Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP What We Offer : - Competitive salary and benefits package - Opportunity to work with a talented team of professionals - Collaborative and dynamic work environment - Professional development and growth opportunities - Flexible working hours and remote work options

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry -leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Description Who are we? Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi. What are we looking for? At Checkmarx, we are a Research & Development team responsible for developing Plugins & Integrations that bring the capabilities of CheckmarxOne, our cloud-native AppSec platform to common developer workflows and pipelines (IDEs and CI/CD platforms). We are looking for someone with proven experience in leading the team from the front while keeping the work plans on track. Work closely with Product owner and cross-functional teams on multiple releases. This role requires the ability to develop/maintain Plugin products for different IDEs, CI/CD products that are in different technology stacks. How will you make an impact? In this role you will be responsible for: With Java and Golang as the primary technology, you will cross skill yourself in other programming languages like Typescript/JavaScript and technologies required in the project. Lead, Mentor, grow a team of experienced Software Developers Provide technical leadership to the Development & QA team, including mentoring and coaching. Implementing the best practices, coding standards and secure coding practices of the project Triaging product defects and preparing release plans to address the defects and enhancements using Agile practices. Maintaining the account of time and reporting regularity of own work Create and maintain technical documentation. Requirements What is needed to succeed? B.E. in Computer Science or equivalent. 12+ years of software development experience with minimum 5 years as a team lead for the Agile team of 8 to 10 developers and QA. Must be hands-on in Java 8/11/17, Maven/Gradle, Eclipse/IntelliJ. Must have at least 2 years relevant experience in Golang. Must have hands-on experience with technologies like REST, SOAP, SSL/TLS, HTTP, Tomcat, Oauth2/OIDC, RDBMS Must have expert level competency in any one CI/CD tools like Jenkins, ADO, CircleCI or similar. Must have expertise in any one SCM tool like GitHub/Gitlab/Azure DevOps etc. Familiar with Cloud Native designs and ecosystem (Kubernetes, containers, etc.) Hands on experience in JavaScript, TypeScript as backend technology will be a plus. Exposure to Linux environments. Exposure to DevOps practices, Open-source ecosystem, OWASP Top 10 will be an advantage. Exposure to any one public cloud environment, Docker, Kubernetes Nice to Have: Exposure to plugin/extensibility framework of IDEs, CI/CD Tools Background in cybersecurity and application security – not mandatory What we have to offer Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law. Show more Show less

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry -leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Description Who are we? Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi. Who are we looking for? Appsec engineer that has worked with external customers and would like to train to become an architect. Focused on the customer, Managed Services' mission is to ensure that clients get the most out of Checkmarx Products and Solutions. We are looking to grow our team with a talented Application Security Architect to support Checkmarx services and our customers. We are looking for a resilient and self-motivated individual who wants to be part of an expanding team in a fast-growing industry. Responsibilities : Review customer’s software architectures with a focus on potential security threats Provide dev teams with explanation and mitigation advice for security vulnerabilities found in the Checkmarx scans; Design and coordinate the implementation and maintenance of tailored solutions that will meet customer requests, needs and requirements; Collaborate with Product Management, R&D and Support teams in handling customer issues or internal Checkmarx initiatives; Occasionally assist in pre-sale activities, like providing product demonstrations; Assistance in the implementation of Application Security Programs and processes; Providing training for developers and management Travel to customer sites for meetings and technical activities; Requirements What is needed to succeed? Degree in Software Engineering or equivalent At least 3-4 years of combined experience in development, in any programming language,and Application Security (minimum 2 years in AppSec). Previous experience in one or more Application Security practices, such as pen-testing, security code review, AST products, research Knowledge on how to conduct a Threat Modeling exercise. Knowledge of AppSec industry standards, frameworks and guidelines, such as OWASP Top 10 (Web, Api or Mobile) and Secure SDLC. Client handling skills for Security Engagements; Good written and verbal communication skills in English; Ability to travel (up to 20%); Pro-active and sense of ownership; Get an advantage if you have Security Certifications (CISSP, CSSLP, CEH, OSCP, etc.). What we have to offer Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law. Show more Show less

