3229 Owasp Jobs - Page 17

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Staff As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, mobile application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your key responsibilities Perform penetration testing which includes internet, intranet, web application, Mobile app (Android & iOS), APIs, wireless, Cloud Security, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, Metasploit and Nessus for effective vulnerability assessment and penetration testing. Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams Understanding of TCP/IP network protocols. Develop automated solutions that mitigate risks throughout the organization. Provide technical leadership and advise to junior team members on attack and penetration test engagements. Skills and attributes for success Understanding of web-based application vulnerabilities (OWASP Top 10). Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Ability to communicate detailed technical information to a non-technical audience clearly Good to have experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory penetration testing Strong understanding of security principles, policies, and industry best practices Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 2 years of work experience in penetration testing which may include at least three of the following: internet, intranet, web app, APIs, Mobile App, wireless, Cloud Security, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, CRTP, CRTO, eCPTX, ejpt or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 2+ years of work experience in performing Penetration testing. Good to have Strong Excel, Word and PowerPoint skills. Ideally, you’ll also have Certifications: ejpt, OSCP, CRTP, ECSA. What we look for Who can perform penetration testing which includes Network, wireless, web application, mobile application, social engineering and physical penetration testing and provide analysis for the testing results. What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Category IT Security / Cyber Security Location Hyderabad, Telangana Job family IT Security Shift Evening Employee type Regular Full-Time Job Description (Summary) The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention View more

Dear Candidate, We are hiring a Security Engineer to design and implement security measures that protect IT systems, data, and networks against threats and breaches. Key Responsibilities: Design and deploy security solutions such as firewalls, IDS/IPS, and endpoint protection. Conduct vulnerability assessments, penetration tests, and threat modeling. Monitor systems for security incidents and respond promptly. Ensure compliance with security standards (ISO 27001, NIST, etc.). Collaborate with DevOps and IT teams to embed security best practices. Required Skills & Qualifications: Proficiency in security tools (Nessus, Metasploit, Splunk, Wireshark). Strong understanding of network and application security. Knowledge of cloud security (AWS, Azure, GCP). Experience with encryption, IAM, and incident response. Security certifications preferred (CISSP, CEH, OSCP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

About Us At Kuoni Tumlare, we deliver truly inspiring and innovative solutions and experiences that create value both for our Partners and Society at large. Our wide portfolio of products and solutions is built on 100+ years of destination management experience. Our solutions include series tours, technical visits, educational tours, Japan specialist travel consulting, as well as meetings, incentives, conferences, and exhibitions. Our product portfolio includes MyBus excursions at destinations as well as guaranteed departure tours devised and delivered by our Seat-in-Coach specialists, Europamundo (EMV) and MyBus Landcruise. We cater to a wide range of customer needs in close collaboration with our trusted suppliers and powered by our team of destinations experts - enabling us to make a real difference to the world. About the Business / Function Proudly part of Kuoni Tumlare, TUMLARE SOFTWARE SERVICES (P) LTD. is a multinational technology support company that serves as a trusted technology partner for businesses since 1999. We also help established brands reimagine their business through digitalization. Job Overview As an IT Security Engineer, you are responsible for various IT Security matters, such as daily management and control of various cybersecurity products, support in identifying requirements and business cases for new and existing security solutions, extensive cooperation with multiple project and operation teams on different security-related topic, and much more. Key Responsibilities Vulnerability Management & Penetration Testing: Perform regular vulnerability assessments and penetration tests on servers, middleware, and public-facing web applications. Patch Management: Oversee the security and lifecycle management of operating systems and middleware platforms, including patch management, version upgrades (e.g., WebLogic, WebSphere), security updates SSL certificate management and user access controls to ensure secure and stable environments. Secure Coding Collaboration: Work closely with software development teams to enforce secure coding practices aligned with the OWASP security framework. Security Tools & Solutions Management: Administer and support security tools such as Netskope/Zscaler Cloud Security, firewalls, Web Application Firewalls (WAF) End Point Protection: Antivirus solutions (TrendMicro, McAfee/Trellix ePO). SIEM Monitoring & Management: Monitor and manage Security Information and Event Management (SIEM) systems to ensure timely detection and response to security events. Incident Response Handling: Lead incident response activities including investigation, containment, eradication, and root cause analysis of security incidents. Cross-Team Coordination: Collaborate with internal stakeholders and external service providers to resolve security issues and maintain compliance with organizational policies. Access Governance: Review and validate Change Requests, Privileged Access Requests, and other access control-related approvals. Audit & Compliance Support: Assist in internal and external security audits, including firewall reviews, and compliance checks. Manage Core IT Services Security: Administer and secure essential IT services including FTP, SFTP, IIS, Ports and implement Role-Based Access Control (RBAC) to enforce least-privilege access principles and ensure operational integrity. Knowledge, Skills, Experience, Qualifications Experience: 3+ years of hands-on experience. Technical Skills: Server: - Windows server (2016/2019/2022), Linux (RHEL, Ubuntu) Antivirus Solutions (McAfee Trellix ePO, Trend Micro) SIEM Platforms (e.g., Splunk) Vulnerability Scanning (Nessus, Qualys, OpenVAS) Penetration Testing Tools (Burp Suite, OWASP ZAP) Basic scripting (PowerShell, Bash) for automation of tasks CSI (Critical Security Incidents) framework, compliance and audit preparation Certification Certified Ethical Hacker (CEH) CompTIA Security+ CCNA- Cisco Certified network Associate What we offer Probation period - only 3 months. 5 Days Working Annual Bonus – as per company policy. Long Service Award. Paid leaves for Birthday and Wedding/Work Anniversary Learning Opportunity through an online learning platform with rich training courses and resources. Company Sponsored IT Certification - as per company policy Following insurance from Date of Joining: o Group Medical Insurance with Sum Insured of up to 5 Lakh o Term life Insurance - 3 times of your CTC o Accidental Insurance - 3 times of your CTC Employee Engagement Activities: o Fun Friday per week o Annual Off-Site Team Building o End Year Party o CSR programs o Global Employee Engagement Events Job Location - On site. Pitampura, Netaji Subhash Place, New Delhi - 110034. In case your profile is a match and in alignment with your career interests, then submit your updated Application directly on the link. Experience level: Mid

