3229 Owasp Jobs - Page 36

Associate Consultant 2-4 Years Roles and Responsibilities: 1. To perform Web and API Penetration testing 2. Perform Cloud security assessment (AWS and Azure must) based on CIS benchmark 3. Client interaction 4. Perform retest post confirmation on the fixes 5 Follow-up with the relevant stakeholders on the remediation of open vulnerabilities Mandatory Skills required for the role: Web, API Penetration Testing Good understanding of OWASP methodology, ASVS and other checklists Knowledge on cloud security and CIS benchmark Good written and spoken communication skills Ability to do report walkthrough with relevant stakeholders Hands-on experience with Burp suite pro, SQLmap, Kali Linux tools Hands on experience with Prowler, Pmapper, Scoutsuite, Cloudsploit Optional Skills for the role: Thick client/ Mobile App PT Secure code review

Senior Software Engineer - Full Stack Location: Bangalore, IN, 562122 Position Type: Professional Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the futureIf you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. Job Description Senior Full Stack Developer: Developer will be responsible for the development, implementation, and maintenance of applications using Angular and Dot Net core. Should be able to contribute in overall design of application collaborating with architect. Responsibilities: Develop and test features according to the requirement, using appointed tools and technologies. Coordinate and collaborate with multiple stakeholders including Business Analysts, Architects, Product Owner and Tech Lead Follow all coding/testing/security guidelines and best practices. Build, release and deploy on different environments. Support implementations/Rollouts of new features/issue fixes/enhancements in non-prod/Prod environments. Lead and guide junior developers. Mandatory Requirements: Bachelor s or Master s degree in Engineering (BE/B.Tech/MCA) 8 to 12 years of experience in .NET Web Application development Strong hands-on experience in: o C#, .NET Core 3.1 / .NET 6 o Web API2, LINQ, Entity Framework Core o Azure PaaS Services, Azure DevOps, including YAML Pipelines o SQL Server, RESTful APIs, and Microservice architecture Strong in Angular (v10+) and TypeScript for front-end development Solid experience with JavaScript, HTML5, and CSS3 Good knowledge and implementation of: o OOPs, SOLID principles, and Design Patterns o Developing and consuming .NET Core Web APIs (REST and GraphQL) Experience in Azure cloud services and deployment pipelines Excellent communication and presentation skills Comfortable working in a multi-cultural, distributed environment and collaborating with global teams Strong customer focus and commitment to delivery excellence Proactive in continuous improvement, process enhancement, and adoption of new technologies Experience working in Agile/Scrum teams A committed team player with a self-driven attitude Preferred Attributes: Experience with frontend/backend unit testing frameworks Familiarity with CI/CD, containerization, or serverless deployments on Azure Understanding of secure coding practices and performance optimization Experience in SonarQube, security tools-DAST/SAST, OWASP. Travel Required: Occasional Travel We value your data privacy and therefore do not accept applications via mail. Who we are and what we believe in We are committed to shaping the future landscape of efficient, safe, and sustainable transport solutions. Fulfilling our mission creates countless career opportunities for talents across the group s leading brands and entities. Applying to this job offers you the opportunity to join Volvo Group . Every day, you will be working with some of the sharpest and most creative brains in our field to be able to leave our society in better shape for the next generation. We are passionate about what we do, and we thrive on teamwork. We are almost 100,000 people united around the world by a culture of care, inclusiveness, and empowerment. Group Digital & IT is the hub for digital development within Volvo Group. Imagine yourself working with cutting-edge technologies in a global team, represented in more than 30 countries. We are dedicated to leading the way of tomorrow s transport solutions, guided by a strong customer mindset and high level of curiosity, both as individuals and as a team. Here, you will thrive in your career in an environment where your voice is heard and your ideas matter. Job Category: Information Technology Organization: Group Digital & IT Travel Required: Occasional Travel Requisition ID: 22784 View All Jobs Do we share the same aspirations Every day, Volvo Group products and services ensure that people have food on the table, children arrive safely at school and roads and buildings can be constructed. Looking ahead, we are committed to driving the transition to sustainable and safe transport, mobility and infrastructure solutions toward a net-zero society. Joining Volvo Group, you will work with some of the world s most iconic brands and be part of a global and leading industrial company that is harnessing automated driving, electromobility and connectivity. Our people are passionate about what they do, they aim for high performance and thrive on teamwork and learning. Everyday life at Volvo is defined by a climate of support, care and mutual respect. If you aspire to grow and make an impact, join us on our journey to create a better and more resilient society for the coming generations.

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry -leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Description Who are we?  Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi. What are we looking for? Checkmarx, a leader in the application security testing market, actively seeks talented application security engineers (AppSec Eng.) to support Checkmarx Global Services and our customers. The perfect candidate has a robust background in software development and application security. How will you make an impact? Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform. Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities. Create proof-of-concept based on identified vector attacks. Daily and monthly responsibilities: Conduct security-focused statical code analysis on top of a broad range of development languages and open-source libraries. Support customer AppSec/Dev teams with mitigation strategy/advice for identified vulnerabilities. When required, create proofs-of-concept that can illustrate a given vulnerability exploitability. When needed, support AppSec/Dev teams in analyzing applications. Requirements What You’ll Need: Bachelor's degree in computer science or another highly technical scientific discipline. +3 years experience in development using one or more high-level programming languages like Java, .Net, Javascript, Go, Python, etc. +3 years experience in security-focused code review covering some market standards AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI- DSS, etc. A proactive approach to spotting problems, areas for improvement, and performance bottlenecks. Strong technical aptitude - being able to pick up technical concepts rapidly is required. Highly motivated self-starter. Fluent in English (++ for other languages). The fine print: Work from office/home (hybrid). Some international travel required (less than 10%) If you have the skillset we’re looking for, we will get you up-to-speed with Checkmarx Platform solutions and invest in you to improve your knowledge and technical skills. What we have to offer Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law.

Are you a highly motivated and experienced software engineer looking to take your career to the next level? Look no further! Our team at Lean is on a mission to revolutionize the fintech industry by providing developers with a universal API to access their customer's financial accounts from across the Middle East. We are breaking down infrastructure barriers and empowering the growth of the fintech industry, and we need a talented software engineer like you to help us make it happen! As a software engineer at Lean, you will play a critical role in developing and building the product line that will underpin the future of the financial ecosystem. You'll have the opportunity to work with technologies such as Java Spring Boot, PostgreSQL, Kafka, Redis, and more. You will be responsible for developing and maintaining microservices that implement our products, continuously improving their performance, scalability, and reliability. But it's not just about the technology, we're looking for a problem-solver, someone who thrives on challenges and is ready to implement compelling solutions to complex problems. You'll be working closely with other cross-functional teams, staying up-to-date with the latest developments in fintech and ensuring our systems are aligned with industry standards. You'll also be participating in code reviews, and ensuring that all code is of high quality and adheres to best practices. Who are we Lean enables companies to seamlessly connect to their users’ bank accounts to initiate real-time payments and retrieve their account information. Our products have garnered the trust of leading companies and enabled them to deliver powerful experiences when connected with a user’s bank account, allowing users to perform prudent financial planning, get better rates on loans, transfer money to friends, and more, without compromising on privacy or security. Some of Lean’s clients include the likes of Ciclys, Tabby, Tamara, Salla, Tawuniya, and many more, making it the region’s most valuable Open Banking platform. The company has now processed hundreds of millions of dollars, and its products are also connected with hundreds of thousands of accounts. Lean envisions a fully inclusive financial ecosystem that serves everyone, no matter where they bank or live in the MENAP region. Requirements 3-5 years of experience as a software engineer Experience with Java, Spring Boot, PostgreSQL Experience on Microservice architecture and REST fundamentals. Strong desire to learn new technologies and implement them Interest in the Fintech industry, especially related to Open Banking Excellent verbal and written communication skills Bachelor’s degree in Computer Science or a related field Strong problem-solving skills Strong understanding of software development best practices Self-motivated and comfortable with autonomy Bonus Experience working in the financial sector Experience working in startup environments Knowledge of Kafka, Redis and No SQL databases Be familiar with API and OWASP top 10 security vulnerabilities. Ability to produce code that adheres to secure coding guidelines What Excites you? Freedom and the opportunity to build and experiment with new things. Being a part of a team that is revamping their codebases and implementing best practices. Joining a team that is elevating their code to the next level while adhering to best practices. Having the ability to experiment with new ideas and collaborate with like-minded people. What's in it for you? Competitive salary and benefits package The opportunity to work on a product that aligns with and empowers developers to build the financial applications they are passionate about The chance to work with a team of talented, dedicated professionals who are passionate about the fintech industry As one of the first hires in Riyadh, you will join a dedicated and talented team that is deeply passionate about the fintech industry. You will have the opportunity to play a crucial role in setting the tone and culture for our expanding operations in Riyadh.

