences. Kindly DM or Post your resume at atul@mpowerment.in & mention in Subject line: "Application for Senior Quality Analyst" Required: Essential Skills: Programming: Java, JavaScript Automation: Selenium, Cucumber, Gherkin, TestNG Tools: REST Assured, Postman, JMeter, k6, Docker, Selenium Grid, Cypress, Playwright, Robot Framework, Protractor Cloud: Hands-on with AWS/Azure/GCP (testing SaaS apps or cloud infrastructure). Reporting: Extent, Allure, advanced logging strategies Methodologies: Agile, DevOps, TDD/BDD Desirable Skills: Security Testing: SAST/DAST tools (OWASP ZAP, Burp Suite), VAPT Mobile Testing: Appium, Espresso (if applicable) Database Testing: SQL, NoSQL (MongoDB, Cassandra) AI/ML in Testing: Familiarity with AI-driven test generation tools Domain Knowledge: Risk Management Soft Skills: Strong communication to translate technical issues for non-technical stakeholders. Problem-solving mindset with a focus on continuous improvement. Leadership in driving QA initiatives and process innovation. Key Responsibilities: Technical Leadership: Architect, develop, and maintain automation frameworks from scratch (Selenium, Playwright, TestNG, BDD Cucumber). Implement parallel execution, retry mechanisms, and Selenium Grid for scalable testing. Design data-driven tests (Excel, CSV, JSON) and integrate DataFaker/JavaFaker for realistic test data. Process & Collaboration: Partner with DevOps to integrate testing into CI/CD pipelines (Jenkins, GitHub Actions). Lead Agile practices (daily stand-ups, sprint planning, retrospectives) and ensure QA alignment with sprint goals. Mentor junior analysts and promote TDD/BDD adoption across teams. Advanced Testing: Conduct API testing (REST Assured, Postman) and performance/load testing (k6, JMeter). Perform security testing (OWASP Top 10, Burp Suite) and VAPT to identify vulnerabilities. Validate cloud-native applications (AWS/Azure/GCP) and containerized environments (Docker). Quality Governance: Define KPIs (test coverage, defect leakage rate, CI/CD pipeline efficiency) and track improvements. Generate actionable insights using Extent/Allure reports, logs, and video recordings. Perform root cause analysis and lead defect triage with developers. Innovation: Explore AI/ML-driven testing tools for predictive analytics and test optimization. Stay updated with industry trends (e.g., shift-left testing, chaos engineering).

We are seeking a versatile and experienced Cybersecurity Professional to join our team as a Threat Hunter and VAPT Analyst . In this dual-capacity role, you will proactively identify and mitigate emerging cyber threats, perform in-depth vulnerability assessments, and help protect critical infrastructure and data assets. This role requires a blend of advanced technical expertise , analytical mindset , and strong collaboration with SOC and incident response teams. Key Responsibilities Threat Hunting Proactively hunt for undetected threats across networks, systems, and endpoints using behavioral analysis and threat intelligence . Identify Tactics, Techniques, and Procedures (TTPs) and anomalies to detect potential threats or APT activities. Leverage threat intelligence feeds and the MITRE ATT&CK framework to build and validate detection use cases. Collaborate with SOC teams to enhance detection rules and reduce false positives. Conduct forensic investigations and perform root cause analysis on incidents and suspicious behaviors. Develop custom scripts and queries (Python, PowerShell, Bash) for automating hunting activities in EDR, SIEM, and XDR platforms. Document and share threat hunting reports , IOCs , and actionable recommendations with relevant stakeholders. Vulnerability Assessment & Penetration Testing (VAPT) Conduct vulnerability assessments and penetration tests on systems, applications, networks, and APIs. Analyze vulnerabilities, assess risks, and deliver detailed, actionable reports to technical teams. Use a combination of automated tools (e.g., Nessus , Burp Suite , Nmap , Metasploit ) and manual techniques to identify security flaws. Ensure all assessments adhere to internal policies and regulatory standards . Perform periodic and ad-hoc security assessments for web applications , databases , wireless , and cloud environments . Collaborate with IT teams to validate remediations through re-testing and follow-ups . Stay current on emerging vulnerabilities , exploit techniques , and threat actor tactics . Qualifications & Skills Bachelor’s degree in computer science, Information Security , or a related discipline. 5+ years of experience in a cybersecurity role with hands-on work in threat hunting and VAPT . Strong expertise in VAPT tools and methodologies: Nessus, Burp Suite, Nmap, Metasploit, OWASP Top 10 . Experience with SIEMs , EDR platforms , and threat intelligence tools . Working knowledge of the MITRE ATT&CK framework . Proficient in scripting languages such as Python, PowerShell, or Bash . Excellent analytical , investigative , and report-writing skills. Strong communication and stakeholder engagement abilities. Preferred Certifications OSCP – Offensive Security Certified Professional CEH – Certified Ethical Hacker GIAC – GCIH, GPEN, GWAPT

Key Responsibilities Monitor, identify, and respond to security incidents across systems and networks. Implement and maintain security measures such as firewalls, intrusion detection systems (IDS), and endpoint protection. Conduct regular vulnerability assessments and penetration tests on systems and applications. Collaborate with DevOps and Engineering teams to integrate security best practices into CI/CD pipelines. Manage and review access controls, identity management, and secure configurations. Investigate and remediate security breaches, threats, and anomalies. Stay current with the latest security trends, vulnerabilities, and threat intelligence. Document security processes, policies, incident response plans, and risk assessments. Assist in compliance efforts (e.g., ISO 27001, SOC 2, GDPR) as applicable. Required Skills and Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Proven experience in system/network/application security. Strong knowledge of cybersecurity frameworks and standards (OWASP, NIST, CIS). Familiarity with tools such as Wireshark, Nessus, Burp Suite, Metasploit, or similar. Hands-on experience with cloud platforms (AWS, Azure, or GCP) and securing cloud infrastructure. Understanding of secure coding practices and code review for security flaws. Scripting knowledge (e.g., Python, Bash, PowerShell) is a plus. Nice to Have Security certifications like CEH, CISSP, OSCP, or CompTIA Security+. Experience in automating security tasks or using SIEM tools. Knowledge of container security (e.g., Docker, Kubernetes). Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Flexible schedule Paid sick time Paid time off Provident Fund Ability to commute/relocate: Gandhinagar, Gujarat: Reliably commute or planning to relocate before starting work (Required) Experience: Security Engineer: 2 years (Required) Work Location: In person