We are looking for a passionate and skilled Full Stack Developer with strong experience in .NET Core, Angular, Web API, SQL Server, and Entity Framework. Familiarity with Azure Functions is an added advantage. Key Responsibilities: Develop, maintain, and enhance web applications using .NET Core and Angular. Design and implement RESTful Web APIs for integration with front-end applications and third-party services. Write clean, scalable, and efficient code following best practices. Work with SQL Server to design, develop, and optimize database schemas, queries, stored procedures, and functions. Utilize Entity Framework Core for data access and ORM mapping. Collaborate closely with cross-functional teams to gather requirements and deliver high-quality solutions. Participate in code reviews, unit testing, and deployment processes. Debug and resolve technical issues across the full application stack. Work in Agile/Scrum teams and contribute to planning, estimation, and delivery. Leverage Azure Functions and other Azure services (if applicable) for building serverless or cloud-integrated components. Required Skills & Experience: 1-2 Years of Experience in developing browser-based applications using .Net Strong proficiency with Angular (12+ preferred) for building responsive and dynamic web applications. Solid experience in .NET Core (API and backend services development). Expertise in building and consuming RESTful Web APIs. Hands-on experience with SQL Server (queries, stored procedures, indexing, performance tuning). Proficient in using Entity Framework Core for ORM and data access. Strong knowledge of software design principles, SOLID principles, and best coding practices. Experience with version control systems (e.g., Git). Familiarity with Agile development methodologies. Good to Have / Preferred Skills: Experience with Azure Functions and other Azure PaaS services. Knowledge of CI/CD pipelines (Azure DevOps, GitHub Actions). Exposure to Docker / Kubernetes is a plus. Understanding of security best practices (OWASP, authentication/authorization patterns). Qualifications: Bachelor’s Degree in Computer Science, Engineering, or related technical field. 1 to 2.5 years of professional experience in the technologies mentioned. Benefits: Hybrid working arrangements Annual performance-related bonus Health insurance 6x Flexi: knock 2.5 hours off your day on anyday Engaging, fun & inclusive culture: check out the MRI Software APAC Insta feed and stories! About the business: MRI Software is a global Proptech leader delivering innovative applications and hosted solutions that free real estate companies to elevate their business. Our flexible technology platform, along with an open and connected ecosystem, allows us to meet the unique needs of real estate businesses, from property-level management and accounting to investment modeling and analytics for the global commercial and residential markets. With nearly five decades of expertise and insight, we have grown to include offices in across the United States, the United Kingdom, Hong Kong, Singapore, Australia, South Africa, New Zealand, Canada, and India, with over 4000+ team members to support our clients and their unique needs! MRI is proud to be an Equal Employment Opportunity employer.

Key Responsibilities Develop, maintain, and enhance robust automated testing frameworks for web, mobile, and backend applications. Design, implement, and execute test plans, test cases, and test strategies for new and existing features. Collaborate with developers and product owners to understand product requirements and devise comprehensive testing solutions. Integrate automated tests into CI/CD pipelines, ensuring consistently high standards of quality in software releases. Identify, document, and track defects; support their resolution through effective communication with engineering teams. Conduct code reviews and provide feedback to improve testability and code quality. Perform functional, non-functional (performance/security), and regression testing as required. Mentor and guide junior QA engineers as needed. Contribute to the continuous improvement of QA processes, tools, and methodologies. Stay updated on emerging testing tools, technologies, and trends. Required Qualifications 3–5 years of hands-on experience in software QA automation, development, or related fields. Proficiency in at least one programming language (e.g. Java, Python, C#, JavaScript). Experience with test automation tools and frameworks (e.g. Selenium, Appium, Cypress, Playwright, TestNG, JUnit). Good understanding of software QA methodologies, processes, and STLC. Practical knowledge of API automation testing using tools like Postman or RestAssured. Familiarity with version control systems (e.g. Git) and issue tracking tools (e.g. JIRA). Experience working in CI/CD environments (Jenkins, GitLab CI/CD, GitHub Actions). Solid understanding of databases (e.g. SQL, NoSQL) for validation and backend testing. Strong debugging and analytical skills. Excellent problem-solving skills and a keen attention to detail. Effective verbal and written communication skills, with the ability to work in an agile, collaborative team environment. Preferred Skills Experience with performance and security testing tools (e.g. JMeter, Gatling, OWASP ZAP). Exposure to cloud platforms (AWS, Azure, Google Cloud) and cloud-native testing approaches. Knowledge of BDD frameworks (Cucumber, SpecFlow). Experience mentoring junior testers and contributing to team process improvements. Agile/Scrum work environment exposure.