We are seeking dedicated and skilled professionals to contribute to a forward-thinking organization by enhancing its cloud security posture through innovative solutions, continuous monitoring, and collaboration with cross-functional teams. prospect should have deep expertise in cloud security to design, implement, and manage robust security frameworks that protect cloud-based infrastructure, applications, and data. Educational qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Experience 10-12 years of experience in cloud security, including architecting and implementing solutions on platforms like AWS, GCP, and Azure. Proven experience in application security, vulnerability assessment, and penetration testing. Strong understanding of secure coding practices and knowledge of common security vulnerabilities. Familiarity with security standards and frameworks such as OWASP, ISO 27001, and NIST. Experience with security testing tools and automation. Relevant certifications such as CISSP, CEH, or OSCP are a plus. Excellent communication and collaboration skills. Ability to stay up-to-date with the latest security trends, threats, and technologies. Roles and Responsibilities Lead the design, development, and deployment of modular cloud-based systems. Develop and maintain cloud solutions in accordance with best practices. Ensure efficient functioning of data storage and process functions in accordance with company security policies and best practices in cloud security. Identify, analyse, and resolve infrastructure vulnerabilities and application deployment issues. Regularly review existing systems and make recommendations for improvements. Perform threat modelling and design reviews to evaluate the introduction of new technologies’ security implications and requirements. Collaborate with cross-functional teams to integrate security measures throughout the software development lifecycle. Create and maintain comprehensive security documentation, including risk assessments, security policies, and procedures. Attract, develop, and retain talent, improving productivity, efficiency, and effectiveness of the team. PLease email your resume to mansi.namdev1@adani.com

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing… You will be part of the Network Planning group in GNT organization supporting development of deployment automation pipelines and other tooling for the Verizon Cloud Platform. You will be supporting a highly reliable infrastructure running critical network functions. You will be responsible for solving issues that are new and unique, which will provide the opportunity to innovate. You will have a high level of technical expertise and daily hands-on implementation working in a planning team designing and developing automation. This entitles programming and orchestrating the deployment of feature sets into the Kubernetes CaaS platform along with building containers via a fully automated CI/CD pipeline utilizing Ansible playbooks, Python and CI/CD tools and process like JIRA, GitLab, ArgoCD, or any other scripting technologies. Leverage monitoring tools such as Redfish, Splunk, and Grafana to monitor system health, detect issues, and proactively resolve them. Design and configure alerts to ensure timely responses to critical events. Work with the development and Operations teams to design, implement, and optimize CI/CD pipelines using ArgoCD for efficient, automated deployment of applications and infrastructure. Implement security best practices for cloud and containerized services and ensure adherence to security protocols. Configure IAM roles, VPC security, encryption, and compliance policies. Continuously optimize cloud infrastructure for performance, scalability, and cost-effectiveness. Use tools and third-party solutions to analyze usage patterns and recommend cost-saving strategies. Work closely with the engineering and operations teams to design and implement cloud-based solutions. Provide mentorship and support to team members while sharing best practices for cloud engineering. Maintain detailed documentation of cloud architecture and platform configurations and regularly provide status reports, performance metrics, and cost analysis to leadership. What We’re Looking For... You’ll need to have: Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Four or more years of work experience in Kubernetes administration. Hands-on experience with one or more of the following platforms: EKS, Red Hat OpenShift, GKE, AKS, OCI GitOps CI/CD workflows (ArgoCD, Flux) and Very Strong Expertise in the following: Ansible, Terraform, Helm, Jenkins, Gitlab VSC/Pipelines/Runners, Artifactory Strong proficiency with monitoring/observability tools such as New Relic, Prometheus/Grafana, logging solutions (Fluentd/Elastic/Splunk) to include creating/customizing metrics and/or logging dashboards Backend development experience with languages to include Golang (preferred), Spring Boot, and Python Development Experience with the Operator SDK, HTTP/RESTful APIs, Microservices Familiarity with Cloud cost optimization (e.g. Kubecost) Strong experience with infra components like Flux, cert-manager, Karpenter, Cluster Autoscaler, VPC CNI, Over-provisioning, CoreDNS, metrics-server Familiarity with Wireshark, tshark, dumpcap, etc., capturing network traces and performing packet analysis Demonstrated expertise with the K8S ecosystem (inspecting cluster resources, determining cluster health, identifying potential application issues, etc.) Strong Development of K8S tools/components which may include standalone utilities/plugins, cert-manager plugins, etc. Development and working experience with Service Mesh lifecycle management and configuring, troubleshooting applications deployed on Service Mesh and Service Mesh related issues Expertise in RBAC and Pod Security Standards, Quotas, LimitRanges, OPA & Gatekeeper Policies Working experience with security tools such as Sysdig, Crowdstrike, Black Duck, etc. Demonstrated expertise with the K8S security ecosystem (SCC, network policies, RBAC, CVE remediation, CIS benchmarks/hardening, etc.) Networking of microservices, solid understanding of Kubernetes networking and troubleshooting Certified Kubernetes Administrator (CKA) Demonstrated very strong troubleshooting and problem-solving skills Excellent verbal communication and written skills Even better if you have one or more of the following: Certified Kubernetes Application Developer (CKAD) Red Hat Certified OpenShift Administrator Familiarity with creating custom EnvoyFilters for Istio service mesh and integrating with existing web application portals Experience with OWASP rules and mitigating security vulnerabilities using security tools like Fortify, Sonarqube, etc. Database experience (RDBMS, NoSQL, etc.) Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

FactSet creates flexible, open data and software solutions for over 200,000 investment professionals worldwide, providing instant access to financial data and analytics that investors use to make crucial decisions. At FactSet, our values are the foundation of everything we do. They express how we act and operate , serve as a compass in our decision-making, and play a big role in how we treat each other, our clients, and our communities. We believe that the best ideas can come from anyone, anywhere, at any time, and that curiosity is the key to anticipating our clients’ needs and exceeding their expectations. The Business Information Security Officer (BISO) serves as a trusted security advisor to lines of business. The BISO understands security risks and technologies and is able to effectively communicate them to business units. The BISO works in tandem with the business across multiple services and platforms to address risk, while advising business leaders to ensure they are making decisions with security in mind. The BISO is an advanced role supporting the cybersecurity program. This individual provides leadership, executive support, and strategic and tactical guidance for a world-class cybersecurity program supporting enterprise security initiatives. As a business enabler, the BISO is an effective communicator with the technical aptitude to drive security fundamentals into aspects of the business. The BISO must be capable of working closely with senior management, third parties, project managers and business subject matter experts (SMEs). Additionally, the BISO must be personable and able to translate cybersecurity issues to business leader initiatives. The BISO must have a technical background and be able to understand technologies, their purpose, and their security requirements and data protection needs, wherever they reside. BISOs should also understand threats, as well as risk mitigations and technical controls recommended by security leaders. Job Responsibilities: Serve as a trusted security advisor with business unit leadership. Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle. Act as a trusted point of contact across business units. Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure. Be actively informed and engaged in security projects across the business. Provide disaster recovery and business continuity planning advice when working with leaders for business and cybersecurity resiliency. Enforce the strong security culture set forth by the CISO, ensuring uniformity across business units and employees. Foster strong relationships with internal business units and excel in cybersecurity communication. Advise business units on enterprise-wide people, process and technology security recommendations. Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units. Ensure business projects are focused on cybersecurity from the beginning. Identify and document threats and vulnerabilities that may impact the business and address them regularly with business units. In conjunction with security and business leaders, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible. Provide motivation to business units to adopt cybersecurity controls. Remove complexity and obstacles that hinder efficient security controls enterprise-wide. Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications. Stay abreast of new laws, regulations and standards, and assess their impact to the business. Verify security content training initiatives and internal/external communication are conducted regularly. Openly support the CISO, management team and executive leadership, even during tumultuous times. Perform other duties as assigned. Job Responsibilities: 15+ years of relevant Cybersecurity experience with minimum 5 years as Cybersecurity Architect or Lead Engineer. Bachelor’s degree in Information Cybersecurity, Cybersecurity Assurance, Computer Science or related fields. Relevant certifications preferred including CISSP, CISM, GSEC, etc. Capable of working with diverse teams and promoting an enterprise-wide positive security mindset/culture.. Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.. Experience collaborating with IT teams to implement technology solutions that enable business initiatives and reduce risk. Knowledge of a relevant enterprise architecture methodology. Ability to determine key security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues. Ability to translate design into bill of materials and preparing cost estimates. Knowledge of a relevant Cloud architecture standards, methodology, and technology. Experience with risk assessments of new product development efforts as well as externally purchased applications and cloud services. Expert knowledge of security issues, techniques and implications. Advanced knowledge of common system, software and web application vulnerabilities (e.g., OWASP Top 10). General understanding of project management best practices. Ability to translate technical designs into bill of materials for procurement, collaborate with procurement team, draft Request for Quote/Purchase/Information (RFQ/RFP/RFI), and manage vendor relationships. Familiarity of SSDLC (Secure Software Development Life Cycle) or SDL (Secure Development Lifecycle). Experience assisting with third-party risk assessments and security control design validation. Experience performing Root Cause Analysis (RCA) for control failures and advising IT Management with risk treatment plans. Able to deliver quality results in a high-energy/high-pressure environment. Ability to multi-task and manage demands of many projects, issues, and tasks. Ability to perform duties with minimal supervision. Excellent interpersonal and teamwork skills. Excellent communications skills, both verbal and written. Experience performing research and communicating findings to technical and non-technical audience. Ability to credibly speak with clients regarding requests for information, integration, risk management, and compliance. Experience technically leading and influencing teams without depending on management authority. Experience mentoring Cybersecurity and IT team members. Diversity: At FactSet, we celebrate diversity of thought, experience, and perspective. We are committed to disrupting bias and a transparent hiring process. All qualified applicants will be considered for employment regardless of race, color, ancestry, ethnicity, religion, sex, national origin, gender expression, sexual orientation, age, citizenship, marital status, disability, gender identity, family status or veteran status. FactSet participates in E-Verify. Return to Work: Returning from a break? We are here to support you! If you have taken time out of the workforce and are looking to return, we encourage you to apply and chat with our recruiters about our available support to help you relaunch your care Company Overview: FactSet ( NYSE:FDS | NASDAQ:FDS ) helps the financial community to see more, think bigger, and work better. Our digital platform and enterprise solutions deliver financial data, analytics, and open technology to more than 8,200 global clients, including over 200,000 individual users. Clients across the buy-side and sell-side, as well as wealth managers, private equity firms, and corporations, achieve more every day with our comprehensive and connected content, flexible next-generation workflow solutions, and client-centric specialized support. As a member of the S&P 500, we are committed to sustainable growth and have been recognized among the Best Places to Work in 2023 by Glassdoor as a Glassdoor Employees’ Choice Award winner. Learn more at www.factset.com and follow us on X and LinkedIn . At FactSet, we celebrate difference of thought, experience, and perspective. Qualified applicants will be considered for employment without regard to characteristics protected by law.

