Job description Position Title: Junior Security Analyst Location: Katargam, Surat Department: VAPT *Preferred local candidates* Job Summary: As a Junior Security Analyst, you will be responsible for assisting and work closely with the senior security team to identify security threats, and vulnerabilities. Responsibilities : Conduct vulnerability assessments on web applications, networks, and systems. Perform penetration testing to identify security weaknesses. Participate in security awareness and training sessions. Opportunity to learn and grow in the cybersecurity field. Hands-on experience with industry-standard tools and methodologies. Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. Basic understanding of network protocols (TCP/IP, HTTP, etc.). Familiarity with operating systems (Windows, Linux). Knowledge of security concepts and best practices. Experience with tools like Nmap, Burp Suite, OWASP ZAP, etc. (preferred but not mandatory). Job Type: Full-time Schedule: Day shift Monday to Friday Work Location: In person

About Zeller At Zeller, we’re champions for businesses of all sizes, and proud to be a fast-growing Australian scale-up taking on the ambitious goal of reimagining business banking and payments. We believe in a level playing field, where all businesses benefit from access to smarter payments and financial services solutions that accelerate their cash flow, help them get paid faster, and give them a better understanding of their finances. So we’re hard at work building the tools to make it happen. Zeller is growing fast, backed by leading VCs, and brings together a global team of passionate payment and tech industry professionals. With an exciting roadmap of innovative new products under development, we are building a high performing team to take on the outdated banking solutions. If you are passionate about innovation, thrive in fast-paced environments, embrace a challenge, hate bureaucracy, and can’t think of anything more exciting than disrupting the status-quo, then read on to learn more. Job Description Zeller has an exciting opportunity for a talented QA Assurance + Automation Engineer to join our growing Payment Gateway team to be responsible for ensuring quality deliveries of Zeller’s Payment Gateway Services. What You’ll Be Doing QA assurance and automation to payment gateway service (Switch, API, Card Vaults … etc) Flex between manual testing and automation procedures Uncover tricky edge cases with your keen eye for detail Develop and extend QA processes to ensure zero regression defects Collaborate with a cross-functional team of full-stack engineers, DevOps specialists, and architects Black box, Grey Box testings Development of test automation frameworks, support and refactoring Translate business requirements into technical designs Implement, test, and deploy solutions across various environments Constantly keep pace with the evolutions of the software applications and architecture in order to keep the test cases and automation up to date. Your Qualifications & Experience Minimum of a Bachelor degree in software engineering (or related) 4+ years of working experience in a technical hands on software engineering role Proficiency in Java 17+, REST Assured, Gradle, and JUnit 5+ Experience and engineering skills in multi-threaded Java backend, API, SQL database development. Familiar with cloud native architectures with mix utilisation of serverless (Lambda, DynamoDB) and container based (ECS, Docker) environments. Experience with cloud-native architectures (AWS preferred) Knowledge of secure coding practices (OWASP, XSS, CORS) Familiarity with CI/CD pipelines and version control (Git) Background in developing high-load production systems (99.999% SLA) Demonstrable experiences in developing mission-critical systems Your attributes Loves challenging the status-quo Ability to work autonomously yet collaboratively Prepared to be bold yet consistent with your engineering principles Logical, ethnical, mature and responsible Fast learner, humble and loves to share knowledge Calm and exercises positive level of stress in exceptional circumstances such as; production issues, timeline requirements Bonus points Experience in working within a high-growth environment Experience in other cloud platforms (Azure, Google) Experience in other programming languages Experience with PCI compliant environments (PCI-DSS, etc) Like the rest of our team, you will benefit from Competitive remuneration A balanced, progressive, and supportive work environment; Excellent parental leave and other leave entitlements; Fully remote role Annual get together with the team Endless learning and development opportunities; Plenty of remote friendly fun and social opportunities - we love to come together as a team; An ability to influence and shape the future of Zeller as our company scales both domestically and globally; Being part of one of Australia’s most exciting scale-ups. Show more Show less

Job Description - React.js We are seeking an experienced Senior ReactJS Developer to join our dynamic development team. The ideal candidate will have a strong background in front-end technologies, with a particular focus on ReactJS and modern JavaScript frameworks. As a Senior ReactJS Developer, you will be responsible for building high-performance, scalable, and maintainable user interfaces, leading front-end development efforts, and collaborating with cross-functional teams to ensure the delivery of exceptional web applications. Key Responsibilities:- Effectively manage incoming requests from internal and external stakeholders, ensuring tasks are properly prioritized and assigned to the appropriate team members. Contribute to the knowledge management process, ensuring that key learnings, best practices, and technical documentation are accessible and up-to-date. Maintain high-quality standards by following rigorous unit testing practices and adhering to code standards and application architecture guidelines. Maintain a focus on code reusability and reducing unnecessary churn by ensuring that code changes are deliberate, tested, and optimized for future use. Adapt to new domains, projects, clients, and technologies as needed, ensuring smooth transitions and effective execution across various projects. Lead the code review process, ensuring that team members are following code standards and best practices. Participate in peer reviews, both manual and automated. Apply knowledge of agile project management practices to ensure smooth execution of sprints and overall project delivery. Manage the deployment process, ensuring that all applications are deployed correctly across multiple stages and environments. Ensure that security best practices are followed within the code, and that security vulnerabilities are identified and mitigated throughout the development lifecycle. Skills and Qualifications:- React.js experience with a proven track record of developing large-scale applications. Strong proficiency in JavaScript, including ES6+ features and modern JavaScript development practices. Deep understanding of React.js, including React Hooks, React Router, and state management using Redux. Experience with unit testing frameworks such as Jest or Mocha and a strong understanding of test-driven development (TDD). Familiarity with CSS frameworks, pre-processors like SASS, and CSS-in-JS solutions like Styled Components or Emotion. Experience with Agile methodologies and using tools like Jira and Confluence to manage tasks and document progress. Expertise in Git for version control and experience with code review processes. Experience deploying applications in a cloud environment (AWS, GCP, or Azure) and managing CI/CD pipelines. Strong understanding of security principles, such as OWASP best practices, and how to apply them in code. Solid understanding of RESTful APIs and working with back-end developers to integrate services into the front-end.