Highly skilled and motivated Software Engineer to join our development team. The ideal candidate should have strong programming skills and a proven track record of owning the delivery of complex system components from design through deployment. You will collaborate with cross-functional teams to build scalable platforms and drive engineering productivity while maintaining a focus on quality, security, and best practices. Key Responsibilities: Strong Object-Oriented Programming skills, preferably in Java. Write clean, efficient, and well-tested code, actively participating in peer code reviews. Own the delivery of complex system components or applications, taking them from design through deployment. Collaborate with cross-functional teams to identify opportunities, build scalable platforms, and enhance engineering productivity. Experience with optimizing queries and designing efficient data storage solutions. Strong database modeling and design skills, across both SQL and NoSQL databases. Strong troubleshooting and debugging skills to quickly identify and resolve issues. Excellent analytical and problem-solving abilities. Proficient in API design and development, with a focus on implementing RESTful APIs. Experience in designing secure solutions with a focus on accessibility and security-first principles. Knowledge of OWASP security practices is a plus. Up-to-date with trends in information technology, with the ability to apply best practices and standards to work projects. Strong understanding of common architectural and design patterns. Emphasis on quality deliverables, including a focus on peer reviews and implementing automated testing platforms for unit, integration, and acceptance tests. Continuous improvement mindset throughout the SDLC, always questioning the "why". Balance long-term vision with short-term priorities in design and implementation decisions. Ability to develop designs for moderately complex features of the applications. Technical Skills: Programming & Frameworks: Proficient in Java, NodeJS, Spring Framework (Boot, MVC, Data), Hibernate and MyBatis. Cloud & DevOps: Proficient in AWS, Docker, Jenkins, GitHub, CI/CD Pipelines. Databases: proficient in MySQL, MongoDB. Testing & Monitoring: JUnit, Mockito, Postman. Architectural Patterns: Experience with Microservices, RESTful Services, Integration Architecture. Security: Experience with OAuth, JWT, Spring Security. Soft Skills: Strong problem-solving, collaboration, and communication Scheduler: Experience implementing simple Quartz jobs. API Documentation: Experience documenting APIs with Swagger.

Job Description: Job Description: Pentair is currently looking for graduate engineers who are passionate about smart & connected IoT product implementation and wanted to pursue a career by turning their ideas/ knowledge into technical solutions using latest tool & techniques. This is an excellent opportunity to work in a friendly work environment with a team that is dedicated and passionate about digital technologies and innovation. Pentair gives excellent opportunity to get insights in to overall IoT product development right from start to final product. Selected candidates will be getting opportunities to work in many of the following areas of IoT products implementation as needed – IoT App Development Backend Cloud IoT Platform services DevOps IoT security Business Analysis Managed Services IoT Sensors Firmware & Embedded System Industrial Automation Roles & Responsibilities: Understanding and analyzing product requirements and translating it into specifications and programming deliverables Working closely with architects and business teams to enhance existing applications as well as build new applications. Coding, Testing and debugging of applications in controlled, real situations Technical Documentation – requirement documentation, architecture documentation Participating in Scaled Agile Framework scrum activities Product support Skills Required: Good technical understanding in one of the following area is must – o Smartphone application development on Android or iOS, React Native o Web App development, ReactJS o Knowledge of Node and go, data structure and Database o AWS Cloud services, DevOps o Analytical skills to Interprets the data and turns into information. o Business Analysis skills to understand and document product requirements o Cloud, Mobile and Web application security and OWASP o Electronics & Embedded System o PLC/Skada Hands on with C / Python/ C++ / Java programming Ability to understand and document requirements Ability to document the design before implementation using flowchart, state diagram Ability to work on Windows and Linux machine Excellent troubleshooting & analytical skills Qualifications: B.E./B. Tech (Computer Science) / Masters in Computer Applications / Masters in Computer Science Other Requirements Good communication and presentation skills Ability to multitask Design Thinking Have passion for Design & Technology Should have a “can do” attitude Excellent interpersonal skills Equal Opportunity Employer Pentair is an Equal Opportunity Employer. With our expanding global presence, cross-cultural insight and competence are essential for our ongoing success. We believe that a diverse workforce contributes different perspectives and creative ideas that enable us to continue to improve every day.

We are looking for a passionate and skilled Full Stack Developer with strong experience in .NET Core, Angular, Web API, SQL Server, and Entity Framework. Familiarity with Azure Functions is an added advantage. Key Responsibilities Develop, maintain, and enhance web applications using .NET Core and Angular. Design and implement RESTful Web APIs for integration with front-end applications and third-party services. Write clean, scalable, and efficient code following best practices. Work with SQL Server to design, develop, and optimize database schemas, queries, stored procedures, and functions. Utilize Entity Framework Core for data access and ORM mapping. Collaborate closely with cross-functional teams to gather requirements and deliver high-quality solutions. Participate in code reviews, unit testing, and deployment processes. Debug and resolve technical issues across the full application stack. Work in Agile/Scrum teams and contribute to planning, estimation, and delivery. Leverage Azure Functions and other Azure services (if applicable) for building serverless or cloud-integrated components. Required Skills & Experience 1-2 Years of Experience in developing browser-based applications using .Net Strong proficiency with Angular (12+ preferred) for building responsive and dynamic web applications. Solid experience in .NET Core (API and backend services development). Expertise in building and consuming RESTful Web APIs. Hands-on experience with SQL Server (queries, stored procedures, indexing, performance tuning). Proficient in using Entity Framework Core for ORM and data access. Strong knowledge of software design principles, SOLID principles, and best coding practices. Experience with version control systems (e.g., Git). Familiarity with Agile development methodologies. Good To Have / Preferred Skills Experience with Azure Functions and other Azure PaaS services. Knowledge of CI/CD pipelines (Azure DevOps, GitHub Actions). Exposure to Docker / Kubernetes is a plus. Understanding of security best practices (OWASP, authentication/authorization patterns). Qualifications Bachelor’s Degree in Computer Science, Engineering, or related technical field. 1 to 2.5 years of professional experience in the technologies mentioned. Benefits: Hybrid working arrangements Annual performance-related bonus Health insurance 6x Flexi: knock 2.5 hours off your day on anyday Engaging, fun & inclusive culture: check out the MRI Software APAC Insta feed and stories! About the business: MRI Software is a global Proptech leader delivering innovative applications and hosted solutions that free real estate companies to elevate their business. Our flexible technology platform, along with an open and connected ecosystem, allows us to meet the unique needs of real estate businesses, from property-level management and accounting to investment modeling and analytics for the global commercial and residential markets. With nearly five decades of expertise and insight, we have grown to include offices in across the United States, the United Kingdom, Hong Kong, Singapore, Australia, South Africa, New Zealand, Canada, and India, with over 4000+ team members to support our clients and their unique needs! MRI is proud to be an Equal Employment Opportunity employer.