Overview: The Information Security Assessment Lead is responsible for safeguarding PepsiCo's digital assets by assessing the cyber risk and compliance of new and changing systems against information security requirements and managing risks associated with IT and Information Security systems throughout the project lifecycle. The ISA Lead will collaborate with various security teams and businesses to facilitate compliance with Information Security standards, provide technical guidance for key strategic initiatives, and drive the secure delivery of technology solutions within PepsiCo. The role heavily focuses on security risk-based assessments, and data-driven decision-making and automation. Responsibilities: Security Design Expertise: Proven track record in assessing security designs, including data flow diagrams, architectural blueprints, low-level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as NIST 800-53, ISO 27002, CIS, and OWASP to ensure robust security postures. Skilled at identifying potential security gaps and implementing best practices to fortify system architectures against emerging threats. Familiarity with the latest security tools and technologies, as well as experience in integrating security measures into complex IT environments, is essential. Compliance Assessment: Assess new and changing application designs and requirements to ensure compliance with PepsiCo information security standards. Risk Communication: Identify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Threat Modeling: Utilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture. Project Lifecycle Reviews: Review IT and Information Security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated Risk Assessments: Conduct risk-based assessments using automated tools and techniques to prioritize and address security risks. Collaboration and Education: Collaborate with various IT and Business teams to ensure they are knowledgeable about Information Security processes and requirements, influencing them to eliminate or reduce risks. ServiceNow Utilization: Experience using ServiceNow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics Management and Reporting: Manage operational metrics related to the ISA and GRC processes, utilizing Power BI for advanced reporting, tracking project progress, and developing corrective action plans. Process Improvement and Proactive Security: Govern Information Security services from the ISA, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage Azure and cloud security knowledge, and implement Agile and DevSecOps methodologies to integrate security into the development process. Qualifications: A minimum of 8 years of experience in Information Security, IT Risk Management, or a similar role. Mandatory Technical Skills: In-depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as NIST 800-53, CIS, and ISO 27002. Proficient in ServiceNow, with the ability to leverage its modules for information gathering, data analysis, and automation of the ISA service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in Power BI for developing reports and dashboards to support data-driven decision-making. Strong skills in developing ad hoc reports and managing metrics. Knowledge of Azure and general cloud security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non-technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory Non-Technical Skills: Proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent PepsiCo Information Security in complex situations with business and IT partners. Ability to collaborate with various stakeholders, including business units and product managers.

5 - 7 Years 1 Opening Trivandrum Role description Job Title: Senior Threat Hunter & VAPT Specialist – SIEM/EDR Tools Location: [Trivandrum] Experience Required: 5+ Years Department: Cybersecurity / Information Security Employment Type: Full-Time Role Overview We are seeking a versatile and experienced Cybersecurity Professional to join our team as a Threat Hunter and VAPT Analyst . In this dual-capacity role, you will proactively identify and mitigate emerging cyber threats, perform in-depth vulnerability assessments, and help protect critical infrastructure and data assets. This role requires a blend of advanced technical expertise , analytical mindset , and strong collaboration with SOC and incident response teams. Key Responsibilities Threat Hunting Proactively hunt for undetected threats across networks, systems, and endpoints using behavioral analysis and threat intelligence . Identify Tactics, Techniques, and Procedures (TTPs) and anomalies to detect potential threats or APT activities. Leverage threat intelligence feeds and the MITRE ATT&CK framework to build and validate detection use cases. Collaborate with SOC teams to enhance detection rules and reduce false positives. Conduct forensic investigations and perform root cause analysis on incidents and suspicious behaviors. Develop custom scripts and queries (Python, PowerShell, Bash) for automating hunting activities in EDR, SIEM, and XDR platforms. Document and share threat hunting reports , IOCs , and actionable recommendations with relevant stakeholders. Vulnerability Assessment & Penetration Testing (VAPT) Conduct vulnerability assessments and penetration tests on systems, applications, networks, and APIs. Analyze vulnerabilities, assess risks, and deliver detailed, actionable reports to technical teams. Use a combination of automated tools (e.g., Nessus , Burp Suite , Nmap , Metasploit ) and manual techniques to identify security flaws. Ensure all assessments adhere to internal policies and regulatory standards . Perform periodic and ad-hoc security assessments for web applications , databases , wireless , and cloud environments . Collaborate with IT teams to validate remediations through re-testing and follow-ups . Stay current on emerging vulnerabilities , exploit techniques , and threat actor tactics . Qualifications & Skills Bachelor’s degree in Computer Science , Information Security , or a related discipline. 5+ years of experience in a cybersecurity role with hands-on work in threat hunting and VAPT . Strong expertise in VAPT tools and methodologies: Nessus, Burp Suite, Nmap, Metasploit, OWASP Top 10 . Experience with SIEMs , EDR platforms , and threat intelligence tools . Working knowledge of the MITRE ATT&CK framework . Proficient in scripting languages such as Python, PowerShell, or Bash . Excellent analytical , investigative , and report-writing skills. Strong communication and stakeholder engagement abilities. Preferred Certifications OSCP – Offensive Security Certified Professional CEH – Certified Ethical Hacker GIAC – GCIH, GPEN, GWAPT CISSP – Certified Information Systems Security Professional CESM or other equivalent cybersecurity credentials Skills Soc,TTP,Troubleshooting About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Global Security Office Gurgaon, India Publicis Re:Sources India Intermediate Hybrid 7/10/2025 115360 Company description Resources is the backbone of Publicis Groupe, the world’s third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 5,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare, and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury, and risk management to help Publicis Groupe agencies do their best: create and innovate for their clients. In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications, and tools to enhance productivity, encourage collaboration, and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients. Overview JOB SUMMARY: Publicis Re:Sources is hiring a Senior Associate of Security Architecture for the Global Security Team. This full-time position includes identifying security weaknesses in information systems, drafting reports, providing recommendations for security risk mitigation, and collaborating with delivery and infrastructure support teams to address security risks. The candidate, with significant experience as an Information Systems Architect, must be a technical expert in cloud technologies and possess strong general knowledge across a range of technologies such as databases, networking, operating systems, authentication, and encryption — along with a solid understanding of the security aspects of all these systems. The responsibilities associated with the position are as follows: Conduct secure architecture reviews of application, cloud, and Identity, & Access Management (IAM) solutions to evaluate the adequacy and effectiveness of security measures. Make recommendations to address identified design and implementation gaps. Threat model key enterprise and agency systems. Collaborate with business and technical teams in developing security risk treatment plans addressing vulnerabilities in applications, cloud environments, and IAM solutions. Document and analyze the impact of new system integrations and updates on the current security posture. Develop and contribute to overarching and solution specific techincal security standards, encompassing application, cloud, and Identify, and Access Management (IAM) domains. Ensure system designs and architectures comply with security best practices, company policies, and industry-recognized security standards (e.g., ISO 27001, PCI DSS, NIST, HIPAA etc.). Periodically evaluate technical security standards and configurations, making recommendations for updates or improvements to ensure they remain current to address changing threat landscape. Collaborate closely with stakeholders, including business teams and internal departments, to ensure comprehensive security needs are understood and met in an efficient manner. Participate in software security review process, document security risks and mitigating controls. Participate in team meetings to collaborate on enterprise and business unit specific initiatives. Participate in the new technology evaluations and peer reviews. ESSENTIAL JOB REQUIREMENTS: Four (4) plus years of experience in Application Security and/or Cloud Security Knowledge of Threat Modeling frameworks, such as STRIDE. Cloud Security Certifications (AWS, Azure, GCP) preferred Knowledge of OWASP Top 10. Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge of documenting cyber threats and vulnerabilities. Knowledge of authentication, authorization, and access control methods. Knowledge of data security standards (e.g., PCI, PII, PHI, etc.) Skill in designing multi-level security/cross domain solutions. secure system design tools, methods and techniques. Ability to design architectures and frameworks. Qualifications Bachelor’s degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience Additional information OTHER JOB REQUIREMENTS: Good communication and documentation skills Ability to work effectively and collaboratively with stakeholders Willingness to work with geographically dispersed teams A ‘can do’ attitude team player who works well under pressure and with dispersed groups, worldwide Must be a self starter with strong organizational skills to enable navigation of the company to identify sponsors, stakeholders and interested parties