WE ARE HIRING – PENETRATION TESTER Take your ethical hacking skills to the next level! Are you passionate about cybersecurity and ready to challenge real-world threats? We’re looking for skilled Penetration Testers to join our growing InfoSec team. At Proven Infosec, you’ll work on a wide range of projects including web applications, networks, cloud infrastructure and mobile security assessments for clients across various industries. What You’ll Do: ✅ Perform VAPT (Vulnerability Assessment & Penetration Testing) ✅ Simulate real-world cyber attacks ✅ Identify and report security vulnerabilities ✅ Stay updated on the latest exploits, tools and techniques Must-Have Skills: 🔸 1–2 years of hands-on experience in penetration testing 🔸 Strong understanding of OWASP Top 10, network & application security 🔸 Proficiency in tools like Burp Suite, Metasploit, Nmap, Nessus, etc. 🔸 Certifications preferred: CPENT, OSCP, CEH or equivalent 🔸 Excellent analytical, reporting and communication skills Ready to (ethically) hack your way into our team? 📧 Send your resume to office@proveninfosec.com 🌐 Learn more: www.proveninfosec.com Show more Show less

Technical Skills Languages: C# Frameworks: .NET 8 Cloud: Azure(App Service, Key Vault, Application Gateway, Application Insights, etc.) Databases: SQL Server Tools: Azure Devop, SonarQube Unit Test : Xunit , nUnit Concepts: Microservices, OOPS, SOLID Principles, RESTful APIs, Security (OWASP Top 10) Requirements At least 7+ years of Experience with the .NET/C# technology stack. Experience creating and consuming REST based APIs using .NET 8. Design, develop, and maintain microservices using .NET8, SQL, REST, and EF Core Able to employ best practices for designing reusable code and scalability. Proficient in object-oriented design (OOD) using SOLID design principles and patterns. Experience in delivering high quality products on time while working in Agile Teams and following Agile methodologies. Unit testing with Xunit or nUnit Nice to haves Develop and maintain Azure services (e.g. App Services, Azure key vault, Azure Pipelines, Application Insights). Understanding of cloud computing technologies, business drivers, and emerging computing trends. Good understanding of CI/CD Experience with SQL Database with stored procedures. Responsibilities Work in Agile teams to deliver high quality products on time with performance and requirements in mind. Build, test and deliver high quality systems Show more Show less

SN Required Information Details Role Cloud DevOps Engineer- Skills:AWS DevOps,Kubernetes,Terraform Desired Experience Range -8 to 12yrs Location of Requirement -Chennai Desired Skills -Technical/Behavioral Primary Skill Maintains in depth knowledge of the AWS DevOps cloud platforms, provides detailed advice regarding their application, and executes specialized tasks Core experience in AWS CI experience (Git, Jenkins, GitLab), Bash, PowerShell Build automation Container experience in Docker Aws DevOps CKA and CKAD Certifications Knowledge to worked extensively on CI image building with both Linux and Windows containers Should have the best standards knowledge on CI Image building process for both Linux and windows containers Significant experience with SaaS and web-based technologies Skilled with Continuous Integration and Continuous Deployments using AWS Devops Services. Skilled to automate Python, or Bash is an added advantage. Skilled with containerization platforms using Docker & Kubernetes. Familiar with architecture/design patterns and re-usability concepts. Skilled in SOLID design principles and TDD. Familiar with Application Security via OWASP Top 10 and common mitigation strategies. Detailed knowledge of database design and object/relational database technology. Good experience in MS Fabric AWS DevOps Implementation: Lead the design and implementation of CI/CD pipelines using AWS DevOps. Configure and manage build agents, release pipelines, and deployment environments in AWS DevOps. Establish and maintain robust CI processes to automate code builds, testing, and deployment. Integrate automated testing into CI pipelines for comprehensive code validation. Continuous Integration: Infrastructure as Code (IaC) -Terraform Utilize Infrastructure as Code principles to manage and provision infrastructure components on AWS. Implement and maintain IaC templates Monitoring and Optimization: Implement monitoring and logging solutions to track the performance and reliability of CI/CD pipelines. Continuously optimize CI/CD processes for efficiency, speed, and resource utilization. Security and Compliance Implement security best practices within CI/CD pipelines. Ensure compliance with industry standards and regulatory requirements in CI/CD processes. Troubleshooting and Support Provide expert-level support for CI/CD-related issues. Troubleshoot and resolve build and deployment failures promptly Secondary Skill Good knowledge of ITIL process Show more Show less

Experience : 7.00 + years Salary : USD 45000.00 / year (based on experience) Expected Notice Period : 15 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Contract for 12 Months(40 hrs a week/160 hrs a month) (*Note: This is a requirement for one of Uplers' client - A Renowned Hiring Product Company from USA) What do you need for this opportunity? Must have skills required: Ansible, Azure bicep, Azure Well-Architected Framework, GitHub/Azure DevOps, PowerShell, SOC 2, C#/.NET, CI/CD, IAC, Next Js, OWASP security practices, react, Azure, Postgre SQL, Type Script A Renowned Hiring Product Company from USA is Looking for: Senior Full Stack & Cloud Engineer We’re looking for a Senior Full Stack & Cloud Engineer to join our dynamic and globally distributed team. This hybrid role blends deep expertise in software engineering (primarily backend and frontend development) with solid cloud engineering skills, particularly in Microsoft Azure. If you're passionate about modern software architecture, migrating legacy systems, and building robust, cloud-native applications, we want to hear from you! Key Responsibilities (Software Engineering): Lead the migration of a legacy Ruby on Rails codebase to C# .NET WebAPI, ensuring performance, scalability, and maintainability. Design and develop RESTful APIs and backend services using C# .NET WebApi. Build dynamic, responsive front-end applications using Next.js or React. Engineer robust and optimized databases using PostgreSQL, ensuring data integrity and high performance. Implement DevOps best practices, including CI/CD, feature flagging, and Infrastructure as Code (IaC). Write automated test suites using frameworks like Selenium or Playwright. Collaborate with cross-functional teams including product managers, designers, and engineers. Use AI-powered tools (e.g., Caliplot, Azure AI) to streamline workflows and enhance application functionality. Mentor junior developers and conduct thorough code reviews to uphold coding standards. Follow OWASP Top 10 guidelines for secure development. Key Responsibilities (Cloud Engineering): Design and manage highly available Azure-based cloud infrastructure using Infrastructure as Code (IaC) tools like Azure Bicep and PowerShell. Support the transition from AWS to Azure, moving workloads from IaaS to managed services. Maintain and monitor systems using telemetry tools such as Datadog, ensuring 99.99% uptime. Build and maintain secure CI/CD pipelines using GitHub Actions or Azure DevOps. Implement automated self-healing workflows to support 24x7 uptime. Stay up to date with the latest Azure services and DevSecOps practices. Required Skills: 7+ years of experience in backend development with C# .NET WebApi Strong frontend experience using React or Next.js Expertise in PostgreSQL with a solid understanding of database tuning and integrity Proven experience in migrating legacy applications (preferably from Ruby on Rails) Solid grasp of OWASP security practices and modern authentication protocols (OAuth/JWT) Experience with CI/CD, feature toggling, and automated deployments Hands-on experience with IaC and cloud platforms (Azure preferred) Familiarity with AI-enhanced development tools Excellent communication skills in English — written and spoken Ability to collaborate across time zones with US-based team members Preferred Skills: Familiarity with Ansible or other configuration management tools Experience with Azure Bicep, PowerShell, and GitHub/Azure DevOps Understanding of Azure Well-Architected Framework Experience working with compliance standards such as SOC 2 Knowledge of TypeScript for full-stack consistency Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, or a related field Master’s degree preferred Engagement Type: Job Type: Contract for 1 year - High Chances of contract extension Location: 100% Remote Working time: 9:00 AM to 6 :00 PM Interview Process: 3 rounds How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you! Show more Show less