We are looking for a highly skilled and experienced professional to join our team as an Anti-virus and Patching specialist in Mumbai, Pune, Kolkata, Chennai, and Noida-India. The ideal candidate will have 1 to 8 years of experience in the field. Roles and Responsibility Manage and implement anti-virus and patching solutions to ensure system security and integrity. Conduct regular vulnerability assessments and penetration testing to identify potential threats. Develop and maintain documentation of anti-virus and patching procedures and protocols. Collaborate with cross-functional teams to ensure compliance with security standards and regulations. Provide technical support and training to end-users on anti-virus and patching best practices. Stay up-to-date with emerging trends and technologies in anti-virus and patching. Job Requirements Graduation degree required. At least 1 year of experience in desktop L1 support or related field. Strong knowledge of anti-virus and patching principles and technologies. Excellent problem-solving and analytical skills. Ability to work effectively in a fast-paced environment and prioritize tasks. Strong communication and interpersonal skills. Experience with CRM/IT Enabled Services/BPO industry is preferred. Location : - Mumbai, Pune, Kolkata, Chennai, Noida

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Staff As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, mobile application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Perform penetration testing which includes internet, intranet, web application, Mobile app (Android & iOS), APIs, wireless, Cloud Security, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, Metasploit and Nessus for effective vulnerability assessment and penetration testing. Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams Understanding of TCP/IP network protocols. Develop automated solutions that mitigate risks throughout the organization. Provide technical leadership and advise to junior team members on attack and penetration test engagements. Skills And Attributes For Success Understanding of web-based application vulnerabilities (OWASP Top 10). Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Ability to communicate detailed technical information to a non-technical audience clearly Good to have experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory penetration testing Strong understanding of security principles, policies, and industry best practices Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 2 years of work experience in penetration testing which may include at least three of the following: internet, intranet, web app, APIs, Mobile App, wireless, Cloud Security, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, CRTP, CRTO, eCPTX, ejpt or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 2+ years of work experience in performing Penetration testing. Good to have Strong Excel, Word and PowerPoint skills. Ideally, you’ll also have Certifications: ejpt, OSCP, CRTP, ECSA. What We Look For Who can perform penetration testing which includes Network, wireless, web application, mobile application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

🚀 SDE II – Software Development Engineer Location: Hyderabad (On-site) Experience: 3–5 Years Company: NxtWave 📢 We’re Hiring! Are you passionate about building scalable fullstack applications that directly impact thousands of learners? At NxtWave , we’re on a mission to transform education and empower the next generation of tech talent — and we’re growing fast! We're looking for an experienced Software Development Engineer SDE II who thrives in a fast-paced, agile environment and is eager to build world-class products from the ground up. Responsibilities Lead the design and implementation of complex fullstack features (frontend, backend, and data layers) Make key architectural decisions for frameworks, data stores, and performance optimization Review code, enforce clean code practices and design patterns Build and maintain reusable component libraries and backend service templates Identify and eliminate performance bottlenecks Own CI/CD pipelines for automated builds and deployments Define and implement comprehensive testing strategies (unit, integration, E2E) Ensure security (OWASP Top-10), accessibility (WCAG), and SEO best practices Collaborate with Product, UX, and Ops to translate business goals into technical deliverables Mentor junior engineers and actively contribute to hiring efforts ✅ Requirements 3–5 years of experience building fullstack applications with real-world impact Strong leadership in Agile/Scrum settings and hunger for continuous learning Experience with Node.js (Express/NestJS) or Python (Django/FastAPI) or Java (Spring Boot) Hands-on with MySQL/PostgreSQL, ElasticSearch/DynamoDB, Redis, etc. Familiarity with Docker, AWS (Lambda, EC2, S3, API Gateway, etc.) Skilled in testing frameworks like Jest, pytest, Cypress, or Playwright Performance tuning using tools like Lighthouse and backend tracing Secure coding: OAuth2/JWT, XSS/CSRF protection Strong communication and code review skills Bonus Traits We Love Solution-oriented with a drive to deliver high-quality software Collaborative and friendly team player Open to feedback and focused on growth Passionate about innovation and learning new tech 📩 Ready to Build the Future of EdTech If you’re eager to be part of something impactful and thrive on taking ownership, we’d love to hear from you! Apply now or connect with me directly to explore this exciting opportunity.

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. The manager of the application security program will be responsible for - 1. To Integrate security tools, standards, and processes into the product life cycle (PLC). 2. Ensure that developers and QA personnel are trained with the appropriate le vel of security knowledge to perform their daily activities. 3. Improve and support application security tool deployments including static anal ysis and runtime testing tools and secure development standards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Job Title: Penetration Tester Experience Required: 4 to 5 Years Location: [Insert Location or Remote] Job Type: Full-Time Job Summary: We are looking for a skilled and experienced Penetration Tester to join our cybersecurity team. The ideal candidate will have 4 to 5 years of hands-on experience in conducting security assessments, identifying vulnerabilities, and simulating real-world attacks to evaluate the strength of our infrastructure, applications, and systems. Key Responsibilities: Perform network, web application, mobile, and API penetration tests . Simulate real-world cyberattacks to assess organizational security posture. Identify, document, and report vulnerabilities and exploits with remediation recommendations. Collaborate with internal teams to assist in risk mitigation and remediation strategies . Use tools like Burp Suite, Metasploit, Nmap, Nessus, Wireshark , etc. Conduct social engineering assessments , such as phishing simulations (optional based on role). Keep up to date with the latest threats, tools, and techniques in the cybersecurity landscape. Prepare and deliver clear, concise, and technical penetration testing reports . Participate in Red Team/Blue Team exercises , if applicable. Required Skills & Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology , or related field. 4–5 years of hands-on experience in penetration testing or ethical hacking . Proficiency in Kali Linux and other offensive security tools. Strong knowledge of OWASP Top 10 , MITRE ATT&CK framework , and common attack vectors . Experience with scripting languages (Python, Bash, or PowerShell). Familiarity with cloud security testing (AWS, Azure, GCP) is a plus. Excellent analytical, problem-solving, and reporting skills . Certifications (Preferred): OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) GPEN (GIAC Penetration Tester) Other relevant security certifications