About the Role: We are looking for a skilled and detail-oriented QA Engineer with over 2 years of experience in manual, automation, performance, and security testing . You will work closely with developers, product managers, and DevOps teams to ensure high-quality, secure, and scalable software products. This role is ideal for someone who is passionate about software quality and eager to take ownership of test planning and execution across functional and non-functional requirements. Key Responsibilities: Design and execute test cases for functional, regression, and integration testing. Develop and maintain automated test scripts using tools such as Selenium/TestNG. Conduct performance testing using tools like JMeter, LoadRunner, or similar. Perform basic security testing (e.g., input validation, authentication/authorization checks, session handling). Validate REST APIs and backend logic using tools such as Postman or Swagger. Document defects clearly and follow up with the development team until resolution. Analyze test results, identify patterns, and suggest improvements for stability and performance. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or equivalent. 2+ years of experience in Quality Assurance, with exposure to both manual and automated testing. Hands-on experience in performance testing tools such as Apache JMeter, BlazeMeter, or LoadRunner. Familiarity with security testing concepts , OWASP Top 10, and tools like Burp Suite (basic level). Proficient in bug tracking tools (e.g., Jira). Understanding of API testing using Postman or similar tools. Basic understanding of SQL and database testing. Strong problem-solving, documentation, and communication skills. Job Type: Full-time Pay: ₹25,000.00 - ₹35,000.00 per month Benefits: Health insurance Leave encashment Paid sick time Paid time off Provident Fund Schedule: Day shift Experience: TestNG: 2 years (Required) Jira: 1 year (Required) Location: Ahmedabad, Gujarat (Required) Work Location: In person Speak with the employer +91 8160197141

About the Role: We are looking for a skilled and detail-oriented QA Engineer with over 2 years of experience in manual, automation, performance, and security testing . You will work closely with developers, product managers, and DevOps teams to ensure high-quality, secure, and scalable software products. This role is ideal for someone who is passionate about software quality and eager to take ownership of test planning and execution across functional and non-functional requirements. Key Responsibilities: Design and execute test cases for functional, regression, and integration testing. Develop and maintain automated test scripts using tools such as Selenium/TestNG. Conduct performance testing using tools like JMeter, LoadRunner, or similar. Perform basic security testing (e.g., input validation, authentication/authorization checks, session handling). Validate REST APIs and backend logic using tools such as Postman or Swagger. Document defects clearly and follow up with the development team until resolution. Analyze test results, identify patterns, and suggest improvements for stability and performance. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or equivalent. 2+ years of experience in Quality Assurance, with exposure to both manual and automated testing. Hands-on experience in performance testing tools such as Apache JMeter, BlazeMeter, or LoadRunner. Familiarity with security testing concepts , OWASP Top 10, and tools like Burp Suite (basic level). Proficient in bug tracking tools (e.g., Jira). Understanding of API testing using Postman or similar tools. Basic understanding of SQL and database testing. Strong problem-solving, documentation, and communication skills. Job Type: Full-time Pay: ₹25,000.00 - ₹35,000.00 per month Benefits: Health insurance Leave encashment Paid sick time Paid time off Provident Fund Experience: Jira: 1 year (Required) Software testing: 1 year (Required) Location: Ahmedabad, Gujarat (Required) Work Location: In person Speak with the employer +91 8160197141

About the Role: We are looking for a skilled and detail-oriented QA Engineer with over 2 years of experience in manual, automation, performance, and security testing . You will work closely with developers, product managers, and DevOps teams to ensure high-quality, secure, and scalable software products. This role is ideal for someone who is passionate about software quality and eager to take ownership of test planning and execution across functional and non-functional requirements. Key Responsibilities: Design and execute test cases for functional, regression, and integration testing. Develop and maintain automated test scripts using tools such as Selenium/TestNG. Conduct performance testing using tools like JMeter, LoadRunner, or similar. Perform basic security testing (e.g., input validation, authentication/authorization checks, session handling). Validate REST APIs and backend logic using tools such as Postman or Swagger. Document defects clearly and follow up with the development team until resolution. Analyze test results, identify patterns, and suggest improvements for stability and performance. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or equivalent. 2+ years of experience in Quality Assurance, with exposure to both manual and automated testing. Hands-on experience in performance testing tools such as Apache JMeter, BlazeMeter, or LoadRunner. Familiarity with security testing concepts , OWASP Top 10, and tools like Burp Suite (basic level). Proficient in bug tracking tools (e.g., Jira). Understanding of API testing using Postman or similar tools. Basic understanding of SQL and database testing. Strong problem-solving, documentation, and communication skills. Job Type: Full-time Pay: ₹30,000.00 - ₹40,000.00 per month Benefits: Health insurance Leave encashment Paid sick time Paid time off Provident Fund Schedule: Day shift Experience: Test automation: 2 years (Required) Functional testing: 2 years (Required) Location: Ahmedabad, Gujarat (Required) Work Location: In person Speak with the employer +91 8160197141