Job Title: Intermediate Backend Developer Location: Mumbai Experience: 2-4 yrs Responsibilities - Develop, test, and maintain backend services using Node.js and MongoDB. - Build reusable code and libraries for future use, ensuring maintainability and scalability. - Optimize backend applications for maximum speed, performance, and scalability. - Design and implement APIs and services that integrate with various AWS services, including S3, CloudFront, and EC2. - Implement security and data protection strategies in compliance with best practices. - Work with message queues like RabbitMQ or BullMQ for asynchronous job processing. - Collaborate with frontend developers and other team members to integrate front-end and back-end services. - Develop and maintain documentation for the codebase and APIs, ensuring clarity for team members and future use. - Participate in the development of microservices architecture for scalable systems. - Work closely with DevOps to ensure smooth deployment, monitoring, and troubleshooting of backend services. - Ensure the application complies with best practices in security, performance, and scalability. Skills And Qualifications - Node.js: 2+ years of experience building and maintaining backend services using Node.js. - MongoDB: Proficiency in MongoDB, including data modeling and query optimization. - AWS Services: Hands-on experience with AWS services like S3, CloudFront, and EC2 for deploying and managing backend applications. - Unix/Linux: Hands-on experience with Unix/Linux environments, including shell scripting for server management. - Queues: Experience working with message queues like RabbitMQ or BullMQ for managing background jobs and tasks. - API Development: Proficiency in building RESTful APIs. - Version Control: Experience using Git in collaborative team environments. - Familiarity with Tools: Familiarity with tools like Postman for API testing, Redis Insight, MongoDB Compass, and Cyberduck for file transfers. - Soft Skills: Problem-solving skills, effective communication, and ability to work collaboratively in a team. Plus Points - NestJS: Extensive hands-on experience with the NestJS framework will be highly preferred. - Email Providers: Experience with email providers such as AWS SES or SendGrid. - Redis: Practical experience using Redis for queuing or caching purposes. - WebSockets: Hands-on experience implementing real-time communication using WebSockets. - Coding Patterns: Knowledge of coding patterns like Emitter or Observer. - RxJS/Event Emitters: Familiarity with RxJS or event emitters for reactive or event-driven programming. - OWASP: Understanding of OWASP security principles. - Microservices: Experience working with or developing microservices architecture for scalable systems. - Documentation: Ability to document codebases and APIs effectively for future maintainability and scalability. Job Type: Full-time Pay: ₹400,000.00 - ₹900,000.00 per year Benefits: Paid sick time Schedule: Day shift Ability to commute/relocate: Mumbai, Maharashtra: Reliably commute or planning to relocate before starting work (Preferred) Experience: JavaScript: 2 years (Preferred) Node.js: 2 years (Required)

Job Title: Sr. Automation Tester Job Overview: We are seeking a skilled Automation Tester to join our team. The successful candidate will be responsible for developing, implementing, and maintaining automation frameworks, as well asexecuting automated tests to ensure the quality and reliability of our software applications. You will collaborate with cross-functional teams to identify and resolve issues and contribute to the overall improvement of our testing processes. Responsibilities: 1. Develop, implement, and maintain automation frameworks to streamline the testing process and improve efficiency. 2. Create and execute automated test scripts using programming languages such as Java, Python, Ruby, or C#. 3. Conduct API testing using tools like Postman and SoapUI to verify the functionality and performance of application programming interfaces. 4. Utilize your understanding of database technologies and SQL to perform database testing and validate data integrity. 5. Conduct performance testing using tools such as JMeter or LoadRunner to assess system scalability, responsiveness, and resource usage. 6. Collaborate with cross-functional teams to integrate automation testing into DevOps and CI/CD pipelines. 7. Troubleshoot and debug automation scripts and frameworks, identifying and resolving issues to ensure reliable test execution. 8. Apply security testing principles and use tools like OWASP ZAP and Burp Suite to identify vulnerabilities and security flaws. 9. Utilize testing frameworks and tools such as Selenium WebDriver, Appium, TestNG, JUnit, and Cucumber to automate various types of tests. 10. Participate in test planning, test case creation, and test execution activities. 11. Document test results, track defects, and provide detailed reports to stakeholders. Requirements: 1. Bachelor's degree in Computer Science, Engineering, or a related field. 2. Proven experience in developing and maintaining automation frameworks for software testing. 3. Strong analytical and problem-solving skills, with keen attention to detail. 4. Excellent communication and collaboration skills, with the ability to work well within a team. 5. Demonstrated leadership abilities, including the ability to lead and manage a testing team. 6. Experience in creating test plans, test scenarios, and test cases based on project requirements. 7. Ability to assign work, provide guidance to team members, and crosscheck their work for quality assurance, code reviews. Job Type: Full-time Pay: ₹600,000.00 - ₹1,000,000.00 per year Benefits: Flexible schedule Leave encashment Provident Fund Work Location: In person Speak with the employer +91 9875952832