About Us At Kuoni Tumlare, we deliver truly inspiring and innovative solutions and experiences that create value both for our Partners and Society at large. Our wide portfolio of products and solutions is built on 100+ years of destination management experience. Our solutions include series tours, technical visits, educational tours, Japan specialist travel consulting, as well as meetings, incentives, conferences, and exhibitions. Our product portfolio includes MyBus excursions at destinations as well as guaranteed departure tours devised and delivered by our Seat-in-Coach specialists, Europamundo (EMV) and MyBus Landcruise. We cater to a wide range of customer needs in close collaboration with our trusted suppliers and powered by our team of destinations experts - enabling us to make a real difference to the world. About the Business / Function Proudly part of Kuoni Tumlare, TUMLARE SOFTWARE SERVICES (P) LTD. is a multinational technology support company that serves as a trusted technology partner for businesses since 1999. We also help established brands reimagine their business through digitalization. Job Overview As an IT Security Engineer, you are responsible for various IT Security matters, such as daily management and control of various cybersecurity products, support in identifying requirements and business cases for new and existing security solutions, extensive cooperation with multiple project and operation teams on different security-related topic, and much more. Key Responsibilities Vulnerability Management & Penetration Testing: Perform regular vulnerability assessments and penetration tests on servers, middleware, and public-facing web applications. Patch Management: Oversee the security and lifecycle management of operating systems and middleware platforms, including patch management, version upgrades (e.g., WebLogic, WebSphere), security updates SSL certificate management and user access controls to ensure secure and stable environments. Secure Coding Collaboration: Work closely with software development teams to enforce secure coding practices aligned with the OWASP security framework. Security Tools & Solutions Management: Administer and support security tools such as Netskope/Zscaler Cloud Security, firewalls, Web Application Firewalls (WAF) End Point Protection: Antivirus solutions (TrendMicro, McAfee/Trellix ePO). SIEM Monitoring & Management: Monitor and manage Security Information and Event Management (SIEM) systems to ensure timely detection and response to security events. Incident Response Handling: Lead incident response activities including investigation, containment, eradication, and root cause analysis of security incidents. Cross-Team Coordination: Collaborate with internal stakeholders and external service providers to resolve security issues and maintain compliance with organizational policies. Access Governance: Review and validate Change Requests, Privileged Access Requests, and other access control-related approvals. Audit & Compliance Support: Assist in internal and external security audits, including firewall reviews, and compliance checks. Manage Core IT Services Security: Administer and secure essential IT services including FTP, SFTP, IIS, Ports and implement Role-Based Access Control (RBAC) to enforce least-privilege access principles and ensure operational integrity. Knowledge, Skills, Experience, Qualifications Experience: 3+ years of hands-on experience. Technical Skills: Server: - Windows server (2016/2019/2022), Linux (RHEL, Ubuntu) Antivirus Solutions (McAfee Trellix ePO, Trend Micro) SIEM Platforms (e.g., Splunk) Vulnerability Scanning (Nessus, Qualys, OpenVAS) Penetration Testing Tools (Burp Suite, OWASP ZAP) Basic scripting (PowerShell, Bash) for automation of tasks CSI (Critical Security Incidents) framework, compliance and audit preparation Certification Certified Ethical Hacker (CEH) CompTIA Security+ CCNA- Cisco Certified network Associate What We Offer Probation period - only 3 months. 5 Days Working Annual Bonus – as per company policy. Long Service Award. Paid leaves for Birthday and Wedding/Work Anniversary Learning Opportunity through an online learning platform with rich training courses and resources. Company Sponsored IT Certification - as per company policy Following insurance from Date of Joining: Group Medical Insurance with Sum Insured of up to 5 Lakh Term life Insurance - 3 times of your CTC Accidental Insurance - 3 times of your CTC Employee Engagement Activities: Fun Friday per week Annual Off-Site Team Building End Year Party CSR programs Global Employee Engagement Events Job Location - On site. Pitampura, Netaji Subhash Place, New Delhi - 110034. In case your profile is a match and in alignment with your career interests, then submit your updated Application directly on the link. Experience level: Mid

You are a skilled DevOps Specialist with over 3 years of experience, seeking to join a global automotive team with locations in Kochi, Pune, and Chennai. Your primary role will involve managing operations, system monitoring, troubleshooting, and supporting automation workflows to ensure the operational stability and excellence of enterprise IT projects. You will play a crucial part in overseeing critical application environments for leading companies in the automotive industry. Your responsibilities will include performing daily maintenance tasks to ensure application availability and system performance through proactive incident tracking, log analysis, and resource monitoring. Additionally, you will be expected to monitor and respond to tickets raised by the DevOps team or end-users, support users with troubleshooting, maintain detailed incident logs, track SLAs, and prepare root cause analysis reports. You will also assist in scheduled changes, releases, and maintenance activities while identifying and tracking recurring issues. Furthermore, you will be responsible for maintaining process documentation, runbooks, and knowledge base articles, providing regular updates to stakeholders on incidents and resolutions. You will also manage and troubleshoot CI/CD tools such as Jenkins, GitLab, container platforms like Docker and Kubernetes, and cloud services including AWS and Azure. To excel in this role, you should have proficiency in logfile analysis and troubleshooting (ELK Stack), Linux administration, and monitoring tools such as AppDynamics, Checkmk, Prometheus, and Grafana. Experience with security tools like Black Duck, SonarQube, Dependabot, and OWASP is essential. Hands-on experience with Docker, familiarity with DevOps principles, and ticketing tools like ServiceNow are also required. Experience in handling confidential data and safety-sensitive systems, along with strong analytical, communication, and organizational skills, will be beneficial. Additionally, you should possess the ability to work effectively in a team environment. Optional qualifications include experience in the automotive or manufacturing industry, particularly with production management systems, and familiarity with IT process frameworks like SCRUM and ITIL. In summary, as a DevOps Specialist, you will play a vital role in ensuring the operational stability and excellence of enterprise IT projects for leading companies in the automotive industry by managing operations, system monitoring, troubleshooting, and supporting automation workflows. Your expertise in tools and technologies such as ELK Stack, Docker, Jenkins, AWS, and Azure, along with your strong analytical and communication skills, will be instrumental in your success in this role.,