IT Analyst, Security, Risk and Compliance Job #: req33832 Organization: World Bank Sector: Information Technology Grade: GE Term Duration: 3 years 0 months Recruitment Type: Local Recruitment Location: Chennai,India Required Language(s) Preferred Language(s): Closing Date: 8/1/2025 (MM/DD/YYYY) at 11:59pm UTC Description Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 130 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit www.worldbank.org ITS Vice Presidency Context The Information and Technology Solutions (ITS) Vice Presidential Unit (VPU) enables the World Bank Group to achieve its mission of ending extreme poverty and boost shared prosperity on a livable planet by delivering transformative information and technologies to its staff working in over 150+ locations. For more information on ITS, see this video: https://www.youtube.com/watch?reload=9&v=VTFGffa1Y7w Vice Presidency Context Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty by 2030 and boosting shared prosperity in a sustainable manner by delivering transformative information and technologies to its staff working in over 130 client countries. ITS services range from: establishing the infrastructure to reach and connect staff and development stakeholders; providing the devices and agile technology and information applications to facilitate the science of delivery through decentralized services; creating and maintaining tools to integrate information across the World Bank Group, the clients we serve and the countries where we operate; and delivering the computing power staff need to analyze development challenges and identify solutions. The ITS business model combines dedicated business solutions centers that provide services tailored to specific World Bank Group business needs and shared services that provide infrastructure, applications and platforms for the entire Group. ITS is one of three VPUs that have been brought together as the World Bank Group Integrated Services (WBGIS), to provide enhanced corporate core services and enable the institution to operate as one strategic and coordinated entity. Unit Context The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR enables and facilitates a risk aware culture, ensures that WBG information assets are protected in an effective, efficient, and balanced manner; and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy. ITSSR establishes and maintains the World Bank Group's IT and InfoSec policies and standards; develops and engineers the WBG’s information security plans and solutions; responds to security incidents; and ensures that the information risks are identified, assessed, and managed in consistent with the overall risk management approach and with the established appetite and tolerance.ITSSR consists of three main units:1)) ITS Infosec Engineering & Operations (ITSIS), 2) IT Risk Management (ITSRM). and 3) Program Management Office (PMO). Note: If the selected candidate is a current Bank Group staff member with a Regular or Open-Ended appointment, s/he will retain his/her Regular or Open-Ended appointment. All others will be offered a 3 year term appointment. Roles & Responsibility The Information Security Analyst in Vulnerability Management will have overall responsibilities for executing the work program under the Threat and Vulnerability Management team; as well as for working as an integral part of the OIS team in executing OIS’s work programs. The primary responsibilities will include, but are not limited to, the following: Conduct regular vulnerability assessment scans on all enterprise web assets and databases and troubleshoot any problems encountered. Perform manual penetration testing using open source and commercial security tools against all enterprise web assets and databases. Document security findings with reasonable methods to secure. Work in tandem with developers to provide repetitive validation testing and track the remediation of any vulnerabilities discovered. Work with commercial security tool vendors to resolve any bugs and false positives in their products. Produce and maintain appropriate documentation and dashboards detailing the enterprise vulnerability posture. Produce weekly/monthly reports of activities and operational status of systems and processes under his/her control. Participate in audits, as needed, producing necessary documentation, reports and explanations. Implement corrective and preventive action plans approved by unit managers. Selection Criteria Bachelor or Master’s degree (or equivalent) in Computer Science, Information Systems or related fields; 3-5 years of relevant information security experience. Excellent understanding of operating system and application security, administration, and debugging. Experience using and customizing open-source security tools. Advanced level knowledge of interpreted languages such as Python, PowerShell, or Bash. Advanced level knowledge of TCP/IP networking concepts and protocols, advanced technical knowledge of common network protocols (DNS, HTTP/HTTPS) and network security concepts. Experience and advanced level knowledge of using web application scanning tools. Experience and advanced level knowledge of using web penetration testing tools. Experience in security testing on intra-company and third-party APIs. Experience in security testing on AI oriented applications desirable. Basic knowledge in Azure and AWS IaaS and PaaS services. Advanced level knowledge of common attacks against web applications and OWASP Top 10. Knowledge of database security and experience of using database scanning tools preferred. Experience working in Agile environments, participating in Agile ceremonies, and utilizing Agile methodologies for security operations/testing. Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills, an ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations. Ability to assess risks in line with information security objectives and risk tolerance of the institution. Proven conceptual, analytical and evaluation skills. Risk Management - Reduces risk by solving day-to-day problems as they arise. Systems Thinking - Investigates the critical relationships among primary business, technology and systems platforms. Client Orientation - Takes personal responsibility and accountability for timely response to client queries, requests or needs, working to remove obstacles that may impede execution or overall success. Drive for Results - Takes personal ownership and accountability to meet deadlines and achieve agreed-upon results and has the personal organization to do so. Team player with strong technical and user support skills. Excellent oral and written communication skills. Able to present and explain technical information to diverse types of audience (management, users, vendors, and technical staff). WBG Culture Attributes Sense of Urgency – Anticipating and quickly reacting to the needs of internal and external stakeholders. Thoughtful Risk Taking – Taking informed and thoughtful risks and making courageous decisions to push boundaries for greater impact. Empowerment and Accountability – Engaging with others in an empowered and accountable manner for impactful results. World Bank Group Core Competencies The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities. We are proud to be an equal opportunity and inclusive employer with a dedicated and committed workforce, and do not discriminate based on gender, gender identity, religion, race, ethnicity, sexual orientation, or disability. Learn more about working at the World Bank and IFC , including our values and inspiring stories.

Job Description We’re looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organization’s digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Key Skills 3+ years of experience in cybersecurity or a related technical role. Bachelor’s degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Roles and Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organization’s security posture.

About the job Compensation : 90k - 130k per month Key responsibilities: • Bug Bounty experience is a must Work on security assessment VAPT of different web/android applications from diverse sectors. Create and implement automation solutions to enhance security and reduce manual effort. Collaborate with best security professionals to ensure the protection of the organization's information systems, data, and network infrastructure. Triage vulnerability reports on bug bounty programs and take it to resolution within the defined SLAs. Develop and maintain security policies, procedures, and standards Perform application security reviews and threat modeling on mission-critical systems, & enterprise applications to find and address potential security risks. Work on staying up-to-date with the latest security threats and vulnerabilities, and recommend security improvements. Good communication skills to organize and lead security awareness training sessions. Real life social engineering simulation campaigns with the organizations. What To Bring: • In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10 • Experience in doing security assessments on web applications, Android and iOS mobile applications in microservice architecture • Experience in using the security tools to carry out manual & automated security assessments • Experience working with common product flows like payment gateway integration, authentication etc. • Knowledge of how applications work end-to-end which may help in multiple scenarios. • Good knowledge & understanding of Python, Burp Suite, NMAP, Nuclei etc. is a must. • Passion for security, and a practical and balanced approach to security issues • Ability to visualize the root cause and deep dive • Curiosity in knowing how things work in different conditions • Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams. • Exceptional interpersonal verbal and written skills in English. • Ability to document risks, security controls and evidence to ensure compliance Who are we? Cyber Security Job Board aims to deliver a Security as a Service (SECaaS) offering with different solutions consolidated on a centralized dashboard (a one-stop-shop for all your security needs). With the fast evolving needs of the world and rapid development within an organization, it becomes harder for the teams to deliver their flagship offerings to clients both securely and seamlessly. Cyber Security Job Board team comprises best security researchers and certified white hat hackers to protect organizations' data from attackers by detecting, investigating, and responding to cyber-threat. The main motto for Cyber Security Job Board is to work hand-in-glove with the business, to enable them to still deliver their digital ambition without compromising on the security of their product and also of their stakeholders. This ensures that the business can build a digital info system vested in innovation, security & trust. Our Values • We are audacious in vision and action • We encourage honesty and open dialogue • We respect everyone and every point of view • We make objective and data-driven decisions • We believe trust and accountability go hand-in-hand • We invest in each other's growth • We bring our A-game and nothing else • We take charge and get it done Benefits Offered/Perks The glory. Almost too much responsibility and ownership of projects. Company Onsite / Fun Events. Work with skilled security researchers!