Experience : 7.00 + years Salary : USD 45000.00 / year (based on experience) Expected Notice Period : 15 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Contract for 12 Months(40 hrs a week/160 hrs a month) (*Note: This is a requirement for one of Uplers' client - A Renowned Hiring Product Company from USA) What do you need for this opportunity? Must have skills required: Ansible, Azure bicep, Azure Well-Architected Framework, GitHub/Azure DevOps, PowerShell, SOC 2, C#/.NET, CI/CD, IAC, Next Js, OWASP security practices, react, Azure, Postgre SQL, Type Script A Renowned Hiring Product Company from USA is Looking for: Senior Full Stack & Cloud Engineer We’re looking for a Senior Full Stack & Cloud Engineer to join our dynamic and globally distributed team. This hybrid role blends deep expertise in software engineering (primarily backend and frontend development) with solid cloud engineering skills, particularly in Microsoft Azure. If you're passionate about modern software architecture, migrating legacy systems, and building robust, cloud-native applications, we want to hear from you! Key Responsibilities (Software Engineering): Lead the migration of a legacy Ruby on Rails codebase to C# .NET WebAPI, ensuring performance, scalability, and maintainability. Design and develop RESTful APIs and backend services using C# .NET WebApi. Build dynamic, responsive front-end applications using Next.js or React. Engineer robust and optimized databases using PostgreSQL, ensuring data integrity and high performance. Implement DevOps best practices, including CI/CD, feature flagging, and Infrastructure as Code (IaC). Write automated test suites using frameworks like Selenium or Playwright. Collaborate with cross-functional teams including product managers, designers, and engineers. Use AI-powered tools (e.g., Caliplot, Azure AI) to streamline workflows and enhance application functionality. Mentor junior developers and conduct thorough code reviews to uphold coding standards. Follow OWASP Top 10 guidelines for secure development. Key Responsibilities (Cloud Engineering): Design and manage highly available Azure-based cloud infrastructure using Infrastructure as Code (IaC) tools like Azure Bicep and PowerShell. Support the transition from AWS to Azure, moving workloads from IaaS to managed services. Maintain and monitor systems using telemetry tools such as Datadog, ensuring 99.99% uptime. Build and maintain secure CI/CD pipelines using GitHub Actions or Azure DevOps. Implement automated self-healing workflows to support 24x7 uptime. Stay up to date with the latest Azure services and DevSecOps practices. Required Skills: 7+ years of experience in backend development with C# .NET WebApi Strong frontend experience using React or Next.js Expertise in PostgreSQL with a solid understanding of database tuning and integrity Proven experience in migrating legacy applications (preferably from Ruby on Rails) Solid grasp of OWASP security practices and modern authentication protocols (OAuth/JWT) Experience with CI/CD, feature toggling, and automated deployments Hands-on experience with IaC and cloud platforms (Azure preferred) Familiarity with AI-enhanced development tools Excellent communication skills in English — written and spoken Ability to collaborate across time zones with US-based team members Preferred Skills: Familiarity with Ansible or other configuration management tools Experience with Azure Bicep, PowerShell, and GitHub/Azure DevOps Understanding of Azure Well-Architected Framework Experience working with compliance standards such as SOC 2 Knowledge of TypeScript for full-stack consistency Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, or a related field Master’s degree preferred Engagement Type: Job Type: Contract for 1 year - High Chances of contract extension Location: 100% Remote Working time: 9:00 AM to 6 :00 PM Interview Process: 3 rounds How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you! Show more Show less