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae Show more Show less

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary VP, Software Engineering Who is Mastercard? Mastercard is a global technology company in the payments industry. We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview The Transfer Solutions team was created to establish Mastercard as the frontrunner in the fast-evolving real-time payments space, and to position Mastercard to be able to incubate the development of new payment flows. The team is responsible for designing, building, and operating the technology that powers Mastercard’s next generation payment applications – Domestic, Cross Border and Bill Payments. Mastercard seeks to define a world beyond cash. To accelerate this mission, we are committed to building & scaling products & applications that transform payments of any type. Real time payment technology is central to this strategy. The Role What’s it all about and what we expect you to do day to day? At least 50% individual contributor with technical team leadership who is recognized as a departmental authority and technical expert within a discipline, and drives innovation and organizational growth through their contributions. Spend their time in IDEs writing non-feature code; are hands all the time and collaborate by writing interfaces, tests (unit or acceptance) and architecture fitness functions, outside of meeting rooms. Tools like JDepend, ArchUnit, ADRs and NetArchTest make them feel at home. Implement, monitor, and maintain compliance and security concerns in CI/CD pipelines to bring life to the principle of “Code is Design and Design is Code”. Domain driven design in their game. They code to enforce the contextual mappings and aggregates for each bounded context. They drive implementation of consumer driven contracts to allow for evolution and learning of the domain model with hyper speed while meeting our promises to other teams internally and customers alike. Polyglot engineering gurus. They bring cutting edge engineering practices to life in multiple evolving frameworks – Feature flags, fitness functions and whatever is required to reduce the cost and increase the lifecycle value of next feature delivered by engineering teams. Love for declarative paradigm and functional programming. No one can stop them in paying off technical debt and refactoring the code for better SDLC, performance and availability. Work on complex enterprise-wide initiatives spanning multiple services/programs and drives resolution Work with business/product owners to architect and deliver on new services to introduce new products and bundles Participate and contribute to team’s agile process and decisions. Understand and contribute to Prioritization. Drive prioritization decisions and trade-offs in working with product partners Drive the architectural design, including dependent services, service interactions, and policies Take ownership to improve the customer experience of an entire set of services/applications sold as products or bundled services Simplify and improve the cost/benefit of a function/service/architecture strategy Apply judgment and experience to balance trade-offs between competing interests Venture beyond comfort zone to take on assignments across different areas of Software Engineering Take on organization-wide and public speaking engagements and publishes white papers and blogs on relevant and emerging technical topics Participate and contribute to Principal review architecture meetings and drive resolutions to enterprise-wide challenges and regulatory needs Write recommendations for job promotions based on an unbiased view of one's accomplishments Conduct technical interviews for hiring engineering staff and raising the performance bar All About You And What You Need To Bring Product engineering experience that demonstrates thought-leadership and cross-functional influence demonstrated by a successful track record of enabling business through engineering excellence and technical innovation. Progressively grown career with proven design and development experiences in multiple languages (e.g., Java, .NET, JavaScript, SQL), secure coding standards (e.g., OWASP, CWE, SEI CERT), and vulnerability management. Expert understanding and experience of DevOps best practices to guide developers and abstract application development from underlying hosting platforms and infrastructure. Infrastructure as code and cloud first software development knowledge experience preferred. Experience in the skills required to implement advanced test set ups in production environment (e.g., A/B testing, canary releases, blue-green deployment, feature flags) Experience in Continuous Integration (CI) and Delivery (CD) concepts, and capabilities to support automation, pipelines, virtualization, and containerization Experience in leading the initiation and formation of large global projects including architecting, estimating, planning, implementing, and operating as well as selecting talent resources across multiple geographies and functions. Has skills to develop and evangelize on reference architecture and run principles to help teams adopt Engineering Principles from the start (poison pill, active/active/active, auto-scaling, self-healing, others) Understands use cases for advanced design patterns (e.g., service-to-worker, MVC, API gateway, intercepting filter, dependency injection, lazy loading, all from gang of four) to implement efficient code Understands and implements Application Programming Interface (API) standards and cataloging to drive API/service adoption and commercialization Has skills to promote and coach teams on take on full stack development and facilitate end-to-end service ownership Has skills to engage engineers across Technology organization to promote standard software patterns and reuse of common libraries and services Has experience in leading and coaching teams to perform software planning and estimation for large scale complex programs Has skills to drive trade-off discussions to set right development capacity based on value drivers (e.g., regulatory, security, new business, market parity, technical debt) Performance engineering experience to ensure applications are built to scale, run, and perform for varying demands Has skills to evaluate practices, metrics, and roles to continually optimize SDLC methodologies and automate processes to improve lead time and quality Has skills to succinctly articulate architecture patterns of complex systems, with business and technical implications, to executive and customer stakeholders Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. R-249991 Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. This Senior Information Security Engineer is a member of the UHC A&I Tech Infra, Cloud and Data Services team that supports US Health Group and Student Resources,. This engineer will work with 4000+ agents as level 2 support for security incidents and investigation. Their primary function will be to monitor and respond to all vulnerabilities in Tanium, Tenable, and Security Platform. In addition the engineer will have primary responsibility of all updates throughout the infrastructure for the UHC lines of business that ingests over 200,000 MB of logs for Windows and RHEL Servers. This engineer will also work in Service Now to monitor queues and work incidents to resolution. This engineer will be working in both on-premise and azure cloud monitoring security and compliance. This engineer will work throughout the organization to quickly remediate any daily findings of new vulnerabilities that arise and create daily reports to show updated findings and tasks for remediation. Primary Responsibilities Core Tasks: Tanium, Security Platform, TVM remediate all vulnerabilities, patching Maintain cadence of monthly patching schedule for updates to all environments Operate and maintain security systems to protect data and systems and ensure auditability and compliance Respond, analyze, and resolve outages, incidents and/or threats Fulfill service requests Deploy new, update existing, replace or decommission solutions Work in Microsoft Endpoint Configuration Manager (MECM) for patching and Vulnerability remediation Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualification Full time graduate Core Tasks: Tanium, Security Platform, TVM remediate all vulnerabilities, patching Maintain cadence of monthly patching schedule for updates to all environments Operate and maintain security systems to protect data and systems and ensure auditability and compliance Respond, analyze, and resolve outages, incidents and/or threats Fulfill service requests Deploy new, update existing, replace or decommission solutions Work in Microsoft Endpoint Configuration Manager (MECM) for patching and Vulnerability remediation Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. #Nic #Nic