We are seeking a skilled and dynamic Security & Privacy Architect and SDL Coach to join our team and help strengthen the security posture of our software development lifecycle. This role combines a strong foundation in code analysis, security architecture, and coaching teams on security best practices. The ideal candidate will work closely with development teams, conducting security assessments, guiding secure coding practices, and ensuring compliance with industry standards. As a Security & Privacy Architect, you will be responsible for identifying vulnerabilities and providing actionable recommendations to reduce security risks. As an SDL Coach, you will help application teams adopt security-focused practices into their software development lifecycle (SDLC) while ensuring compliance with regulatory standards like PCI-DSS. Key Responsibilities Code Analysis, Scanning, and Remediation • Security Tool Configuration: Configure and operate security scanning tools (e.g., Snyk, Grit, Checkmarx, Coverity, Mend etc.) to scan applications and interpret results to identify potential security flaws. • Static and Dynamic Code Analysis: Perform static and dynamic code analysis to identify vulnerabilities in the source code. Help App teams in adopting best practices. • Vulnerability Remediation: Work directly with development teams to guide them in resolving identified vulnerabilities and promote secure coding practices. • Issue Prioritization: Prioritize critical security issues and escalate them for immediate remediation when necessary. Security & Privacy Architecture • Security Assessments: Conduct in-depth security assessments to identify potential attack vectors, vulnerabilities, and risks in the application architecture and source code. • Recommendations: Provide actionable recommendations to development and architecture teams to address security gaps and ensure compliance with security standards. • Security Design: Assist in the design of secure application architectures that meet both business and security requirements. SDL Coaching and Best Practices • SDL Awareness: Conduct Security Development Lifecycle (SDL) Coaching and Assessments with development teams to raise awareness of security practices and ensure they align with best security practices. • Security Best Practices Adoption: Guide teams in adopting and integrating Comcast Security practices into their SDLC, focusing on secure coding, testing, and deployment. • Coaching & Mentoring: Provide ongoing coaching and mentoring to developers to help them understand the importance of security throughout the development process. Compliance Lead (CGA, PCI, CPP) • Regulatory Compliance: Participate in security risk assessments and ensure that applications comply with relevant industry standards and regulations (e.g., PCI-DSS, CGA, CPP). • Audit Preparation: Assist application teams with preparation for security audits, providing guidance before and after audits to address any issues. • Documentation: Ensure that all security compliance requirements are well documented and tracked. Research and Continuous Improvement • Threat Intelligence: Stay updated on the latest security threats, vulnerabilities, and emerging trends in application security to proactively mitigate risks. • Tool & Framework Evaluation: Evaluate new security tools, frameworks, and technologies that can improve the effectiveness of security code scanning and remediation. Conduct comparative analysis and provide recommendations. • Process Improvement: Continually assess and improve security processes within the development lifecycle to enhance overall security posture. Required Qualifications • Experience: 8+ years of experience in application security, including hands-on experience with code analysis, security testing, and risk assessments. • Technical Skills: o Strong understanding of secure software development practices. o Familiarity with security tools such as Snyk, Grit, Checkmarx, Mend and other static/dynamic code analysis tools. o Knowledge of security vulnerabilities (e.g., OWASP Top 10, CVEs) and remediation techniques. o Experience with common security frameworks and methodologies (e.g., OWASP, NIST, CIS, PCI-DSS). o Proficient in at least one programming/scripting language (e.g., Python, Java, C#, JavaScript). • Compliance Knowledge: In-depth understanding of industry compliance standards such as PCI-DSS, CGA, and CPP. • Communication Skills: Excellent written and verbal communication skills with the ability to interact with technical and non-technical teams alike. Preferred Qualifications • Certifications: CISSP, CISM, CISA, or equivalent security certification is highly preferred. • Experience with Cloud Security: Knowledge of security best practices in cloud environments (AWS, Azure, GCP). • Experience with DevSecOps: Experience with integrating security practices into DevOps pipelines and workflows.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Preferred candidate profile : Cyber Security Assessment & Consulting,Manual Penetration Testing using OWASP checklists,OWASP Top 10,OWASP ZAP,Static Code analysis,Static/dynamic testing of mobile applications,Vulnerability Assessment Location : Bangalore Immediate joiner to 15 days only Role & responsibilities Performed Application Security Testing, Cloud Security Testing. Review Reports. Stakeholder management. Thanks and regards, Ankita