Job Description: Provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Ensuring team's adherence to SOPs, training and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable and conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff. Malware Analysis SIEM (Splunk) Software-defined (Cloud) Network Security Endpoint Security Protection Data Loss Prevention Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis and providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards Execute daily security technology administration functions Perform Root Cause Analysis (RCA) on applicable technology Validate quality of dashboards and alerts and suggest updates to reflect new threats and changes in the monitored environment Support the Security Operations team in its efforts on various technology projects and operational initiatives Work as a part of a team to ensure that Guardian customers' data, technology platforms, and infrastructure are available and safeguarded from cyber threats Follow ITIL practices regarding incident, problem, and change management Stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements Required Qualifications Being curious and desire to analyze anomalies Desire and passion to learn and grow in Cybersecurity Customer-focused demeanor Minimum 4-6 years of proven experience in building and operating security controls in at least two of the following domains: Network/Perimeter Security, including Next-Gen firewalls, intrusion prevention systems, proxies, and Web Application firewalls (WAFs) Enterprise Endpoint (host-based) Security DLP and Secure Data Transmission, Storage, and Access Identity and Access Management / User Behavior Analytics Understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems SIEM management: Senior SOC Engineers must have extensive experience in managing SIEM systems, including configuring, tuning, and optimizing them for maximum efficiency. Endpoint security: They must have a deep understanding of endpoint security solutions, including antivirus, anti-malware, and intrusion prevention systems. Security incident handling: Senior SOC Engineers must have experience in handling security incidents, including identifying the source of the threat, containing it, and preventing further damage. Data Loss Prevention (DLP): They must have experience in implementing and managing DLP solutions to prevent data breaches. Threat intelligence: They must stay up-to-date with the latest security threats and trends, and use this information to improve the organization's security posture. Team management: Senior SOC Engineers must lead and manage the security operations center team, including hiring, training, and mentoring team members. Documentation: They must ensure that all security events, incidents, and responses are properly documented for future reference and analysis. Collaboration: Senior SOC Engineers must work closely with other IT teams, including network engineers, system administrators, and application developers, to ensure that all systems are secure. Continuous improvement: They must continuously evaluate and improve the organization's security posture by implementing new technologies, processes, and procedures. Requirements for a Senior SOC Engineer typically include a bachelor's degree in computer science or a related field, along with relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH). Strong leadership skills, analytical skills, attention to detail, and the ability to work well under pressure are also essential. Ability to effectively work in a team, as well as to be an independent contributor on select projects Preferred Qualifications Recognized Security Industry and Public Cloud IaaS certifications Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.) Familiarity with ITIL; experience with incident, problem, change, and risk management Location: This position can be based in any of the following locations: Gurgaon Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday Show more Show less

Seeking a skilled security tester (3–6 yrs) to perform VAPT, threat modeling, and configuration reviews across web, mobile apps, servers, and networks. Strong hands-on with tools like Burp Suite, Nessus, Qualys, and Kali Linux. Must know OWASP Top 10. CEH/OSCP/CPTE certified Designation - Sr. Executive/ AM Location - Prabhadevi Mumbai Work - Work from Office Key Responsibilities Conduct thorough testing of Web Applications to identify Vulnerabilities and Weaknesses. Perform vulnerability assessments to identify potential security risks and provide recommendations for remediation. Create and maintain secure configuration documentation to ensure proper configuration and alignment with industry best practices. Conduct vulnerability assessment of servers/devices OS, Database and Middleware of multiple technologies windows and non- windows Configuration Review for OS, Database, Middleware, Network devices, Security Devices, and as per CIS benchmark. Web application security assessments, including manual testing and analysis, hands on use of automated web application vulnerability scanning/testing tools. Carry out Mobile application testing for Android and iOS by utilizing SAST & DAST methodologies. Perform Threat Modelling for new and existing applications. Experience 3-6 years post BCA/ B.Sc. (Computers)/ B.Tech. / MCA / M.Tech. etc. Technical Skills Familiar with tools like Nessus, QualysGaurd, Tenable, Burp suite, Wireshark, Postman, Frida, Kali Linux, etc. Owasp Top 10 and Security Concepts Vulnerability Management Vulnerability Assessment and Penetration Testing (VAPT) Certification OSCP Certified Ethical Hacker [CEH v12] Certified Penetration Testing Expert [CPTE] Certified Information Security & Ethical Hacker [CISEH] Show more Show less

Experience : 7.00 + years Salary : USD 45000.00 / year (based on experience) Expected Notice Period : 15 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Contract for 12 Months(40 hrs a week/160 hrs a month) (*Note: This is a requirement for one of Uplers' client - A Renowned Hiring Product Company from USA) What do you need for this opportunity? Must have skills required: Ansible, Azure bicep, Azure Well-Architected Framework, GitHub/Azure DevOps, PowerShell, SOC 2, C#/.NET, CI/CD, IAC, Next Js, OWASP security practices, react, Azure, Postgre SQL, Type Script A Renowned Hiring Product Company from USA is Looking for: Senior Full Stack & Cloud Engineer We’re looking for a Senior Full Stack & Cloud Engineer to join our dynamic and globally distributed team. This hybrid role blends deep expertise in software engineering (primarily backend and frontend development) with solid cloud engineering skills, particularly in Microsoft Azure. If you're passionate about modern software architecture, migrating legacy systems, and building robust, cloud-native applications, we want to hear from you! Key Responsibilities (Software Engineering): Lead the migration of a legacy Ruby on Rails codebase to C# .NET WebAPI, ensuring performance, scalability, and maintainability. Design and develop RESTful APIs and backend services using C# .NET WebApi. Build dynamic, responsive front-end applications using Next.js or React. Engineer robust and optimized databases using PostgreSQL, ensuring data integrity and high performance. Implement DevOps best practices, including CI/CD, feature flagging, and Infrastructure as Code (IaC). Write automated test suites using frameworks like Selenium or Playwright. Collaborate with cross-functional teams including product managers, designers, and engineers. Use AI-powered tools (e.g., Caliplot, Azure AI) to streamline workflows and enhance application functionality. Mentor junior developers and conduct thorough code reviews to uphold coding standards. Follow OWASP Top 10 guidelines for secure development. Key Responsibilities (Cloud Engineering): Design and manage highly available Azure-based cloud infrastructure using Infrastructure as Code (IaC) tools like Azure Bicep and PowerShell. Support the transition from AWS to Azure, moving workloads from IaaS to managed services. Maintain and monitor systems using telemetry tools such as Datadog, ensuring 99.99% uptime. Build and maintain secure CI/CD pipelines using GitHub Actions or Azure DevOps. Implement automated self-healing workflows to support 24x7 uptime. Stay up to date with the latest Azure services and DevSecOps practices. Required Skills: 7+ years of experience in backend development with C# .NET WebApi Strong frontend experience using React or Next.js Expertise in PostgreSQL with a solid understanding of database tuning and integrity Proven experience in migrating legacy applications (preferably from Ruby on Rails) Solid grasp of OWASP security practices and modern authentication protocols (OAuth/JWT) Experience with CI/CD, feature toggling, and automated deployments Hands-on experience with IaC and cloud platforms (Azure preferred) Familiarity with AI-enhanced development tools Excellent communication skills in English — written and spoken Ability to collaborate across time zones with US-based team members Preferred Skills: Familiarity with Ansible or other configuration management tools Experience with Azure Bicep, PowerShell, and GitHub/Azure DevOps Understanding of Azure Well-Architected Framework Experience working with compliance standards such as SOC 2 Knowledge of TypeScript for full-stack consistency Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, or a related field Master’s degree preferred Engagement Type: Job Type: Contract for 1 year - High Chances of contract extension Location: 100% Remote Working time: 9:00 AM to 6 :00 PM Interview Process: 3 rounds How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you! Show more Show less