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience. Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify

Job Summary Synechron is seeking a dedicated and skilled Senior QA Engineer to join our dynamic team. The role is pivotal in ensuring the delivery of high-quality digital solutions that align with Synechron’s commitment to transforming businesses through innovative technology. As a Senior QA Engineer, you will contribute significantly to the business objectives by maintaining the integrity and quality of the software, ensuring that our products meet the highest standards of excellence and customer satisfaction. Software Requirements Required Proficiency: SeleniumAdvanced level JIRAIntermediate level TestNGAdvanced level PostmanIntermediate level GitIntermediate level Preferred Proficiency: LoadRunnerBasic knowledge JenkinsIntermediate level SoapUIIntermediate level Overall Responsibilities Lead and manage QA processes and strategies across various projects, ensuring all deliverables meet quality standards. Develop and execute comprehensive test plans, test cases, and test scripts. Collaborate with cross-functional teams to identify system requirements and ensure seamless integration. Drive continuous improvement initiatives within the QA team to enhance efficiency and effectiveness. Monitor and report on test execution and outcomes, ensuring transparency and accountability in QA processes. Technical Skills (By Category) Programming Languages: RequiredJava (advanced) PreferredPython (basic knowledge) Databases/Data Management: RequiredSQL (intermediate) PreferredNoSQL (basic knowledge) Cloud Technologies: PreferredAWS (basic understanding) Frameworks and Libraries: RequiredSelenium WebDriver (advanced) PreferredAppium (basic knowledge) Development Tools and Methodologies: RequiredAgile methodologies (Scrum/Kanban) Security Protocols: PreferredKnowledge of OWASP guidelines Experience Requirements Minimum of 5+ years of experience in software testing and quality assurance roles. Extensive experience working within the financial services industry is preferred. Proven track record of operating within a global and diverse environment. Day-to-Day Activities Conduct detailed testing of software applications, identifying bugs and areas for improvement. Participate in daily stand-up meetings, sprint planning, and retrospectives. Collaborate with developers and product managers to ensure clarity in requirements and acceptance criteria. Prepare and present reports to stakeholders on test execution and product quality status. Qualifications Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience). ISTQB Certification preferred. Continuous professional development in QA methodologies and technologies is encouraged. Professional Competencies Strong analytical and problem-solving skills. Effective communication and stakeholder management abilities. Proven leadership and teamwork skills. Adaptability to changing technologies and processes. Innovative mindset with a focus on quality improvement. Excellent time and priority management skills.