Profile - Pen Tester Experience required - 2+ years Location - Dubai We are seeking a experienced VAPT Tester with over 2+ years of hands-on experience in conducting vulnerability assessments and penetration tests across network, web, and mobile platforms. The ideal candidate will have a deep understanding of the latest security threats, vulnerabilities, and mitigation techniques. Key Responsibilities: 1. Vulnerability Assessment: Conduct regular vulnerability assessments on network infrastructure, web applications, and mobile apps. Use a variety of automated tools and manual techniques to identify vulnerabilities. Prioritize vulnerabilities based on risk and potential impact. 2. Penetration Testing: Simulate cyber-attacks on network infrastructure, web applications, and mobile apps to identify security weaknesses. Develop custom scripts and payloads to test the resilience of systems. Document findings and provide recommendations for mitigation. 3. Reporting: Prepare detailed reports on findings, risks, and recommended solutions. Present findings to technical and non-technical stakeholders. 4. Research Development: Stay updated with the latest cybersecurity trends, vulnerabilities, and threats. Test and evaluate new security tools and technologies. Contribute to the organization's knowledge base by documenting new vulnerabilities and attack techniques. 5. Collaboration: Work closely with the development and IT teams to ensure secure coding practices are followed. Assist in security awareness training for staff and stakeholders. Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. Minimum of 2 years of experience in VAPT with a focus on network, web, and mobile platforms. Certifications such as eJPTx, CEH, OSWE, OSCP, GWAPT, or equivalent are preferred. Proficiency in using security tools like Burp Suite, Metasploit, Nessus, Wireshark, etc and Kali Linux. Strong knowledge of web application vulnerabilities (OWASP Top 10) and mitigation techniques. Familiarity with mobile application security testing for both Android and iOS platforms. Experience with cloud platforms and their security considerations is a plus. Skills: Strong analytical and problem-solving skills. Excellent communication and report-writing skills. Ability to work independently and as part of a team. Ethical mindset with a high level of integrity and professionalism. Additional Information we recommend focusing on the following topics: 1. VAPT (Vulnerability Assessment and Penetration Testing) Basics 2. Network Security 3. Mobile Application Security 4. Web Application Security Please ensure you are well-versed in these areas to demonstrate your skills effectively during the interview. Interested candidate can share their resume on recruitment@safeaeon.com

Location: Noida, Uttar Pradesh, India Job ID: R0098886 Date Posted: 2025-07-07 Company Name: HITACHI INDIA PVT. LTD Profession (Job Category): Other Job Schedule: Full time Remote: No Job Description: Job Title: Solution Architect Designation : Senior Company: Hitachi Rail GTS India Location: Noida, UP, India Salary: As per Industry Company Overview: Hitachi Rail is right at the forefront of the global mobility sector following the acquisition. The closing strengthens the company's strategic focus on helping current and potential Hitachi Rail and GTS customers through the sustainable mobility transition – the shift of people from private to sustainable public transport, driven by digitalization. Position Overview: We are looking for a Solution Architect that will be responsible for translating business requirements into technical solutions, ensuring the architecture is scalable, secure, and aligned with enterprise standards. Solution Architect will play a crucial role in defining the architecture and technical direction of the existing system. you will be responsible for the design, implementation, and deployment of solutions that integrate with transit infrastructure, ensuring seamless fare collection, real-time transaction processing, and enhanced user experiences. You will collaborate with development teams, stakeholders, and external partners to create scalable, secure, and highly available software solutions. Job Roles & Responsibilities: Architectural Design : Develop architectural documentation such as solution blueprints, high-level designs, and integration diagrams. Lead the design of the system's architecture, ensuring scalability, security, and high availability. Ensure the architecture aligns with the company's strategic goals and future vision for public transit technologies. Technology Strategy : Select the appropriate technology stack and tools to meet both functional and non-functional requirements, considering performance, cost, and long-term sustainability. System Integration : Work closely with teams to design and implement the integration of the AFC system with various third-party systems (e.g., payment gateways, backend services, cloud infrastructure). API Design & Management : Define standards for APIs to ensure easy integration with external systems, such as mobile applications, ticketing systems, and payment providers. Security & Compliance : Ensure that the AFC system meets the highest standards of data security, particularly for payment information, and complies with industry regulations (e.g., PCI-DSS, GDPR). Stakeholder Collaboration : Act as the technical lead during project planning and discussions, ensuring the design meets customer and business needs. Technical Leadership : Mentor and guide development teams through best practices in software development and architectural principles. Performance Optimization : Monitor and optimize system performance to ensure the AFC system can handle high volumes of transactions without compromise. Documentation & Quality Assurance : Maintain detailed architecture documentation, including design patterns, data flow, and integration points. Ensure the implementation follows best practices and quality standards. Research & Innovation : Stay up to date with the latest advancements in technology and propose innovative solutions to enhance the AFC system. Skills (Mandatory): DotNet (C#), C/C++, Java, ASP.NET Core (C#), Angular, OAuth2 / OpenID Connect (Authentication & Authorization) JWT (JSON Web Tokens) Spring Cloud, Docker, Kubernetes, Relational Databases (MSSQL) Data Warehousing SOAP/RESTful API Design, Redis (Caching & Pub/Sub) Preferred Skills (Good to have): Python, Android SSL/TLS Encryption OWASP Top 10 (Security Best Practices) Vault (Secret Management) Keycloak (Identity & Access Management) Swagger (API Documentation) NoSQL Databases, GraphQL, gRPC, OpenAPI, Istio, Apache Kafka, RabbitMQ, Consul, DevOps & CI/CD Tools Tools & Technologies: UML (Unified Modeling Language) Lucidchart / Draw.io (Diagramming) PlantUML (Text-based UML generation) C4 Model (Software architecture model), Enterprise Architect (Modeling), Apache Hadoop / Spark (Big Data), Elasticsearch (Search Engine), Apache Kafka (Stream Processing), TensorFlow / PyTorch (Machine Learning/AI) Education: Bachelor's or Master’s degree in Computer Science, Information Technology, or a related field. Experience Required: 12+ years of experience in solution architecture or software design. Proven experience with enterprise architecture frameworks (e.g., TOGAF, Zachman). Strong understanding of cloud platforms (AWS, Azure, or Google Cloud). Experience in system integration, API design, microservices, and SOA. Familiarity with data modeling and database technologies (SQL, NoSQL). Strong communication and stakeholder management skills. Preferred: Certification in cloud architecture (e.g., AWS Certified Solutions Architect, Azure Solutions Architect Expert). Experience with DevOps tools and CI/CD pipelines. Knowledge of security frameworks and compliance standards (e.g., ISO 27001, GDPR). Experience in Agile/Scrum environments. Domain knowledge in [insert industry: e.g., finance, transportation, healthcare]. Soft Skills: Analytical and strategic thinking. Excellent problem-solving abilities. Ability to lead and mentor cross-functional teams. Strong verbal and written communication.

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Senior Software Engineer Ahmedabad, India; Hyderabad, India; Islamabad, Pakistan Information Technology 317835 Job Description About The Role: Grade Level (for internal use): 10 The Team: We seek a highly motivated, enthusiastic, and skilled engineer for our Industry Data Solutions Team. We strive to deliver sector-specific, data-rich, and hyper-targeted solutions for evolving business needs. You will be expected to participate in the design review process, write high-quality code, and work with a dedicated team of QA Analysts and Infrastructure Teams. The Impact: Enterprise Data Organization is seeking a Software Developer to create software design, development, and maintenance for data processing applications. This person would be part of a development team that manages and supports the internal & external applications that is supporting the business portfolio. This role expects a candidate to handle any data processing, big data application development. We have teams made up of people that learn how to work effectively together while working with the larger group of developers on our platform. What’s in it for you: Opportunity to contribute to the development of a world-class Platform Engineering team . Engage in a highly technical, hands-on role designed to elevate team capabilities and foster continuous skill enhancement. Be part of a fast-paced, agile environment that processes massive volumes of data—ideal for advancing your software development and data engineering expertise while working with a modern tech stack. Contribute to the development and support of Tier-1, business-critical applications that are central to operations. Gain exposure to and work with cutting-edge technologies, including AWS Cloud and Databricks . Grow your career within a globally distributed team , with clear opportunities for advancement and skill development. Responsibilities: Design and develop applications, components, and common services based on development models, languages, and tools, including unit testing, performance testing, and monitoring, and implementation Support business and technology teams as necessary during design, development, and delivery to ensure scalable and robust solutions Build data-intensive applications and services to support and enhance fundamental financials in appropriate technologies.( C#, .Net Core, Databricsk ,Python, Scala, NIFI , SQL) Build data modeling, achieve performance tuning and apply data architecture concepts Develop applications adhering to secure coding practices and industry-standard coding guidelines, ensuring compliance with security best practices (e.g., OWASP) and internal governance policies. Implement and maintain CI/CD pipelines to streamline build, test, and deployment processes; develop comprehensive unit test cases and ensure code quality Provide operations support to resolve issues proactively and with utmost urgency Effectively manage time and multiple tasks Communicate effectively, especially in writing, with the business and other technical groups Basic Qualifications: Bachelor's/Master’s Degree in Computer Science, Information Systems or equivalent. Minimum 5 to 8 years of strong hand-development experience in C#, .Net Core, Cloud Native, MS SQL Server backend development. Proficiency with Object Oriented Programming. Nice to have knowledge in Grafana, Kibana, Big data, Git Hub, EMR, Terraforms, AI-ML Advanced SQL programming skills Highly recommended skillset in Databricks , Scala technologies. Understanding of database performance tuning in large datasets Ability to manage multiple priorities efficiently and effectively within specific timeframes Excellent logical, analytical and communication skills are essential, with strong verbal and writing proficiencies Knowledge of Fundamentals, or financial industry highly preferred. Experience in conducting application design and code reviews Proficiency with following technologies: Object-oriented programming Programing Languages (C#, .Net Core) Cloud Computing Database systems (SQL, MS SQL) Nice to have: No-SQL (Databricks, Scala, python), Scripting (Bash, Scala, Perl, Powershell) Preferred Qualifications: Hands-on experience with cloud computing platforms including AWS , Azure , or Google Cloud Platform (GCP) . Proficient in working with Snowflake and Databricks for cloud-based data analytics and processing. What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert: If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group), SWP Priority – Ratings - (Strategic Workforce Planning) Job ID: 317835 Posted On: 2025-07-09 Location: Ahmedabad, Gujarat, India