Department: Information Technology Location: Ahmedabad, Gujarat Experience: 10+ Years Education: Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field Certifications Preferred: OSCP, OSCE, OSEP, CRTP, CRTE, GPEN, GXPN, or equivalent Job Summary: We are seeking a highly experienced and skilled Red Team Specialist to join our cybersecurity team. The ideal candidate will lead advanced adversary simulations and penetration testing efforts to evaluate and strengthen the organization’s security posture. This role involves simulating real-world attack scenarios, identifying vulnerabilities, collaborating with Blue Teams, and recommending remediation strategies to enhance threat detection and response capabilities. Key Responsibilities: Adversary Simulation & Attack Execution Conduct full-scale Red Team assessments, emulating advanced persistent threat (APT) tactics, techniques, and procedures (TTPs). Simulate real-world attacks using frameworks and tools like MITRE ATT&CK, Cobalt Strike, Empire, Metasploit, and BloodHound. Exploit vulnerabilities across network infrastructure, cloud platforms, and web applications. Perform lateral movement, privilege escalation, and data exfiltration while evading detection mechanisms. Penetration Testing & Exploitation Perform internal and external penetration testing across enterprise systems. Identify and exploit misconfigurations and security gaps. Assess Active Directory security, including Kerberoasting, NTLM relay, and credential dumping. Develop custom payloads, exploits, and offensive methodologies. Evasion & Anti-Detection Techniques Employ techniques to bypass endpoint detection systems (EDR/XDR), SIEM tools, and behavioral analytics. Test the resilience of Blue Team monitoring capabilities. Implement obfuscation strategies and evasion tactics. Red Team & Blue Team Collaboration Participate in Purple Team exercises to enhance incident detection and response. Collaborate with SOC and threat intelligence teams to refine adversary emulation and response strategies. Contribute to improving incident response playbooks. Reporting & Documentation Document attack chains, vulnerabilities, and testing outcomes in detailed reports. Present technical findings and remediation recommendations to stakeholders. Create post-engagement reports, including MITRE ATT&CK mapping and kill chain analysis. Key Skills & Competencies: Proficient with offensive security tools: Cobalt Strike, Metasploit, Mimikatz, Empire, Covenant Deep understanding of frameworks: MITRE ATT&CK, Cyber Kill Chain, TIBER-EU Advanced expertise in Active Directory attacks , Kerberos exploitation , and lateral movement Strong scripting and automation skills: Python, PowerShell, Bash, C# Hands-on experience with cloud environments (Azure, AWS, GCP) and cloud exploitation Skilled in EDR/XDR evasion and SIEM bypass techniques Proven experience with Red Team / Blue Team collaboration and adversary emulation Analytical mindset with excellent problem-solving and documentation skills

Role: Cyber Risk Management Lead Experience: 5 to 10 Years Office location-Sector-125, Noida Required Qualification: Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) Additional Information There are 2-3 rounds in the interview process. This is 5 days’ work from office role (No Hybrid/ Remote options available) Final round will be F2F (Mandatory) About role: We are seeking a Cyber Risk Management Lead to identify and remediate or mitigate risks . Candidate should have effective task management skills and the ability to communicate effectively. The individual must be able to rapidly respond to security incidents and should have at least 5 years of relevant experience in Cyber security Risk management. Candidates Should have deeper understanding with some hands-on experience on enterprise IT infra components such as O365 suite, advanced firewalls, IPS/IDS/HIPS, routers/switches, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, WAF, DLP etc. along with cloud environments like AWS (Must) , Azure etc. Job Description Understanding applicable regulations, guidelines, and industry best practices to manage risk and ensure compliance Developing, maintaining, or auditing security documentation such as policies, standards, and procedures Monitoring security internal control effectiveness for EDR, Email Security, Server security, Cloud security etc Conducting internal security assessments to ensure continued compliance Explaining roles in managing risk to cross team functions and getting buy-in to improve the organizational risk posture Managing SOC 2 Type 2 assessment and provide adequate support for collecting relevant evidence for all relevant controls Should be able to review RFPs (request for proposal) and provide responses for Cyber security related items Manage Risk Governance Implement/govern AWS Cloud and Office 365 Security Manage and support internal and external audits Follow up till closure on audit findings if any Manage dashboards and reports to keep track of priority events for IT and IS Create MOM for Board Meetings Vendor Evaluation for cyber security controls Firewall rules review for On-premises and AWS firewall Security Awareness: Create materials PPT/e-mailers and provide training as needed Incident management and Business continuity CISO dashboard and success reports Meet with business team to understand their business requirements from cyber security perspective Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) Understanding of respective industry best practices (e.g., NIST, ISO, OWASP, ITIL) At least one security certification is strongly preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP) Prior experience of management of technology infrastructure is preferred Skills: proxy,audit management,firewall rules review,cyber risk management,dns,advanced firewalls,ciso dashboard management,waf,business continuity,internal security assessments,task management,cloud environments,enterprise it infrastructure,cloud security,email security,incident response,email systems/security,ips/ids/hips,security document auditing,security auditing,communication skills,security incident response,cyber security,aws,routers,web proxy,risk assessment,compliance,dhcp,soc assesment,communication,security assessments,nist, iso, owasp, itil best practices,cyber security risk management,effective communication,it infrastructure security,multi-factor authentication,risk governance,o365,o365 suite,incident management,risk management,switches,security awareness training,virtualization,av/edr,azure,security documentation,dlp,cyber risk management lead,vendor evaluation,regulatory compliance (soc2, hipaa, iso27001),routers/switches,auditing,cybersecurity risk management,office 365 security,aws cloud security,vpn,security awareness Show more Show less