Senior Cybersecurity Specialist Are you an experienced cybersecurity professional who is excited about practical application of cybersecurity into industrial and IoT environmentsWe would like to have you on our team to keep smart cities cybersecure! The KONE Technology and Innovation (KTI) function is where the magic happens at KONE. Its where we combine the physical world - escalators and elevators - with smart and connected digital systems. We are changing and improving the way billions of people move within cities every day. Within the KONE Technology & Innovation unit, we have a dedicated C ybers ecurity team for assuring the security of KONE s products and solutions as well as applications used by KONE s business lines. Buzzwords: Application security, Cloud security, SDL, DevSecOps We are now looking for a person to support and drive the Security Development Lifecycle (SDL) activities in KONE solution development projects. Our solutions range from connected elevator systems to cloud services and to mobile applications for technicians and for end users. As a Senior Cybersecurity Specialist, you will be responsible for supporting KONE development teams globally to identify and implement security requirements and to review and test the solutions as they have been implemented. You enjoy working in co-operation with development teams to offer solutions for security problems and practical guidelines on how to implement security in the projects. You get to conduct threat analysis and identify the appropriate security requirements. You don t shy away from getting hands on with application owners and developers to guide them or help them implement the necessary security controls. Through validation and testing you ensure that controls are implemented, and the requirements fulfilled. You support our becoming and existing Security Champions to succeed in their roles by guiding, identifying their skill gaps, and providing training. You might be an experienced security-minded software developer, or perhaps you are a cybersecurity professional who has specialized in application security. You can communicate with various audiences, and you can deal both with the big picture as well as with details when so required. The position is located in Pune, India. Responsibilities Act as a cybersecurity advisor and provide security expertise and guidance to development and operations teams. Conduct risk-based security impact assessments to classify applications and assign appropriate security requirements. Translate requirements into actionable tasks and guide stakeholders in understanding and implementing them. Detect security issues during validation and operation using automation and scenario-based testing. Help teams to understand and mitigate risks and vulnerabilities. Review and enhance security documentation and assessments from Security Champions, offering constructive feedback. Monitor R&D and IT stakeholder needs and deliver targeted security training or clinics. Collaborate within the Cybersecurity team to improve KONE s security management system, SDL standards, processes, and tools. Requirements 5+ years of experience in cybersecurity. CISSP, CSSLP or other relevant certifications are considered a plus. Educational qualifications (B. Sc. or M Sc. in computer science, business administration, information technology management, information systems security or related) Practical experience in implementing Security Development Lifecycle (SDL) in agile software projects (for example, Microsoft SDL, OWASP, BSIMM) Familiarity with security standards and best practices (for example: ISO 27001, IEC 62443, OWASP) Experience in threat modeling and security risk assessment Experience with DevSecOps practices and tools (SCA, SAST, DAST) Experience with cloud platforms (AWS or Microsoft Azure) Why to join KONE s cybersecurity team We at KONE s cybersecurity team are at an interesting point currently. Our focus has been on modernizing enterprise cybersecurity to limit risks with day-to-day operations but at the same time, we are building our industrial and product cybersecurity. KONE is on a digitalization journey and our elevators are transforming from a steel box on the end of a rope into central platforms of smart buildings. We are bringing totally new kinds of innovative solutions to the market to enable even smarter people flow. As our offering becomes more digital, excellent cybersecurity plays a crucial role in building customer trust. KONE Technology and Innovation We are changing and improving the way billions of people move within buildings every day. Hardware is where weve always shined, but today, digital expertise - IoT, analytics, AI, automation, simulation, to name a few - is equally important for our continued success. Whats KONE Technology & Innovation like as a workplaceWe like to think of ourselves as a diverse tribe, pulling together to understand and meet the ever-changing needs of our customers, from concept through to design, down to every single finished product. This all happens in an atmosphere of trust and respect, typified by our Nordic values, a healthy work-life balance, and a flat hierarchy. At KONE, we are focused on creating an innovative and collaborative working culture where we value the contribution of each individual. Employee engagement is a key focus area for us and we encourage participation and the sharing of information and ideas. Sustainability is an integral part of our culture and the daily practice. We follow ethical business practices and we seek to develop a culture of working together where co-workers trust and respect each other and good performance is recognized. In being a great place to work, we are proud to offer a range of experiences and opportunities that will help you to achieve your career and personal goals and enable you to live a healthy and balanced life. Read more on www. kone. com/careers