Job Title: Senior Software Engineer II (DevSecOps) Department: Technology Reports to: Software Engineering Manager / Infrastructure Manager Experience: 3+ years Location: Ahmedabad, India-Remote Overview As a DevSecOps Engineer at Genea, you will be a key player in shaping the secure delivery and operation of our SaaS products. You will ensure that security is embedded across our CI/CD pipelines, infrastructure, and software lifecycle while enabling developer productivity. You will champion secure-by-default practices and work closely with engineering teams to automate and monitor security controls, ensuring compliance and reliability at scale. Genea is an engineering company at heart. We hire people with a broad set of technical skills who are ready to take on some technology s greatest challenges and make an impact on Genea s end users. A DevSecOps Engineer s approach should be customer-centric, security-focused, and results-driven. Transparency, teamwork, and dedication are essential qualities for this role. Duties and Responsibilities: Embed security best practices into CI/CD pipelines and infrastructure as code. Design, implement, and maintain security scanning and monitoring tools for vulnerabilities across containers, applications, and cloud environments. Work with developers to integrate security tools and policies without impacting delivery velocity. Develop and enforce policies for secrets management, IAM least privilege, and secure artifact storage. Support audits (e.g., SOC 2) by maintaining evidence of security controls. Monitor, triage, and respond to security events, coordinating with engineering and management. Drive incident response and post-mortem processes for security-related issues. Perform code and infrastructure reviews from a security perspective. Automate compliance checks and security benchmarks (CIS, OWASP, etc.). Contribute to documentation, runbooks, and internal knowledge sharing. Participate in or lead infrastructure and architecture reviews, advising on secure designs. Be available to support urgent production or security events outside of business hours. Qualifications: Bachelor s degree in computer science, Information Security, or a related field. 3+ years of experience in DevOps, Cloud Infrastructure, or Security Engineering. Hands-on experience with AWS/Azure/GCP cloud security services and policies. Experience implementing vulnerability management (SCA, SAST, DAST) and container security tools (like Trivy, AWS Inspector, Aqua). Working knowledge of Infrastructure as Code (Terraform, CloudFormation, or similar). Experience managing CI/CD pipelines (GitHub Actions, Jenkins, or equivalent). Understanding of networking security, encryption, certificate management, and IAM. Familiarity with regulatory and compliance standards (SOC2, GDPR, etc.) is a plus. Strong scripting skills in Python, Bash, or similar. Experience with incident management and security monitoring tools (like GuardDuty, CloudTrail, ELK, etc.). Knowledge of Agile/Scrum development processes. Competencies: Security-First Mindset - Champions secure design and is vigilant about risk. Problem Solving - Identifies and resolves infrastructure or security issues quickly. Teamwork - Balances team and individual priorities; collaborates across teams to embed security. Adaptability - Handles shifting priorities, compliance changes, and evolving threat landscapes. Professionalism & Ethics - Upholds trust, integrity, and transparent communication. Technical Mastery - Continuously develops technical skills and shares knowledge. Oral & Written Communication - Clearly documents and explains security concepts to non-security teams. Perks and benefits we offer: Work Your Way: Enjoy a flexible working environment that suits your lifestyle. Time Off: 24 days of PTO and 10 holidays to unwind and pursue your passions. Comprehensive Leave Options: Including maternity, paternity, adoption, wedding, and bereavement leaves to support you during important life events. Health & Safety First: Benefit from family health insurance and personal accident coverage beyond your CTC. Top Workplace Honors: Celebrated as a Top Workplace from 2021 to 2024. Balanced Workweek: Embrace a balanced life with our 5-day work schedule

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering. Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response. Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud. Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences. Key Accountabilities Ensure the Customers operational and production environment remains healthy and secure at all the times. Assist with customer onboarding customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings.

Job Description We re hiring an entry-level SOC Analyst L1 to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you ll actively monitor security alerts, investigate incidents, and support threat prevention efforts within our Security Operations Center (SOC). If you re passionate about cybersecurity, eager to build hands-on experience in incident handling, and want to work with modern security tools and frameworks, this opportunity is a perfect fit. Key Skills 1 2 years of experience in a SOC or similar cybersecurity role Strong knowledge of networking protocols, Linux/Windows OS, and system hardening Hands-on experience in incident response and digital forensics Familiarity with cybersecurity tools like ELK Stack, TheHive, Cortex, MISP, OpenCTI, and Jira Understanding of Active Directory architecture and attack vectors Working knowledge of OWASP Top 10 vulnerabilities and mitigation techniques Proficiency in query languages such as KQL and ESQL for log analysis Excellent written and verbal communication skills Relevant certifications such as CompTIA Security+, CEH, BTL1, OSDA (preferred) Familiarity with MITRE ATTCK and NIST CSF (a plus) Roles and Responsibilities Continuously monitor security logs and alerts to detect potential threats Conduct triage, investigation, and documentation of incidents using forensic tools Harden Linux and Windows systems against known vulnerabilities Create and refine security use cases based on OWASP Top 10 and AD attack techniques Develop and maintain custom detection rules for enhanced SOC monitoring Optimize and manage security tools like ELK, Cortex, and MISP for effective response Collaborate with cross-functional teams to ensure compliance and integrate security best practices Simulate threat scenarios and participate in tabletop exercises Regularly communicate cybersecurity updates and incidents to internal stakeholders Life at Grazitti Share Your Profile We are always looking for the best talent to join our team

By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan SOC Analyst L2 Description Job Description We re hiring a detail-oriented and experienced SOC Analyst L2 to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you ll investigate complex incidents, perform in-depth threat analysis, lead proactive threat-hunting efforts, and mentor junior analysts. If you re looking to deepen your cybersecurity expertise, manage critical incidents, and contribute to a mature SOC environment, this opportunity is tailor-made for you. Skills Key Skills 2 3 years of experience in SOC or a similar cybersecurity-focused role Strong understanding of networking protocols, subnetting, routing, and addressing Proficient in Linux and Windows OS, system hardening, and architecture Deep understanding of Active Directory attacks and defense mechanisms Expertise in ELK Stack (Elasticsearch, Logstash, Kibana) for threat detection Experience in incident response, threat hunting, and forensic investigation Familiarity with OWASP Top 10, digital forensics, and malware analysis Proficiency in tools like TheHive, Cortex, MISP, OpenCTI, and Jira Ability to write detection rules for OWASP vulnerabilities and custom use cases Skilled in KQL, ESQL, and other query languages for log analysis Excellent communication and documentation skills Certifications like CompTIA Security+, CEH, OSDA, or BTL1 (preferred) Knowledge of frameworks such as MITRE ATT&CK and NIST CSF (a plus) Responsibilities Roles and Responsibilities Monitor security events and logs to detect advanced threats Conduct detailed investigations and lead real-time incident response Perform in-depth threat analysis using digital forensics tools Develop and optimize detection use cases and custom rules for SOC monitoring Harden Linux and Windows environments to prevent potential exploits Analyze threat intelligence and simulate attack scenarios to test detection readiness Collaborate across departments to embed cybersecurity into operations Mentor and guide junior SOC team members Regularly communicate security incidents and progress updates to stakeholders Position: SOC Analyst L2 Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

About BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. - At least 8+ years of experience in web application development Location - Chennai Specific Qualifications (if required) - Angular/React JS/VueJS/ - Typescript - Javascript - HTML - CSS - Webcomponents - Lit - EcmaScript 6 - Storybook - Webpack, Vite or Turbopack - Testing frameworks & tools (Junit, Karma, JEST, Playwright) - Browserstack - Full stack developer with Spring Boot + RestAPI + Angular/React JS/VueJS/ + Webcomponents - He should have worked with Security concepts (Oauth / Spring Security / OWASP / CSRF/XSS) for min 3 Yrs - Should have min 5 Yrs exp in CSS and able to write custom styles ( Not Tailwind CSS exp) - Should have 3 Yrs experience in creating WebComponents (Web Standard) - Should have experience in tuning the performance of Web pages - Knowledge of TDD / BDD framework with work experience in creating Unit Tests, Web Automation tests, Integration Tests is added advantage - LIT Library is good to have but not mandatory - Knowledge of Accessibility implementation framework to support Differently abled customers is good to have.