Role: Senior Java Engineer Location: Pune, India (Hybrid - 3 days a week in office) Experience: 8 - 12 Years Shift Timing: 9 AM - 5 PM general shift. Interview Rounds: Virtual (4 Rounds): 2 Internal + 2 Client. Mode of Work: Hybrid - 3 days a week in office. Office Location: Yerwada, Pune. Job Positions: 2. About Us We’re proud to be one of New York City’s fastest-growing product engineering consulting firms, dedicated to driving innovation and scalable growth for our clients. With eight consecutive years on the Inc. 5000 list of America’s Fastest-Growing Companies, we’ve earned a place in the elite Inc. 5000 Hall of Fame — an honor reserved for the top 1% of high-growth companies nationwide . What We Do We specialize in rapidly bringing our clients' most critical and strategic products to market — with high velocity, exceptional quality, and 10x impact. By embedding modern tools, proven methodologies, and forward-thinking leadership, we help build innovative, high-performing teams that thrive in today’s fast-paced digital landscape. This is a unique opportunity to join a dynamic and evolving team. Our client roster includes industry leaders such as Goldman Sachs, Fidelity, Morgan Stanley, and Mastercard. From greenfield innovations to tier-one product builds, our teams lead the delivery of mission-critical projects across product strategy, design, cloud-native applications, and both mobile and web development. The work we do shapes industries — and transforms the way people live, work, and think. About the Role: Senior Java Engineer As a Senior Java Engineer, you will collaborate with lead-level and fellow senior-level engineers to architect and implement solutions that maximize client offerings. In this role, you will develop performant and robust Java applications while continuously evaluating and advancing web technologies within the organization. Responsibilities:- Work on a high-velocity scrum team. Collaborate with clients to devise solutions for real-world problems. Architect and implement scalable end-to-end Web applications. Support the team lead in facilitating development processes. Provide estimates and milestones for features/stories. Work with your mentor for personal learning and growth, and mentor less experienced engineers. Contribute to the growth of it through interviewing and architectural contributions. Qualifications (Core Requirements) 5+ years of Java development within an enterprise-level domain. Proficiency with Java 8 (Java 11 preferred) features such as lambda expressions, Stream API, Completable Future, etc. Skilled in low-latency, high-volume application development. Expertise in CI/CD and shift-left testing. Nice to have: Golang and/or Rust. Experienced with asynchronous programming, multithreading, implementing APIs, and Microservices, including Spring Boot. Proficiency with SQL. Experience with data sourcing, data modeling, and data enrichment. Experience with Systems Design & CI/CD pipelines. Cloud computing, preferably AWS. Solid verbal and written communication and consultant/client-facing skills are a must. As a true consultant, you are a self-starter who takes initiative. Solid experience with at least two (preferably more) of the following: Kafka (Core Concepts, Replication & Reliability, Kafka Internals, Infrastructure & Control, Data Retention and Durability). MongoDB. Sonar. Jenkins. Oracle DB, Sybase IQ, DB2. Drools or any rules engine experience. CMS tools like Adobe AEM. Search tools like Algolia, ElasticSearch, or Solr. Spark. What Makes You Stand Out From The Pack Payments or Asset/Wealth Management experience. Mature server development and knowledge of frameworks, preferably Spring. Enterprise experience working and building enterprise products, long-term tenure at enterprise-level organizations, experience working with a remote team, and being an avid practitioner in their craft. You have pushed code into production and have deployed multiple products to market, but are seeking the visibility of a small team within a large enterprise technology environment. You enjoy coaching junior engineers, but want to remain hands-on with code. Open to hybrid work - 3 days per week from the office. Must-Haves Mandatory: Core Java, SOLID Principles, Multithreading, Design patterns. Spring, Spring Boot, Rest API, Microservices. Kafka, Messaging/streaming stack. JUnit. Code Optimization, Performance Design, Architecture concepts. Database and SQL. CI/CD - Understanding of Deployment, Infrastructure, Cloud. No gaps in organization. No job hoppers (candidate must have good stability). Joining time/notice period: Immediate to 30 days. Nice To Haves Good to have: Network Stack - gRPC, HTTP/2 etc. Security Stack (OWASP, OAuth, encryption). Good Communication. Agile. Skills: elasticsearch,junit,ci/cd,data sourcing,high-volume application development,spring, spring boot, rest api, microservices.,messaging/streaming stack,asynchronous programming,multithreading,kafka,code optimization,spark,sybase iq,db2,cloud computing,solr,data enrichment,algolia,sql,solid principles,spring,aws,database,rust,java 8/11,core java,golang,rest api,spring boot,java,sonar,design patterns,systems design,performance design,cms tools,java 8 / java 11,data modeling,messaging/streaming,core java, solid principles, multithreading, design patterns,oracle db,search tools,drools,jenkins,kafka, messaging/streaming stack.,mongodb,microservices,adobe aem,cloud computing (aws),database and sql,architecture concepts,low-latency application development Show more Show less

Job Title: Backend Developer / Senior Backend Developer (Python) Location: Chennai Experience: 4+ Years Key Responsibilities: • Design and Develop Backend Systems: Develop robust, scalable, and secure backend services using Python, ensuring seamless integration across banking, e-commerce, and e-learning modules. • API Development: Design, develop, and maintain RESTful and GraphQL APIs that are consumed by web and mobile front-end applications. • Database Management: Design, optimize, and manage databases, ensuring high availability, security, and data integrity. Experience with relational databases (e.g., PostgreSQL, MySQL) and NoSQL databases (e.g., MongoDB, Redis) is essential. • Microservices Architecture: Develop and maintain microservices that support the platform's diverse functionalities, ensuring they are independently deployable and scalable. • Security: Implement security best practices to protect sensitive information, including encryption, secure authentication, and authorization mechanisms. • Performance Optimization: Continuously monitor and optimize application performance, ensuring low latency and high throughput. • Integration: Work closely with third-party services to integrate payment gateways, learning management systems, and other critical services. • Collaboration: Collaborate with front-end developers, DevOps engineers, and other stakeholders to ensure the successful delivery of end-to-end solutions. • Testing & Debugging: Write unit tests, perform code reviews, and engage in debugging activities to ensure code quality and reliability. • Documentation: Maintain comprehensive documentation for all backend services, APIs, and data structures. Required Skills and Qualifications: • Strong experience in Python, with a deep understanding of frameworks like Flask, or FastAPI. • Experience with relational and NoSQL databases. Proficiency in writing optimized SQL queries and designing database schemas. • Strong experience in developing RESTful and GraphQL APIs. • Familiarity with cloud platforms such as AWS, Azure, or Google Cloud for deploying and managing services. • Proficiency with Git and GitHub/GitLab for version control and collaborative development. • Understanding of security best practices in software development, including OWASP standards. • Experience with continuous integration and continuous deployment (CI/CD) practices. • Strong analytical and problem-solving skills with attention to detail. • Excellent verbal and written communication skills. • Prior experience working on platforms within the banking, e-commerce, or e-learning sectors is highly desirable. • Knowledge of Docker and Kubernetes for containerization and orchestration. • Hands-on experience in developing and managing microservices architectures. • Basic understanding of DevOps practices and tools like Jenkins, Terraform, or Ansible. • Experience working in Agile environments with familiarity in Scrum or Kanban. Show more Show less