Your role As a Lead QA Engineer, your mission is to [briefly describe the main mission]. You will report to [add Hiring Manager title]. You will describe main responsibility describe main responsibility describe main responsibility To succeed, you will need We encourage you to apply even if you don't meet every single requirement. We value diverse experiences and perspectives and are excited to see what you bring to the role. You have X - X years of experience, working as a XY describe non-negotiable skill describe non-negotiable skill escribe preferred skill escribe preferred skill In return, we offer Culture of trust and accountability Lifelong learning and career growth Innovation powered by people Comprehensive compensation and benefits Health and well-being Job location Option 1: On-Site This role requires you to work on-site at our office in Pune, India (IN). You will be part of a dynamic team and enjoy the benefits of face-to-face collaboration. Option 2: Hybrid This role offers a hybrid working arrangement, allowing you to split your time between working remotely and being on-site at our (insert organization here) in Pune, India (IN). Option 3: Remote This role is fully remote, enabling you to work from anywhere in the world. We value results over location and provide the tools and support you need to succeed from any location. Contact information Talent Acquisition Team: Geeta Singh About Role Join us as a Lead QA Engineer within our Apps and Software Development team, based out of Pune, to deliver end-to-end customized software application testing. We expect you to participate and contribute at every stage of a project, including interacting with internal customers/stakeholders, understanding their requirements, and proposing solutions that best meet their expectations. You will be part of a local team working from the Atlas Copco Pune office but will also have the opportunity to contribute to global project deliveries. You will be a key member of a highly motivated application development team, leading the test automation activities and enabling team members to deliver “first-time-right” application solutions. The Role Testing Strategy Development Define, document, and maintain the overall testing strategy, including unit testing, integration testing, user acceptance testing (UAT) work closely with business stakeholders and product owners and be responsible for writing end-to-end business test cases aligned with user needs and business goals. Establish performance testing protocols to identify and mitigate bottlenecks before production. Define and implement strategies for application security testing to identify vulnerabilities. Drive test automation using tools like Selenium / Playwright to enhance test coverage and efficiency. Design, implement, and maintain automation frameworks, ensuring scripts are integrated into CI/CD pipelines in a DevOps environment. Enable continuous testing by binding automated test scripts to delivery pipelines for immediate feedback Establish and monitor key performance indicators (KPIs) to measure test effectiveness, including defect density, test coverage, and release cycle time, success/failure of test cases Provide regular reports to stakeholders, identifying trends and recommending improvements Collaboration And Leadership Work closely with development, DevOps, and product teams to align testing and release processes with business goals. Provide technical leadership and mentorship to QA, fostering a culture of quality and continuous improvement. Establish metrics to measure the effectiveness of testing and release processes, providing regular reports to stakeholders. Ensure that testing processes comply with industry standards, security requirements, and organizational policies. Maintain documentation and audit trails for all testing activities. To Succeed you need Educational Background: A degree in Computer Science Engineering (B.E., B.Tech, or M.Tech) from a reputed university. Passion for Technology: Strong understanding of software testing concepts and technologies. Agile Experience: Proven experience working within Agile/Scrum teams, including familiarity with Azure DevOps and/or Jira. Minimum 10 years of experience in software testing, release management, or related roles Proven experience with CI/CD tools (e.g., Jenkins, GitLab, Azure DevOps) and test automation frameworks (e.g., Playwright, Selenium). Expertise in Python programming / Shell scripting / JavaScript Hands-on experience with automation tools such as Selenium / Playwright /Cypress etc. Expertise in performance testing tools (e.g., JMeter, LoadRunner) and security testing tools (e.g., OWASP ZAP, Burp Suite). Knowledge of automation practices. Hands-on experience is UI / API / Database testing (Manual as well as automation). Excellent communication and stakeholder management skills. Join Atlas Copco and be part of a team that believes in challenging the status quo and driving innovation in every segment and business we operate. We encourage employees to contribute, grow, and challenge themselves to find a better way. We Offer You Challenging Work Environment: We provide a stimulating environment where you will have the opportunity to work on complex and meaningful projects. Global Impact: Be part of a multinational organization where your work and ideas contribute to both local and global success. Growth & Development: We are dedicated to helping you develop your career by providing opportunities to grow, take on new challenges, and lead initiatives that matter. Innovation Encouraged: Our culture supports challenging the "Status Quo" and fostering new ideas to build tools, frameworks, and applications that make a difference. Collaboration & Support: We work in teams where each person is valued, and where collaboration, mentoring, and support are at the heart of our success City: Pune Last date to apply: 24/07/2025

As a Cybersecurity Specialist you're required to Provide inputs to define cyber governance frameworks and establish governance systems, processes and control systems, Report service level attainment results and provide inputs on improvement opportunities. Work Location: Ahmedabad(On-Site) Educational qualifications: Bachelor’s in Computer Science or related IT-related discipline. Advanced educational qualifications, such as an MBA in Information Systems or a related field. One or more of the following certifications: Certified Information Security Manager (CISM), Certified in Risk Management and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP). Experience: Bachelor’s degree in computer science, Information Security, or related field. 8-10 years of experience in application security, including vulnerability assessment and penetration testing. Strong understanding of secure coding practices and knowledge of common security vulnerabilities. Familiarity with security standards and frameworks such as OWASP, ISO 27001, and NIST . Experience with security testing tools and automation. Relevant certifications such as CEH, AZ500, AWS Security, Kubernetes, IaC are a plus. Excellent communication and collaboration skills. Ability to stay up-to-date with the latest security trends, threats, and technologies Responsibilities Conduct regular security assessments of applications to identify and prioritize vulnerabilities. Perform penetration testing on web and mobile applications to simulate real-world cyber-attacks and uncover potential weaknesses. Review application code to identify and remediate security flaws, ensuring adherence to secure coding practices. Evaluate the overall security architecture of applications and propose improvements to enhance resilience against cyber threats. Automate repetitive security tasks to improve efficiency and coverage. Work closely with cross-functional teams including developers, QA, DevOps, and IT. Strong coding and scripting skills (e.g., Python, Java, JavaScript, TypeScript, etc.); ability to prototype tools or support initiatives directly. Hands on experience on IaC -Infrastructure as Code. Integrate security testing into CI/CD pipelines (DevSecOps). Monitor and respond to security incidents, conducting root cause analysis and implementing corrective actions. Stay up to date with the latest security trends, threats, and technologies to continuously improve the security posture of applications. Build automation scripts to reduce the repetitive task such as reports, attacking scripts, etc Interested to join, Please reach at 9898791075 for further discussion.

Frontend: Strong proficiency in React.js , Redux/Context API, Hooks, and component-based architecture. Experience with Material UI , Tailwind CSS, or other UI frameworks. Solid understanding of responsive design, cross-browser compatibility, and performance tuning. Backend: Expertise in Node.js and Express.js . Experience in building RESTful APIs and microservices. Database: Strong experience with MongoDB including data modeling, indexing, and performance optimization. Additional Skills: Proficient in JavaScript (ES6+), HTML5, CSS3, JSON. Version control using Git (GitHub/GitLab/Bitbucket). Experience with tools like Postman, Swagger, or similar. Familiarity with Agile methodologies (Scrum/Kanban). Basic understanding of security best practices (OWASP, JWT, OAuth). Familiarity with cloud platforms like AWS, Azure, or GCP is a plus.