About The Team The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information. About Role Rubrik is seeking a passionate and motivated Penetration Testing Engineer to join our Information Security team. In this role, you will work to simulate real-world attack scenarios to identify vulnerabilities, evaluate security posture, and develop methods to defend against attacks. The successful candidate will be technically savvy, customer-oriented, results-driven, and passionate about security. You will partner with the vulnerability management engineers, Engineering, IT and other internal stakeholders to enhance Rubrik’s overall security posture. What You'll Do Design and execute real-world attack scenarios by replicating the tactics, techniques and procedures (TTPs) of threat actors and highlight gaps impacting Rubrik’s products and enterprise security posture. Assist with the planning, execution, and reporting of penetration tests on Rubrik’s products, services, and internal systems. Develop and refine exploitation techniques consistently to conduct penetration testing exercises successfully. Deliver detailed reports of technical findings to stakeholders and assist with the development of mitigation plans. Assist in security investigations, root-cause analysis and corrective measures as required. Coordinate with the security researcher community in reviewing the identified vulnerabilities and drive the issues to closure. Drive vulnerabilities to closure within the established SLAs. Navigate escalations when necessary to raise visibility into risk and drive the risk down when SLAs are not met. Collaborate with the senior security team members to identify areas for improvement in security posture. Contribute to the continuous improvement of Rubrik’s penetration testing framework and processes. Help develop and maintain testing documentation, including methodologies, procedures, and post-engagement reports. Track and monitor penetration testing metrics to scale the pentest program and continuously improve the coverage and depth of penetration testing. Stay updated with emerging security threats, innovative defense measures, and industry trends to recommend improvements proactively. Experience you'll need Bachelor’s degree required; BE/BTech or MS in Computer Science, Information Technology, or related field 2-4 years of hands-on experience in penetration testing, red team, vulnerability exploitation, product security and/or cloud security roles Ability to perform targeted cyberattacks with or without the use of automated tools such as (e.g., Burp Suite, Metasploit, Nmap, Wireshark, etc.). Experience in system internals (windows, linux) and cloud security (AWS, Azure, GCP) In-depth knowledge of exploit frameworks, obfuscation/evasion techniques, application security, IDS/IPS and web proxies Strong understanding of security best practices and frameworks (OWASP Top 10, NIST, CIS). Demonstrated programming skills in one or more of: Python, Perl, Ruby, Java IT security certifications (OSCP, OSCE, GPEN, GWAPT, GXPN) is a plus Strong analytical and problem-solving skills. Ability to work independently as well as part of a team in a fast-paced environment. Excellent verbal and written communication skills Join Us in Securing the World's Data Rubrik (NYSE: RBRK) is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked. Linkedin | X (formerly Twitter) | Instagram | Rubrik.com Inclusion @ Rubrik At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world’s data. Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential. Our inclusion strategy focuses on three core areas of our business and culture: Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here. Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries. Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities. Equal Opportunity Employer/Veterans/Disabled Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at hr@rubrik.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. EEO IS THE LAW NOTIFICATION OF EMPLOYEE RIGHTS UNDER FEDERAL LABOR LAWS