PAY Digital engineering team has a team in charge of transversal activities around Security/Innovation/Automation/Cloud Transformation. As our strategy is to fully move to the cloud, we need to focus on new solution architecture for our products. Main mission : She/he is in charge of defining architecture patterns mainly in the cloud scope to help our teams to accelerate their cloud transformation. The role is not only around documenting these patterns but to experiment them and help the teams in their sprints to apply it. There’s also a large part of communication in the role to be able to share this expertise and help the team to take the ownership of the new architecture proposed. Technical skills / Environment: Responsibilities : You will be part of Thales CDI PAY Digital organization with a strong relation with the engineering director and all the squads around the world. Your role will mainly to study, synchronize, share advanced technical topics to support the teams in our location in Noida. You’ll have to be up to date in all the cloud technologies we’re using and learn the payment ecosystem we’re dealing with. Technical Skills: Software security: cryptography, PKI, Network, Web attack Software development: Web Applications, NodeJS, J2EE, Java Security, Web Service (REST/SOAP) Internet technology: HTTP(S), Web Service Security, PKI/X509 certificate, OAUTH2, Web Application Firewall, SAML/OIDC Cloud technology : Docker, K8S, AWS/GCP Database technology : SQL (MySQL/Postgre)/NoSQL(MongoDB/DynamoDB) Risk assessment: CVSSv2 scoring, Threat Modeling (OWASP, Microsoft SDL) Behavioural skills: Analytical, Autonomous, Creative Knowledge sharing Experience: 16+ years in software development or 3 years in similar position. Show more Show less

Skills: Nessus, Burp Suite, Metasploit, OWASP ZAP, Nmap, Qualys, Wireshark, Kali Linux, Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification And Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor Show more Show less

#We Infosys Finacle is hiring for Product Security /Information Security Engineers to join our team. As a Product Security Engineer, you'll play a vital role in ensuring the security of our products, particularly those catering to the financial domain. You'll be responsible for overseeing vulnerability assessments, penetration testing, and contributing to a secure development lifecycle Work Location: Bangalore Experience Range: 4-7 Years Key Responsibilities • Conduct vulnerability assessments and penetration testing on a wide range of critical web applications. Leverage SAST and DAST tools to identify and analyze security issues, recommending effective remediation strategies. • Design and implement secure software systems, ensuring that security is an integral part of the software design process. • Collaborate with the development team to apply secure design principles and patterns. Identify potential security vulnerabilities during the design phase and propose secure solutions. • Perform security assessments of web services and APIs, including identity and token authentication and authorization mechanisms. • Deep dive into existing implementations to thoroughly assess security posture. • Collaborate with the development team to implement secure architecture and design principles. • Stay up to date on emerging threats like DDoS, ransomware, and supply chain attacks, and implement countermeasures. Required Skills:- • 4- 6 years of experience in product and application security with production/cloud experience • Thorough understanding of HTTPS, TLS 1.2, TLS 1.3, and public/symmetric key cryptography. • Proficiency in security tools like Burp Suite, Nmap, ZAP, Black duck Hub, NVD, and CVE/CWEs. • Knowledge of secure implementations on cloud platforms. • Experience with one or more of the following: >Front-end technologies such as Angular, React, or JavaScript. >Back-end technologies such as Java, Node.js, TypeScript, Spring, or C Bonus Points Experience in the financial domain. Experience with OWASP Top 10, SANS Top 25, BDH, and Palo Alto advisories. About Finacle Finacle is an industry leader in digital banking solutions. We partner with emerging and established financial institutions to inspire better banking. Our cloud-native solution suite and SaaS services help banks to engage, innovate, operate, and transform better. We are a business unit of EdgeVerve Systems, a wholly-owned product subsidiary of Infosys – a global technology leader with over USD 15 billion in annual revenues. We are differentiated by our functionally-rich solution suite, composable architecture, culture, and entrepreneurial spirit of a start-up. We are also known for an impeccable track record of helping financial institutions of all sizes drive digital transformation at speed and scale. Today, financial institutions in more than 100 countries rely on Finacle to help more than a billion people and millions of businesses to save, pay, borrow, and invest better. Finacle website (https://www.edgeverve.com/finacle/solutions/) Disclaimer: - Edgeverve Systems does not engage with external manpower agencies or charge any fees from candidates for recruitment. If you encounter such scams, please report them immediately. Show more Show less