Required Qualifications & Skills: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related technical field. A Master's degree is a plus. Experience: Minimum of 2 years of hands-on experience in cybersecurity roles (e.g., Security Analyst, Penetration Tester, Security Engineer, Incident Responder) or dedicated cybersecurity training. Proven track record of successfully delivering training to individuals or teams. Technical Skills: Strong knowledge of core cybersecurity domains, including but not limited to: Network Security (Firewalls, IDS/IPS, VPNs, Network Segmentation, TCP/IP) Operating System Security (Windows, Linux, macOS) Vulnerability Assessment & Penetration Testing (VAPT) methodologies and tools (e.g., Kali Linux, Metasploit, Nmap, Burp Suite) Incident Response & Management Security Operations Center (SOC) functions Cryptography and Encryption Cloud Security (AWS, Azure, GCP) Application Security (OWASP Top 10) Security Frameworks and Compliance (e.g., NIST, ISO 27001) Malware Analysis and Digital Forensics (basic understanding) Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and analysis. Familiarity with SIEM solutions and log analysis. Certifications (Highly Preferred): CompTIA Security+ Certified Ethical Hacker (CEH) CompTIA CySA+ Certified Information Systems Security Professional (CISSP) Offensive Security Certified Professional (OSCP) Any other relevant vendor-specific or domain-specific certifications. Soft Skills: Excellent communication, presentation, and public speaking skills. Ability to explain complex technical concepts clearly and concisely to diverse audiences. Strong analytical and problem-solving abilities. High attention to detail and organizational skills. Passion for teaching and a commitment to learner success. Adaptability and willingness to learn new technologies. Strong interpersonal skills and ability to build rapport. Preferred Qualifications: Prior experience in an educational institution or corporate training department. Experience with Learning Management Systems (LMS). Knowledge of local industry needs and cybersecurity landscape in India/Tamil Nadu. What We Offer: Competitive salary and benefits package. Opportunity to work with cutting-edge cybersecurity technologies. A dynamic and supportive work environment. Continuous professional development and upskilling opportunities. The chance to make a significant impact on the next generation of cybersecurity professionals. franchise@elysiumacadmey.org 7845736974 Job Types: Full-time, Permanent Pay: ₹11,710.30 - ₹18,000.00 per month Schedule: Day shift Work Location: In person

POSITION: Technical Architect EXPERIENCE: 12+ years ROLE TYPE: Full time LOCATION: Mumbai/ Chennai YOUR AREA OF KNOWLEDGE AND EXPERTISE: Candidate should have minimum 12+ years of experience in technical and enterprise architecture for large and global mission critical applications. Candidate should have intense flair for technology and have a strong understanding of how banking products operate in the global market. Deep understanding of Cloud Native Technologies, Microservices Architecture, PostgreSQL, Apache Kafka, Active MQ, Spring Cloud/Boot, Java and Angular with knowledge in BFSI domain As the enterprise product architect would be responsible for creating and maintaining a common set of architecture standards and principles to be followed by all the product lines. Candidate should have excellent communication skills and be able to lead a vibrant team of architects and effectively work with the development community. Candidate should be able to represent the company in Solution integration discussions with the Bank during implementations, participate in technical discussions and in CXO level customer engagements. Experience in large enterprise systems in banking or financial sector is a must. Experience working with AWS, Azure, or the Google cloud platforms in engineering role Certified in at least one public cloud beneficial Experience working with Private Cloud platforms based on AWS, VMware, Microsoft, or OpenStack technology Skills Required: - AWS or Azure cloud certifications, preferably knowledgeable in AWS Well Architected and Azure Well Architected frameworks architecting & running web and enterprise microservices based platforms on Azure/AWS/Google/On prem clouds - Kubernetes and/or Openshift platforms. - tech stack including Messaging, Kafka, PostgreSQL - security aspects Authentication (OAuth2, SAML etc), Authorisation (JWT, OIDC), Data security, OWASP etc - integration using modern API / Event based flows as well as with legacy applications using Files/Messages YOUR ROLES & RESPONSIBILITIES Enterprise Architecture Governance Standardize, layout, and maintain the enterprise architecture for the entire iGTB product suite in line with the business vision. Establish a governance framework to ensure adherence to architecture guidelines across the organization. Technology Innovation Stay updated on emerging technologies and continuously evaluate their potential to enhance architecture and increase the business value of products. Tool & Quality Evaluation Identify and recommend tools that improve code quality, productivity, and defect prevention throughout the application lifecycle. Architectural Evangelism Promote the adoption of new architectural practices and tools across the development community within the organization. Design Leadership Participate in the design of individual products to ensure technical excellence and alignment with overall architectural principles. Performance & Security Assurance Oversee independent performance and security testing of applications. Partner with accredited labs to obtain third-party certifications when necessary. Customer Engagement Support Participate in pre-sales and post-production customer engagements to positively influence client perception of product superiority. Troubleshooting & Continuous Learning Support teams in issue resolution and feed learning back into the architecture for continuous improvement. Automation Strategy Lead automation initiatives for the product line, including recommending appropriate tools, architectural frameworks, and processes. REQUIRED QUALIFICATION Any graduate degree Experience: [To be specified by recruiter] PREFERRED QUALIFICATION Bachelor's Degree in Engineering or a related technical field

Location: India- Pune (Amdocs Site) In one sentence Secures enterprise information by developing, implementing, and enforcing security controls, safeguards, policies, and procedures. All you need is... Bachelor’s degree in computer science, Information Security, or related field (or equivalent experience). 3+ years of hands-on experience in information security, with a focus on threat detection, penetration testing, and AI-driven security solutions. Demonstrated experience working in financial or SaaS security environments (e.g., PCI DSS, SOC 2, ISO 27001). Advanced knowledge of networking protocols, encryption, firewalls, IDS/IPS, and VPNs. Strong experience with cloud platforms (AWS, GCP, or Azure), including security configurations, monitoring, and automation. Hands-on experience with security tools such as EDR, SIEM (Splunk, ElasticSearch, etc.), vulnerability scanners (Nessus, Qualys), and threat intelligence platforms. Practical experience in penetration testing (e.g., OWASP Top 10, API testing) and red teaming. Expertise in scripting languages (Python, PowerShell) and automation tools. Security Certifications: CEH (Certified Ethical Hacker), CISSP, CISA, or equivalent certifications (required). Additional certifications in cloud security (AWS Certified Security Specialty, etc.) or AI/ML for security (optional but preferred). What will your job look like? Proactively monitor and assess emerging threats using advanced AI-driven tools. Analyze identified threats and develop effective remediation plans to minimize risk to critical systems and data. Lead proactive threat hunts leveraging AI, machine learning models, and automation tools. Identify Indicators of Compromise (IOCs) and detect patterns to anticipate future attacks. Perform advanced penetration testing exercises to identify vulnerabilities, misconfigurations, and weaknesses in systems. Collaborate in purple team exercises to validate security measures and improve resilience. Participate in risk assessments, ensuring compliance with financial industry regulations (e.g., PCI DSS, SOC 2) and internal security policies. Provide guidance on mitigating risks through the integration of AI-based security solutions. Lead the investigation and response to security incidents. Utilize machine learning and EDR tools to perform in-depth analysis of malware, root causes, and attack methodologies. Conduct continuous monitoring using SIEM (Security Information and Event Management), AI-driven anomaly detection systems, and advanced analytics tools to detect and respond to security events. Collaborate with SecDevOps and Engineering teams to automate security controls, incident responses, and vulnerability management using AI and advanced scripting (Python, PowerShell). Work closely with teams across the organization to integrate security at every stage of development (DevSecOps), ensuring secure cloud infrastructure, services, and APIs. Deep involvement in securing public cloud environments (AWS, Azure, GCP), leveraging AI tools to detect misconfigurations, vulnerabilities, and unauthorized access attempts. Support penetration testing efforts, identifying vulnerabilities within cloud and on-premise infrastructure. Lead and contribute to purple team engagements to test and improve defensive capabilities. Stay current with the latest AI, machine learning, and cybersecurity trends. Actively research emerging threats and innovative tools to protect the organization’s assets. Evaluate and implement third-party security tools, AI-based solutions, and threat intelligence platforms to enhance security posture and detection capabilities. Use AI and behavioral analytics to proactively detect threats that evade traditional security solutions. Develop custom threat detection algorithms where needed. Leverage threat intelligence feeds, machine learning models, and threat-hunting tools to proactively identify and mitigate risks from advanced persistent threats (APTs).