We’re looking for a savvy developer to join our passionate engineering team as a Software Engineer and help us scale and grow our cloud-based systems and technologies with a keen eye towards software quality and operational excellence. As a tech “unicorn”, this is an amazing opportunity for the right person to play a major role in helping design and build essential core infrastructure of this pre-IPO software company, as we broaden our lead in the sales enablement space! You will work closely with our product leads, engineering leads, and the other members of the team to continue the extraction of business-critical components/logic out of a monolith into a extensible and thoughtfully orchestrated microservice-based design and data model that sets Seismic up for the next ten years. At Seismic, we’re committed to providing benefits and perks for the whole self. To explore our benefits available in each country, please visit the Global Benefits page. Please be aware we have noticed an increase in hiring scams potentially targeting Seismic candidates. Read our full statement on our Careers page. Seismic is the global leader in AI-powered enablement, empowering go-to-market leaders to drive strategic growth and deliver exceptional customer experiences at scale. The Seismic Enablement Cloud™ is the only unified AI-powered platform that prepares customer-facing teams with the skills, content, tools, and insights needed to maximize every buyer interaction and strengthen client relationships. Trusted by more than 2,000 organizations worldwide, Seismic helps businesses achieve measurable outcomes and accelerate revenue growth. Seismic is headquartered in San Diego with offices across North America, Europe, Asia and Australia. Learn more at seismic.com. Seismic is committed to building an inclusive workplace that ignites growth for our employees and creates a culture of belonging that allows all employees to be seen and valued for who they are. Learn more about DEI at Seismic here. Migrate important business functionality to a more robust design and ensure seamless integration to the rest of the Seismic platform. Be a major player on a new engineering team, while driving technical and architectural decisions and collaborating across multiple remote teams. Collaborate with technical product owners, architects, and other software engineers to rapidly build, test, and deploy code in the creation of a redesigned set of foundational core models and well-orchestrated services – allowing new features to be brought to the Seismic platform faster, without compromising robustness, quality or maintainability Explore new technologies and industry trends and bring your findings to life in our products. Participate in and contribute towards code reviews, monitoring and alerting, automated testing, bug/issue triage, and documentation. Contribute to troubleshooting and continuous quality improvements. BS or MS in Computer Science, a related technical field, or equivalent practical experience. 3-5 years Strong experience with Node.js and TypeScript for back-end service development is required. Familiarity with .NET Core and C# is a plus. Strong understanding of security principles, including OAuth, JWT, role-based access control (RBAC), and web application security (OWASP Top 10). Experience in modern CI/CD pipelines and tooling (Jenkins, CircleCI, GitHub Actions, terraform) a big plus. Experience with HTML/CSS/JS and modern SPA frameworks (React Vue.js, etc.) a plus. Experience with the SCRUM and the AGILE development process. Familiarity and comfortability developing in cloud-based environments (Azure, AWS, Google Cloud, etc.) Proficiency in RESTful API design, including authentication and authorization best practices. Strong knowledge of SQL databases (e.g., PostgreSQL, MySQL). Seen as a major contributor in the team problem-solving-process – you aren't afraid to share your opinions in a low-ego manner or roll up your sleeves and write critical path code, take on the refactoring of a significant piece of code. Deep experience across multiple software projects, driving the end-to-end software development lifecycle of an architecturally complex system or product. Ability to think tactically as well as strategically, respecting what came before you and always thinking longer-term. Highly focused on operational excellence and software quality, with experience in CI/CD and best operational practices. Your technical skills are sought after as you develop in a pragmatic and efficient manner. You enjoy solving challenging problems, all while having a blast with equally passionate and talented team members. If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please click here. Headquartered in San Diego and with employees across the globe, Seismic is the global leader in sales enablement , backed by firms such as Permira, Ameriprise Financial, EDBI, Lightspeed Venture Partners, and T. Rowe Price. Seismic also expanded its team and product portfolio with the strategic acquisitions of SAVO, Percolate, Grapevine6, and Lessonly. Our board of directors is composed of several industry luminaries including John Thompson, former Chairman of the Board for Microsoft. Seismic is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to gender, age, race, religion, or any other classification which is protected by applicable law. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Fynd is India’s largest omnichannel platform and a multi-platform tech company specialising in retail technology and products in AI, ML, big data, image editing, and the learning space. It provides a unified platform for businesses to seamlessly manage online and offline sales, store operations, inventory, and customer engagement. Serving over 2,300 brands, Fynd is at the forefront of retail technology, transforming customer experiences and business processes across various industries. At Fynd, we’re looking for an Offensive Security Engineer to lead red teaming and penetration testing efforts across our digital ecosystem. You’ll simulate real-world attacks, identify complex vulnerabilities, and partner with teams to strengthen our security posture—from product design to production. This role is ideal for engineers passionate about adversary emulation, building tools, and driving secure innovation at scale. What will you do at Fynd? Conduct deep-dive penetration testing and red team simulations on web, mobile, cloud, APIs, and thick client systems. Perform proactive threat modeling during product development to identify design-stage risks. Build custom scripts/tools and automate offensive security workflows. Report technical findings with clear, actionable remediation strategies. Collaborate with engineering and product teams to embed offensive security into the SDLC. Stay updated on latest threat techniques, CVEs, exploits, and red team tooling. Some More Requirements 5+ years in offensive security, penetration testing, or red teaming. Experience with OWASP Top 10, ASVS, MITRE ATT&CK, and threat modeling frameworks. Hands-on with cloud platforms (AWS/GCP/Azure), thick clients, and secure app architecture. Proficiency in scripting (Python, Go, Bash) and tools like Burp Suite, ZAP, Metasploit, Cobalt Strike. Strong communication and reporting skills for both technical and business audiences. Additional Skills Experience in ecommerce or AI/ML-driven platforms. Prior work in vulnerability research, CVE publication, or exploit development. Certifications: OSCP, OSWE, OSEP, CRTO or cloud security certs. Contributions to open-source tools, blogs, or conferences in the infosec community. What do we offer? Growth Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially. Flex University : We help you upskill by organising in-house courses on important subjects Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you. Culture Community and Team building activities Host weekly, quarterly and annual events/parties. Wellness Mediclaim policy for you + parents + spouse + kids Experienced therapist for better mental health, improve productivity & work-life balance We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!

Job Summary We are looking for a highly experienced and results-driven Senior Full Stack Developer with minimum 6+ years of hands-on experience in designing, developing, and maintaining complex web applications. The ideal candidate has deep expertise in both front-end and back-end technologies, with a solid understanding of architectural patterns, system design, and team collaboration. You will play a key role in leading development initiatives, mentoring junior developers, and helping shape the technical direction of our products. Key Responsibilities Design and build scalable, high-performance full stack applications. Lead architecture and design discussions; contribute to system-level decisions. Develop and maintain front-end features using modern frameworks (React, Angular, or Vue). Build robust back-end systems and APIs using Node.js, Python, Java, or similar. Collaborate with cross-functional teams including Product, UX/UI, QA, and DevOps. Conduct code reviews and enforce coding best practices and standards. Manage integrations with third-party services and APIs. Design and maintain database schemas and queries (SQL and NoSQL). Drive DevOps practices including CI/CD, cloud deployments, and containerization. Mentor junior developers and foster a culture of technical excellence. Required Skills & Qualifications 7+ years of full stack web development experience. Strong expertise in JavaScript/TypeScript , with modern front-end frameworks like React , Vue , or Angular . Proficient in server-side technologies such as Node.js , Express , Django , Spring Boot , or Ruby on Rails . Deep understanding of RESTful APIs , GraphQL , and asynchronous programming. Solid experience with SQL (e.g., PostgreSQL, MySQL) and NoSQL (e.g., MongoDB). Knowledge of containerization and orchestration (e.g., Docker, Kubernetes). Proficient in Git and version control workflows. Experience deploying and managing applications in cloud platforms (AWS, GCP, or Azure). Strong knowledge of system design , architecture patterns , and performance optimization . Excellent problem-solving, communication, and team collaboration skills. Preferred Qualifications Experience with microservices architecture and distributed systems. Background in automated testing and TDD/BDD. Familiarity with security standards and best practices (e.g., OAuth2, OWASP). Previous experience in mentoring or leading small development teams. Agile/Scrum development experience. Skills: mongodb,graphql,aws,containerization,drive devops,cloud deployments,ruby on rails,spring boot,mysql,asynchronous programming,javascript,devops,third-party services,java,tdd/bdd,typescript,express,nosql,security standards,contribute to system-level decisions,tdd,postgresql,architecture patterns,microservices,angular,gcp,system design,oauth2,sql,bdd,vue,restful apis,django,code reviews,docker,ux/ui,azure,python,architecture and design discussions,design and build scalable, high-performance full stack applications,react,best practices,enforce coding best practices and standards,git,qa,ci/cd,kubernetes,node.js,owasp,automated testing,performance optimization