Description Job Description We’re looking for a seasoned and proactive Sr. Cyber Security Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll take charge of advanced threat detection, incident response, and strategic cybersecurity initiatives to safeguard the organization’s digital assets. If you have hands-on experience in network security, SIEM tools, and a deep understanding of cybersecurity frameworks, this is a great opportunity to elevate your career in a fast-paced, tech-driven environment. Skills Key Skills 3+ years of experience in cybersecurity or a related technical role. Bachelor’s degree in Computer Science, Information Security, or a relevant field. Expertise in network security, firewalls, intrusion detection/prevention systems. Proficiency in SIEM platforms and security monitoring tools. Strong understanding of frameworks like OWASP Top 10, SANS Top 25. Knowledge of industry standards and regulations. Excellent problem-solving, analytical, and communication skills. Advanced certifications like CISSP, OSCP, or equivalent (preferred). Experience mentoring junior analysts or leading security projects (preferred). Familiarity with cloud security, forensic analysis, and emerging cyber threats. Responsibilities Roles and Responsibilities Detect, investigate, and respond to cybersecurity incidents and alerts. Lead technical investigations and contribute to root cause analysis. Implement and enhance threat detection tools and automation processes. Assist in drafting and enforcing security policies and procedures. Perform internal security reviews, audits, and compliance checks. Maintain documentation for incident handling, risk assessments, and controls. Communicate security updates and incident reports to internal stakeholders. Mentor and guide junior analysts in security protocols and tools. Collaborate with cross-functional teams to drive cybersecurity best practices. Continuously monitor and improve the organization’s security posture. Contacts Email: careers@grazitti.com Address: HSIIDC Technology Park, Plot No – 19, Sector 22, 134104, Panchkula, Haryana, India

About Us At Kuoni Tumlare, we deliver truly inspiring and innovative solutions and experiences that create value both for our Partners and Society at large. Our wide portfolio of products and solutions is built on 100+ years of destination management experience. Our solutions include series tours, technical visits, educational tours, Japan specialist travel consulting, as well as meetings, incentives, conferences, and exhibitions. Our product portfolio includes MyBus excursions at destinations as well as guaranteed departure tours devised and delivered by our Seat-in-Coach specialists, Europamundo (EMV) and MyBus Landcruise. We cater to a wide range of customer needs in close collaboration with our trusted suppliers and powered by our team of destinations experts - enabling us to make a real difference to the world. About the Business / Function Proudly part of Kuoni Tumlare, TUMLARE SOFTWARE SERVICES (P) LTD. is a multinational technology support company that serves as a trusted technology partner for businesses since 1999. We also help established brands reimagine their business through digitalization. Job Overview As an IT Security Engineer, you are responsible for various IT Security matters, such as daily management and control of various cybersecurity products, support in identifying requirements and business cases for new and existing security solutions, extensive cooperation with multiple project and operation teams on different security-related topic, and much more. Key Responsibilities Vulnerability Management & Penetration Testing: Perform regular vulnerability assessments and penetration tests on servers, middleware, and public-facing web applications. Patch Management: Oversee the security and lifecycle management of operating systems and middleware platforms, including patch management, version upgrades (e.g., WebLogic, WebSphere), security updates SSL certificate management and user access controls to ensure secure and stable environments. Secure Coding Collaboration: Work closely with software development teams to enforce secure coding practices aligned with the OWASP security framework. Security Tools & Solutions Management: Administer and support security tools such as Netskope/Zscaler Cloud Security, firewalls, Web Application Firewalls (WAF) End Point Protection: Antivirus solutions (TrendMicro, McAfee/Trellix ePO). SIEM Monitoring & Management: Monitor and manage Security Information and Event Management (SIEM) systems to ensure timely detection and response to security events. Incident Response Handling: Lead incident response activities including investigation, containment, eradication, and root cause analysis of security incidents. Cross-Team Coordination: Collaborate with internal stakeholders and external service providers to resolve security issues and maintain compliance with organizational policies. Access Governance: Review and validate Change Requests, Privileged Access Requests, and other access control-related approvals. Audit & Compliance Support: Assist in internal and external security audits, including firewall reviews, and compliance checks. Manage Core IT Services Security: Administer and secure essential IT services including FTP, SFTP, IIS, Ports and implement Role-Based Access Control (RBAC) to enforce least-privilege access principles and ensure operational integrity. Knowledge, Skills, Experience, Qualifications Experience: 3+ years of hands-on experience. Technical Skills: Server: - Windows server (2016/2019/2022), Linux (RHEL, Ubuntu) Antivirus Solutions (McAfee Trellix ePO, Trend Micro) SIEM Platforms (e.g., Splunk) Vulnerability Scanning (Nessus, Qualys, OpenVAS) Penetration Testing Tools (Burp Suite, OWASP ZAP) Basic scripting (PowerShell, Bash) for automation of tasks CSI (Critical Security Incidents) framework, compliance and audit preparation Certification Certified Ethical Hacker (CEH) CompTIA Security+ CCNA- Cisco Certified network Associate What we offer Probation period - only 3 months. 5 Days Working Annual Bonus – as per company policy. Long Service Award. Paid leaves for Birthday and Wedding/Work Anniversary Learning Opportunity through an online learning platform with rich training courses and resources. Company Sponsored IT Certification - as per company policy Following insurance from Date of Joining: o Group Medical Insurance with Sum Insured of up to 5 Lakh o Term life Insurance - 3 times of your CTC o Accidental Insurance - 3 times of your CTC Employee Engagement Activities: o Fun Friday per week o Annual Off-Site Team Building o End Year Party o CSR programs o Global Employee Engagement Events Job Location - On site. Pitampura, Netaji Subhash Place, New Delhi - 110034. In case your profile is a match and in alignment with your career interests, then submit your updated Application directly on the link. Experience level: Mid