As a Fullstack SDE - II at NxtWave, you Build applications at a scale and see them released quickly to the NxtWave learners (within weeks )Get to take ownership of the features you build and work closely with the product tea mWork in a great culture that continuously empowers you to grow in your caree rEnjoy freedom to experiment & learn from mistakes (Fail Fast, Learn Faster )NxtWave is one of the fastest growing edtech startups. Get first-hand experience in scaling the features you build as the company grows rapidl yBuild in a world-class developer environment by applying clean coding principles, code architecture, etc .Responsibilitie sLead design and delivery of complex end-to-end features across frontend, backend, and data layers .Make strategic architectural decisions on frameworks, datastores, and performance patterns .Review and approve pull requests, enforcing clean-code guidelines, SOLID principles, and design patterns .Build and maintain shared UI component libraries and backend service frameworks for team reuse .Identify and eliminate performance bottlenecks in both browser rendering and server throughput .Instrument services with metrics and logging, driving SLIs, SLAs, and observability .Define and enforce comprehensive testing strategies: unit, integration, and end-to-end .Own CI/CD pipelines, automating builds, deployments, and rollback procedures .Ensure OWASP Top-10 mitigations, WCAG accessibility, and SEO best practices .Partner with Product, UX, and Ops to translate business objectives into technical roadmaps .Facilitate sprint planning, estimation, and retrospectives for predictable deliveries .Mentor and guide SDE-1s and interns; participate in hiring .Qualifications & Skill s3–5 years building production Full stack applications end-to-end with measurable impact .Proven leadership in Agile/Scrum environments with a passion for continuous learning .Deep expertise in React (or Angular/Vue) with TypeScript and modern CSS methodologies .Proficient in Node.js (Express/NestJS) or Python (Django/Flask/FastAPI) or Java (Spring Boot) .Expert in designing RESTful and GraphQL APIs and scalable database schemas .Knowledge of MySQL/PostgreSQL indexing, NoSQL (ElasticSearch/DynamoDB), and caching (Redis) .Knowledge of Containerization (Docker) and commonly used AWS services such as lambda, ec2, s3, api gateway etc .Skilled in unit/integration (Jest, pytest) and E2E testing (Cypress, Playwright) .Frontend profiling (Lighthouse) and backend tracing for performance tuning .Secure coding: OAuth2/JWT, XSS/CSRF protection, and familiarity with compliance regimes .Strong communicator able to convey technical trade-offs to non-technical stakeholders .Experience in reviewing pull requests and providing constructive feedback to the team .Qualities we'd love to find in you : The attitude to always strive for the best outcomes and an enthusiasm to deliver high quality softwa reStrong collaboration abilities and a flexible & friendly approach to working with tea msStrong determination with a constant eye on solutio nsCreative ideas with problem solving mind-s etBe open to receiving objective criticism and improving upon itEagerness to learn and zeal to gr owStrong communication skills is a huge pl usWork Location : Hyderab ad About Nxt WaveNxtWave is one of India’s fastest-growing ed-tech startups, revolutionizing the 21st-century job market. NxtWave is transforming youth into highly skilled tech professionals through its CCBP 4.0 programs, regardless of their educational backgro und.NxtWave is founded by Rahul Attuluri (Ex Amazon, IIIT Hyderabad), Sashank Reddy (IIT Bombay) and Anupam Pedarla (IIT Kharagpur). Supported by Orios Ventures, Better Capital, and Marquee Angels, NxtWave raised $33 million in 2023 from Greater Pacific Capi tal.As an official partner for NSDC (under the Ministry of Skill Development & Entrepreneurship, Govt. of India) and recognized by NASSCOM, NxtWave has earned a reputation for excelle nce.Some of its prestigious recognitions incl ude:Technology Pioneer 2024 by the World Economic Forum, one of only 100 startups chosen glob ally‘Startup Spotlight Award of the Year’ by T-Hub in 2023‘Best Tech Skilling EdTech Startup of the Year 2022’ by Times Business Aw ards‘The Greatest Brand in Education’ in a research-based listing by URS M ediaNxtWave Founders Anupam Pedarla and Sashank Gujjula were honoured in the 2024 Forbes India 30 Under 30 for their contributions to tech educa tionNxtWave breaks learning barriers by offering vernacular content for better comprehension and retention. NxtWave now has paid subscribers from 650+ districts across India. Its learners are hired by over 2000+ companies including Amazon, Accenture, IBM, Bank of America, TCS, Deloitte and m ore. Know more about NxtW ave: https://www.cc bp.inRead more about us in the ne ws – Economic Times | CNBC | YourStory | VCC ircle

As a Fullstack SDE - II at NxtWave, you Build applications at a scale and see them released quickly to the NxtWave learners (within weeks) Get to take ownership of the features you build and work closely with the product team Work in a great culture that continuously empowers you to grow in your career Enjoy freedom to experiment & learn from mistakes (Fail Fast, Learn Faster) NxtWave is one of the fastest growing edtech startups. Get first-hand experience in scaling the features you build as the company grows rapidly Build in a world-class developer environment by applying clean coding principles, code architecture, etc. Responsibilities Lead design and delivery of complex end-to-end features across frontend, backend, and data layers. Make strategic architectural decisions on frameworks, datastores, and performance patterns. Review and approve pull requests, enforcing clean-code guidelines, SOLID principles, and design patterns. Build and maintain shared UI component libraries and backend service frameworks for team reuse. Identify and eliminate performance bottlenecks in both browser rendering and server throughput. Instrument services with metrics and logging, driving SLIs, SLAs, and observability. Define and enforce comprehensive testing strategies: unit, integration, and end-to-end. Own CI/CD pipelines, automating builds, deployments, and rollback procedures. Ensure OWASP Top-10 mitigations, WCAG accessibility, and SEO best practices. Partner with Product, UX, and Ops to translate business objectives into technical roadmaps. Facilitate sprint planning, estimation, and retrospectives for predictable deliveries. Mentor and guide SDE-1s and interns; participate in hiring. Qualifications & Skills 3–5 years building production Full stack applications end-to-end with measurable impact. Proven leadership in Agile/Scrum environments with a passion for continuous learning. Deep expertise in React (or Angular/Vue) with TypeScript and modern CSS methodologies. Proficient in Node.js (Express/NestJS) or Python (Django/Flask/FastAPI) or Java (Spring Boot). Expert in designing RESTful and GraphQL APIs and scalable database schemas. Knowledge of MySQL/PostgreSQL indexing, NoSQL (ElasticSearch/DynamoDB), and caching (Redis). Knowledge of Containerization (Docker) and commonly used AWS services such as lambda, ec2, s3, api gateway etc. Skilled in unit/integration (Jest, pytest) and E2E testing (Cypress, Playwright). Frontend profiling (Lighthouse) and backend tracing for performance tuning. Secure coding: OAuth2/JWT, XSS/CSRF protection, and familiarity with compliance regimes. Strong communicator able to convey technical trade-offs to non-technical stakeholders. Experience in reviewing pull requests and providing constructive feedback to the team. Qualities we'd love to find in you: The attitude to always strive for the best outcomes and an enthusiasm to deliver high quality software Strong collaboration abilities and a flexible & friendly approach to working with teams Strong determination with a constant eye on solutions Creative ideas with problem solving mind-set Be open to receiving objective criticism and improving upon it Eagerness to learn and zeal to grow Strong communication skills is a huge plus Work Location: Hyderabad About NxtWave NxtWave is one of India’s fastest-growing ed-tech startups, revolutionizing the 21st-century job market. NxtWave is transforming youth into highly skilled tech professionals through its CCBP 4.0 programs, regardless of their educational background. NxtWave is founded by Rahul Attuluri (Ex Amazon, IIIT Hyderabad), Sashank Reddy (IIT Bombay) and Anupam Pedarla (IIT Kharagpur). Supported by Orios Ventures, Better Capital, and Marquee Angels, NxtWave raised $33 million in 2023 from Greater Pacific Capital. As an official partner for NSDC (under the Ministry of Skill Development & Entrepreneurship, Govt. of India) and recognized by NASSCOM, NxtWave has earned a reputation for excellence. Some of its prestigious recognitions include: Technology Pioneer 2024 by the World Economic Forum, one of only 100 startups chosen globally ‘Startup Spotlight Award of the Year’ by T-Hub in 2023 ‘Best Tech Skilling EdTech Startup of the Year 2022’ by Times Business Awards ‘The Greatest Brand in Education’ in a research-based listing by URS Media NxtWave Founders Anupam Pedarla and Sashank Gujjula were honoured in the 2024 Forbes India 30 Under 30 for their contributions to tech education NxtWave breaks learning barriers by offering vernacular content for better comprehension and retention. NxtWave now has paid subscribers from 650+ districts across India. Its learners are hired by over 2000+ companies including Amazon, Accenture, IBM, Bank of America, TCS, Deloitte and more. Know more about NxtWave: https://www.ccbp.in Read more about us in the news – Economic Times | CNBC | YourStory | VCCircle

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.