Job Title: Application Security (AppSec) Experience: 10+ Years Location: Hyderabad Department: Information Security / DevSecOps Industry: Software / IT Services / Product Engineering Job Summary: We are seeking a seasoned Application Security Focal with 10+ years of experience to lead our application security initiatives across the SDLC. The AppSec Focal will act as the central point of contact between development, DevOps, and security teams to ensure secure design, development, and deployment of applications. This role demands deep technical expertise in secure coding practices, threat modelling, SAST/DAST tools, and secure CI/CD integration. Key Responsibilities: Security Leadership & Governance: Act as the single point of contact for all application security initiatives within the organization. Define, implement, and enforce secure coding standards and security architecture reviews. Establish and maintain secure SDLC practices in collaboration with engineering teams. Drive risk assessments and provide actionable security recommendations for applications. Collaborate with compliance teams to support audits (ISO 27001, SOC 2, HIPAA, etc.). Technical Responsibilities: Lead threat modelling, secure code reviews, and vulnerability assessments. Manage and optimize the use of AppSec tools: SAST (e.g., SonarQube, Checkmarx), DAST (e.g., OWASP ZAP, Burp Suite), SCA (e.g., Mend, Black Duck), and container scanning tools. Integrate security tools into CI/CD pipelines (e.g., Azure DevOps, GitLab CI/CD, Jenkins). Drive vulnerability triage and remediation with engineering teams. Analyze third-party components and APIs for security risks (open-source security management). Training & Awareness: Conduct secure coding workshops, OWASP Top 10 training, and awareness sessions. Build and maintain a knowledge base of secure development practices, checklists, and guidelines. Support incident response efforts in case of application-related security incidents. Required Skills & Experience: 10+ years of experience in application development and/or security engineering. Deep understanding of OWASP Top 10, CWE, CVE, and common attack vectors (XSS, SQLi, CSRF, etc.). Strong knowledge of application architectures (web, mobile, APIs, microservices). Hands-on experience with security tools (SAST, DAST, SCA, RASP, WAF, etc.). Proficiency in at least one programming language (Java, .NET, Python, Node.js, etc.). Familiarity with DevSecOps pipelines and security automation. Preferred Qualifications: Bachelor's/masters degree in computer science, Cybersecurity, or related field. Relevant certifications: CSSLP , OSWE , GWAPT , CISSP , or CEH Azure/AWS security certifications are a plus. Experience in Agile/DevOps environments and secure CI/CD implementation. Soft Skills: Excellent stakeholder communication, documentation, and leadership abilities. Ability to influence engineering teams and build a security-first mindset. Strong problem-solving and risk assessment skills. Reporting To: Head of Security / CISO / Enterprise Architect Work Mode: Hybrid / On-site / Remote

OrangeMantra is looking for Technical Lead - PHP Fullstack to join our dynamic team and embark on a rewarding career journey Lead development of fullstack web applications using PHP Manage frontend/backend design, code review, and deployment Mentor junior developers and ensure code quality Coordinate with QA and DevOps for continuous delivery

Volvo India is looking for Senior IT Security Officer to join our dynamic team and embark on a rewarding career journey. Ensure the security, safety and well-being of all personnel, visitors and the premises Provide excellent customer service Adhere to all company service and operating standards Remain in compliance with local, state and federal regulations Immediately respond to emergencies to provide necessary assistance to employees and customers Protect the companys assets relative to theft, assault, fire and other safety issues Follow procedures for various initiatives, including fire prevention, property patrol, traffic control and accident investigations

Responsibilities : Perform Security reviews, Vulnerability Assessments & Penetration Testing for Web, Android, iOS, and API endpoints Perform Threat Modelling & anticipate potential attack vectors and improve security architecture on complex or cross-functional components Identify and remediate OWASP Top 10 and mobile-specific vulnerabilities Conduct secure code reviews and red team assessments Integrate SAST, DAST, SCA, and secret scanning tools into CI/CD pipelines Automate security checks using tools like SonarQube, Snyk, Trivy, etc. Maintain and manage vulnerability scanning infrastructure Perform security assessments of AWS, Azure, and GCP environments, with an emphasis on container security, particularly for Docker and Kubernetes. Implement guardrails for IAM, network segmentation, encryption, and cloud monitoring Contribute to infrastructure hardening for containers, Kubernetes, and virtual machines Triage bug bounty reports and coordinate remediation with engineering teams Act as the primary responder for external security disclosures Maintain documentation and metrics related to bug bounty and penetration testing activities Collaborate with developers and architects to ensure secure design decisions Lead security design reviews for new features and products Provide actionable risk assessments and mitigation plans to stakeholders Required Skills & Experience: 5 - 8 years of solid hands-on experience in the VAPT domain Solid understanding of Web, Android, and iOS application security Experience with DevSecOps tools and integrating security into CI/CD Strong knowledge of cloud platforms (AWS/GCP/Azure) and their security models Familiarity with bug bounty programs and responsible disclosure practices Familiarity with tools like Burp Suite, MobSF, OWASP ZAP, Terraform, Checkov..etc Good knowledge of API security Scripting experience (Python, Bash, or similar) for automation tasks Preferred Qualifications: OSCP, CEH, AWS Security Specialty, or similar certifications Experience working in a regulated environment (e.g., FinTech, InsurTech)

Responsibilities: Participate in development and implementation of product specifications in conjunction with Product Management. Pay attention to feasibility, system/feature integration and performance expectations. Work with stakeholders in the company (E.g. Product Management, Architects, Engineers; but not limited to) to determine needs of new product features, releases and overall platform. Participate in all phases of technology development of a product release. Mentor and Collaborate with Product teams implementing releases in accordance with the architecture. Adhere to the requirements and guidelines for process, quality, security etc. Participating in Agile practices of the team/organization as a team player. Adaptability to learn and enhance skills in the domain of data security alongside the products technical environment (like OS, cloud technology, container orchestration, native programming language of the environment, hardware etc.) Ability to be a good team player and soft skilled person. Qualifications: 2+ years of post-bachelor’s degree experience in software development 2+ years of design, development, test & integration of application software written in Python & Linux Good understanding of Linux OS and internals Experience on any or multiple of programming languages like Go/Java Knowledge of Public Cloud technologies like AWS/GCP/Azure Knowledge of testing frameworks, such as pytest and Robot Framework Should be strong at debugging, troubleshooting, profiling own’s code as well as reviewing that of peers Sufficient knowledge of office productivity tools to represent formal exchange of technical content communication especially architecture and design Excellent verbal and written communication skills along with good rapport and collaboration with teammates Good to have skills Knowledge of software performance measurement and tuning Understanding of software security requirements and associated standards like NIST, OWASP, PCI-DSS etc Has gone through a devops cycle, CI/CD pipelines and software test automations Knowledge of cryptography and cryptographic algorithms Know of Agile process for product delivery Preferred Qualifications Background to computer science and systems Experience on Python programming language, Shell Scripting and Linux OS Knowledge of Public Cloud technologies like AWS/GCP/Azure Has gone through Application Design/architecture lifecycle

Experience in security testing, application security, or security engineering Hands-on experience integrating security into DevOps/DevSecOps pipelines (e.g., GitHub Actions, Jenkins, GitLab CI) Required Candidate profile Strong knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Experience with scripting languages such as Python, Bash, or PowerShell.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security Strategy, Risk, Compliance and Resilience – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less