Who we are At Twilio, we're shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalized customer experiences. Our dedication to remote-first work, and strong culture of connection and global inclusion means that no matter your location, you're part of a vibrant team with diverse experiences making a global impact each day. As we continue to revolutionize how the world interacts, we're acquiring new skills and experiences that make work feel truly rewarding. Your career at Twilio is in your hands. See yourself at Twilio Join the team as Twilio's next Senior Application Security Engineer(L3). About the job The Cloud and Application Security team enables delivery of secure by default products to reduce our attack surface against an evolving threat landscape. This position is needed to enhance Twilio's Application Security capabilities to improve visibility, reduce vulnerabilities and foster secure engineering practices . This role is going to provide thought leadership and help build key aspects of the program in partnership with different InfoSec and Engineering teams. This role will have a high impact Responsibilities In this role, you'll: Contribute and Lead Application Security initiatives across different teams to design, build and implement security best practices Implement and enhance security automation within CI/CD pipelines Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities Develop and maintain secure coding guidelines and security training for Engineers Investigate security vulnerabilities and support incident response as needed Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications Qualifications Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table! Required: 5+ years of experience in application security, secure software development, or related fields. Hands on experience with SAST, SCA, DAST, Secrets Management, API Security solutions Experience with securing Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP). Strong knowledge of OWASP top 10s and modern attack vectors Proficiency in at least one programming language (Python, Go, Java, TypeScript) Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels Desired: Application Security certifications (OSCP, GWAPT, GCPN etc) Experience with Threat Modeling Location This role will be remote, and based in India(Karnataka, Maharashtra, New Delhi, Tamilnadu, Telangana) Travel We prioritize connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to participate in project or team in-person meetings. What We Offer Working at Twilio offers many benefits, including competitive pay, generous time off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location. Twilio thinks big. Do you? We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts. So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now! If this role isn't what you're looking for, please consider other open positions. Twilio is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.

Job Description Summary As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for Cyber security analysis of controllers, Control systems. Lead the software and hardware penetration testing activates Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans. Streamline SBOM generation. Lead the cyber security testing for GE Vernova Power Conversion products and analyze the reports and suggest remediation strategy. Identify Product vulnerabilities, rate and report to development team. Job Description Essential Responsibilities: Lead reviews, suggest architectural changes, conduct tests to ensure systems, controllers, meet Cyber security requirements. Collaborates with a team of controls and system engineers developing operational software for various subsystems. The position requires a clear understanding of OT System, and conversant with all Cyber security requirements. This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. The Security Analyst should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in different location to deliver Cyber secure software to meet customer requirements. Roles and Responsibilities You are a skilled Security Analyst who enjoys security work and is an expert in systems security, product / OT security and application security. In this role, you will be working with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents. In This Role, You Will Be responsible for providing technical leadership and defining, developing security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure. Work with Cyber Security Leaders and SMEs to understand product requirements. Hands on experience with penetration testing for software applications, Systems, Web Application, mobile application, controllers. Work on Cybersecurity tools like Wireshark, NESSUS and Burp Suite Experienced in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing during the development of software applications. Assist security champions in completing Threat Modelling and Architecture Risk Analysis on product features. Perform Security Code Reviews, Vulnerability Analysis and research on application code. Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera) Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project. Research new application security technologies and implement them to improve application security. Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development. Promote best practices based on OWASP Top 10, SANS Top 25, and the GE Vernova SDLC. Education/Qualification Bachelor /master's degree in IT/computer science or relevant engineering or equivalent knowledge / experience with 8-10 Years of Experience Strong understanding of fundamentals in networking, ethical hacking, cryptography, penetration testing, vulnerability analysis, risk assessment, threat modelling, cybersecurity standards like ISO 27000 and ISA/IEC 62443. Database RDBMS, MySQL NoSQL databases Software component: MS Visual Studio, MS Office, MS Visio, GitHub Linux and Windows OS Hands on experience with Enterprise Application and Web Application servers like Tomcat, and WLP. Certifications like CEH, OSCP, PNPT will be an added advantage. Additional Information Relocation Assistance Provided: Yes

Job Description (Summary) The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention

About ValGenesis ValGenesis is a leading digital validation platform provider for life sciences companies. ValGenesis suite of products are used by 30 of the top 50 global pharmaceutical and biotech companies to achieve digital transformation, total compliance and manufacturing excellence/intelligence across their product lifecycle. Learn more about working for ValGenesis, the de facto standard for paperless validation in Life Sciences: https://www.youtube.com/watch?v=tASq7Ld0JsQ About The Role We are looking for experienced product development engineers/experts who could join our flagship VLMS product engineering team to implement the product enhancements and support our global customers. If you are a technology enthusiast and have passion to develop enterprise products with quality, security, and performance, we are eager to discuss with you the potential role. Responsibilities Understand the business requirements and technical constraints and architect/design/develop. Participate in the complete development life cycle. Review the architecture/design/code of self and others. Develop enterprise application features using C#, ASP .NET development framework. Own and be accountable for the Quality, Performance, Security, and Sustenance of the respective product deliverables. Strive for self-excellence along with enabling the success of the team/stakeholders. Requirements 2 to 10 years of experience in developing enterprise software products Must have strong experience in ASP .NET Web Forms with C# Strong experience in SQL, MS SQL Server Experience in Javascript, JQuery, AngularJS Good knowledge of Web Services, Web API, WCF, LINQ, IIS 7.0+ Knowledge/Experience in SSO integration using LDAP, ADFS, OKTA, PING Knowledge/Experience in HTML5, XML, OOXML, XAML, WPF, CSS, Bootstrap Knowledge/Experience in XSS, SSL, TLS, OWASP standards Knowledge/Experience in DevExpress report, SSRS, Crystal Reports, BI Components Knowledge of Code Quality, Code Monitoring, Performance Engineering, and Test Automation Tools We’re on a Mission In 2005, we disrupted the life sciences industry by introducing the world’s first digital validation lifecycle management system. ValGenesis VLMS® revolutionized compliance-based corporate validation activities and has remained the industry standard. Today, we continue to push the boundaries of innovation ― enhancing and expanding our portfolio beyond validation with an end-to-end digital transformation platform. We combine our purpose-built systems with world-class consulting services to help every facet of GxP meet evolving regulations and quality expectations. The Team You’ll Join Our customers’ success is our success. We keep the customer experience centered in our decisions, from product to marketing to sales to services to support. Life sciences companies exist to improve humanity’s quality of life, and we honor that mission. We work together. We communicate openly, support each other without reservation, and never hesitate to wear multiple hats to get the job done. We think big. Innovation is the heart of ValGenesis. That spirit drives product development as well as personal growth. We never stop aiming upward. We’re in it to win it. We’re on a path to becoming the number one intelligent validation platform in the market, and we won’t settle for anything less than being a market leader. How We Work Our Chennai, Hyderabad and Bangalore offices are onsite, 5 days per week. We believe that in-person interaction and collaboration fosters creativity, and a sense of community, and is critical to our future success as a company. ValGenesis is an equal-opportunity employer that makes employment decisions on the basis of merit. Our goal is to have the best-qualified people in every job. All qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, gender identity, national origin, disability, or any other characteristics protected by local law.

About Allica Bank Allica is the UK’s fastest growing company - and the fastest-growing financial technology (Fintech) firm ever. Our purpose is to help established SMEs, one of the last major underserved opportunities in Fintech. Established SMEs are the backbone of local communities - representing over a third of our economy - yet have been largely neglected both by traditional high street banks and modern fintech providers. Department Description The Allica Security team play a key role in protecting the bank and are responsible for all aspects of security surrounding Applications, Infrastructure and Security Operational Policy. Our mission is to provide the best-in-class security to protect the bank. We live and breathe the Allica values and deliver services intelligently using automation, intelligence, and innovation. Role Description We are seeking a highly skilled and hands-on Security Operations Engineer to oversee security incident response, threat intelligence, and cloud security operations. This role requires deep technical expertise and a proactive mindset to defend against evolving cyber threats. The ideal candidate will also collaborate closely with DevOps and infrastructure teams to ensure security is embedded across all layers of our environment. Principal Accountabilities . Design, implement, and manage SIEM and EDR/XDR solutions to enhance detection and response capabilities. Conduct in-depth threat intelligence analysis, threat hunting activities, and digital forensics investigations. Ensure robust security posture across cloud platforms including Azure and GCP. Collaborate with DevOps teams to integrate security controls and testing into CI/CD pipelines. Develop automation scripts and detection rules using Python, PowerShell, or Bash. Support red teaming, adversary simulations, and penetration testing exercises. Drive compliance initiatives aligned with ISO 27001, NIST, and other recognized frameworks. Personal Attributes & Experience Expertise in Security Operations, Incident Response, or Threat Hunting. Strong hands-on expertise with SIEM, EDR/XDR, and threat intelligence platforms. Proven experience in securing cloud environments (Azure, GCP). Scripting and automation proficiency in Python, PowerShell, or Bash. Strong understanding of MITRE ATT&CK, OWASP Top 10, and cloud security architecture. Ability to work independently and lead initiatives in a dynamic, fast-paced environment. Experience with M365/O365 security. Experience with AAD Conditional Access, risky sign-ins, and MFA. Experience in Netskope DLP in the data protection and monitoring M365/O365 Data Loss Prevention experience desirable. Azure Cloud Security experience desirable. Strong sense of ownership, urgency, and drive. Ability to build partnerships. Interest in continuous learning. Preferred Tools & Platforms Experience Experience with the following tools will be considered an added advantage. Security & Threat Detection: CrowdStrike, Abnormal, ZeroFox, KnowBe4, RiskSmart Cloud & Endpoint Security: Azure, Intune, Netskope, Microsoft Purview, Gatekeeper Vulnerability & Risk Management: Qualys, RiskLedger, Easy DMARC Data Protection & Monitoring: Varonis Working at Allica Bank At Allica Bank we want to ensure our employees have the right tools and environment in which to succeed in their role and in support of our customers. Our employees are at the heart of everything we do, so our benefits are designed with you in mind: Full onboarding support and continued development opportunities Options for flexible working Regular social activities Pension contributions Discretionary bonus scheme Private health cover Life assurance Family friendly policies including enhanced Maternity & Paternity leave Don’t tick every box? Don’t worry if you don’t have all the skills or requirements listed on the job description. If you think you’ll be a good fit, we’d still love to hear from you! Flexible working We know the ‘9-to-5’ isn’t right for everyone. That’s why Allica Bank is fully committed to flexible and hybrid working. Please let us know what is best for you and, if we can, we will do our best to accommodate. Diversity We’re a diverse bunch here at Allica, with all kinds of experiences, backgrounds and lifestyles. Our openness and differences make us stronger, and we want everybody to feel comfortable bringing as much of themselves to work with them as they like.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.