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you'll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes. Key Responsibilities: Perform manual and automated penetration testing across: Web Applications (based on OWASP Top 10) Infrastructure (external/internal IPs, firewall review, patch audits) Cloud Environments (basic Azure/AWS - IAM, Storage, Networking) Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures Use tools such as Burp Suite, Nmap, SQLMap, Nikto, Nessus/OpenVAS Write high-quality, detailed technical reports with: Screenshots for PoCs Remediation guidance Risk severity scoring (preferably CVSSv3) Collaborate with clients to explain findings and provide actionable recommendations Contribute to toolchain improvements and lightweight automation (Python/Bash preferred) Requirements 3-6+ years of hands-on experience in at least 2 of the following areas: Web Application Penetration Testing (OWASP Top 10) Infrastructure VAPT (internal/external, firewall, patch validation) Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking) Proficiency in: Manual testing techniques, fuzzing, and exploitation Burp Suite (Community or Pro) Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS Strong understanding of common vulnerabilities and exploitation techniques Preferred Certifications CEH, eJPT, OSCP (or strong portfolio/proof of hands-on skill) AZ-500 or AWS Security Specialty (for cloud security exposure) Good to Have Familiarity with scripting for automation (Python, Bash) Exposure to CVSSv3 for vulnerability scoring Experience with Dradis, Excel-based reporting, or similar tools

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you'll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes. Key Responsibilities: Perform manual and automated penetration testing across: Web Applications (based on OWASP Top 10) Infrastructure (external/internal IPs, firewall review, patch audits) Cloud Environments (basic Azure/AWS - IAM, Storage, Networking) Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures Use tools such as Burp Suite, Nmap, SQLMap, Nikto, Nessus/OpenVAS Write high-quality, detailed technical reports with: Screenshots for PoCs Remediation guidance Risk severity scoring (preferably CVSSv3) Collaborate with clients to explain findings and provide actionable recommendations Contribute to toolchain improvements and lightweight automation (Python/Bash preferred) Requirements 3-6+ years of hands-on experience in at least 2 of the following areas: Web Application Penetration Testing (OWASP Top 10) Infrastructure VAPT (internal/external, firewall, patch validation) Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking) Proficiency in: Manual testing techniques, fuzzing, and exploitation Burp Suite (Community or Pro) Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS Strong understanding of common vulnerabilities and exploitation techniques Preferred Certifications CEH, eJPT, OSCP (or strong portfolio/proof of hands-on skill) AZ-500 or AWS Security Specialty (for cloud security exposure) Good to Have Familiarity with scripting for automation (Python, Bash) Exposure to CVSSv3 for vulnerability scoring Experience with Dradis, Excel-based reporting, or similar tools

FullStack developer with 4+yrs of experience. Work location - Gurgaon WFO This role plays a critical part in scaling our core product and driving technical excellence across the engineering team. You’ll help shape how our platform performs under scale, directly impacting customer experience and our ability to ship fast, secure, and reliable software. Responsibilities Node.js Mastery Deep understanding of event loop, async patterns (Promises, async/await). Experience with frameworks like Express, NestJS, Fastify. Writing scalable APIs (REST), middleware, and modular code. Database Expertise SQL/Postgres – schema design, complex joins, indexing, query optimization. Knowledge of transactions, isolation levels, and migrations. Basic familiarity with ORMs (Sequelize/TypeORM/Prisma) and raw queries. Architecture & Design Ability to design backend systems Good understanding of API versioning, caching strategies (Redis). Frontend (Average Skill Expected) Comfortable with React (or Nuxt/Vue) for building and maintaining UIs. Basic understanding of state management (Redux, Vuex, Pinia). Familiarity with component-based architecture and UI libraries (Material UI, Tailwind). Can debug UI issues but not expected to be a design/UX expert. Other Expectations Code Quality – Writing unit tests (Jest/Mocha), code reviews, and maintaining clean architecture. Problem-Solving – Strong data structures and algorithmic skills (not as intense as SD3/Architect). Collaboration – Able to mentor juniors, break down tasks, and work closely with product and QA. Performance & Security – Understands security best practices (OWASP) and performance profiling.

Job Description Key Responsibilities, Deliverables / Outcomes: Project Leadership: Lead and manage large, complex penetration testing and security testing engagements end-to-end. Act as the primary technical and engagement lead for key client accounts. Ensure timely delivery, quality assurance, and stakeholder communication throughout project lifecycles. Provide mentorship and guidance to junior and mid-level consultants. Technical Execution: Perform and review web, mobile, API, network, cloud, and configuration security assessments. Maintain technical excellence across multiple service lines, staying updated on the latest vulnerabilities, tools, and attack techniques. Conduct business logic reviews, threat modeling, and red teaming exercises as needed. Client Engagement: Act as a trusted advisor to clients, providing strategic security recommendations and actionable insights. Be ready for onsite visits, workshops, and executive-level presentations when required. Handle sensitive engagements with professionalism and discretion. Presales Support: Support RFP responses, proposal writing, and technical solutioning. Participate in client sales meetings and scoping discussions. Provide accurate effort estimations and help define delivery models. Practice Development: Contribute to the development and refinement of security testing services and methodologies. Drive internal initiatives to improve quality, efficiency, and innovation in service delivery. Create technical content, whitepapers, or knowledge base articles to support team growth. Key Skills 3–5 years of hands-on experience in penetration testing or offensive security. Proven track record of leading complex security assessments with large clients. Expertise in Web, Mobile, Network, API, Cloud, Configuration Reviews, and/or Red Teaming. Familiarity with security standards such as OWASP, PTES, NIST, and MITRE ATT&CK. Strong communication and client-facing skills. Experience supporting presales efforts, including proposals, SOWs, and client discussions. Certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar are preferred. Key Competencies 1. Accountability 2. Communications - Oral & Written 3. Analysis Skills 4. Passion 5. Adaptability