Job Title: Lead Application Security/ Sr. Lead Application Security Experience Required: 4-8 years. Job Summary: Seeking for a highly skilled and experienced Application Security Specialist who will play a crucial role in ensuring the security and resilience of our organisations systems, networks, and infrastructure. He will be collaborating closely with development and operations teams to integrate security practices throughout the software development lifecycle. The role will involve identifying vulnerabilities, defining and implementing secure coding practices, conducting security assessments, performing day to day WAF & BOT operations and ensuring compliance with industry standards and regulations. Required Skills: The candidate should have minimum experience of 5 years in vulnerability assessment & penetration testing (VAPT) and WAF solutions. Mandatory: Proven experience in application security, with a focus on web and mobile applications. Proficiency in wide range of security tools and frameworks, such as Metasploit, Burp Suite, Nmap, Wireshark, Kali Linux, PowerShell Empire, Cobalt Strike, and others. Awareness of current cyber threats, attack trends, and threat actor tactics, techniques, and procedures. Familiarity with industry standards (e.g., OWASP Top 10, CWE) and regulatory requirements (e.g., GDPR, PCI-DSS). Experience in managing and optimizing WAF and BOT management systems. (e.g. Akamai, Cloudflare, Imperva etc.) Excellent communication and collaboration skills. Good to have: Experience with cloud security, container security and DevSecOps practices is desirable. Evaluate and implement WAF & BOT management solutions to detect, mitigate, and respond to bot activities. Experience in scripting and automation for WAF & BOT rule deployment and management (e.g., Python, PowerShell). Certification: Mandatory: Certifications such as Certified Red Team Operator (CRT), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Penetration Tester (GPEN) are highly desirable. Good to have: Certifications such as CREST Practitioner Security Analyst (CPSA), Certified Expert Penetration Tester (CEPT) etc. Qualifications: 1. Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). 2. Strong understanding of networking protocols, operating systems, and security technologies. 3. Excellent analytical and problem-solving skills. 4. Proficient in at least one scripting language. Responsibilities: 1. Define and implement secure coding standards and practices. 2. Conduct security assessments, code reviews, and penetration testing. 3. Collaborate with development and operations teams to integrate security into the SDLC. 4. Identify and prioritize application security risks and vulnerabilities. 5. Design and implement security controls and solutions to mitigate risks. 6. Stay updated with emerging threats and industry best practices. 7. Drive compliance with relevant security standards and regulations. 8. Respond to and mitigate security incidents under WAF & BOT operations. 9. Contribute to security awareness and training programs.

5 - 7 years of experience in a DevSecOps, Application Security, or DevOps Security role. Strong working knowledge of: Extensive experience in GitHub Enterprise and related security capabilities, specially security tool integrations and automations CI/CD pipeline integration of security tooling. Cloud platforms (AWS, Azure, GCP) and hands-on experience with CSPM solutions. Working experience in Application security tools (SAST, DAST, SCA, IaC) Sound working experience in scripting and programming languages Experience collaborating with software engineers, cloud teams, and SREs in a security capacity. Good understanding of OWASP Top 10, secure coding practices, and DevOps lifecycle. Proficient in scripting (e.g., Python, Bash) and automation (e.g., GitHub Actions, Terraform, Ansible).

Position: Security Test Manager Location: Yerwada Pune Experience: 7-10 yrs Work Mode : Hybrid What will be your responsibility: • Lead and perform advanced application security testing (SAST, DAST, IAST) for web, mobile, and cloud-native applications. • Design security test strategies, perform vulnerability assessments, and report findings with risk prioritization and remediation recommendations. • Collaborate with development, QA, and DevOps teams to integrate security testing into CI/CD workflows. • Conduct threat modelling sessions and define security requirements early in the project lifecycle. • Simulate real-world attacks (ethical hacking, red teaming) and ensure application hardening against OWASP Top 10 and CWE vulnerabilities. • Review code, architecture, and infrastructure for security compliance and weaknesses. • Stay updated on evolving security threats, tools, and best practices. • Mentor junior analysts and contribute to the security knowledge base. What is needed from you: • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related discipline. • 7 to 10 years of experience in security testing, application security, or security engineering. • Proficiency in tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, Metasploit, Kali Linux. • In-depth understanding of threat modelling, risk assessment methodologies, and secure development practices. • Strong knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. • Experience with scripting languages such as Python, Bash, or PowerShell. • Hands-on experience integrating security into DevOps/DevSecOps pipelines (e.g., GitHub Actions, Jenkins, GitLab CI). • Familiarity with cloud platforms (AWS, Azure, GCP) and their security controls. • Certifications like OSCP, CEH, GWAPT, CISSP, or SANS GIAC are highly desirable. What will you get: • Opportunity to work in Product Development and excellent learning opportunities • Healthy work environment, peer to peer collaborative work culture • Individual growth and encouraging opportunities with highly motivated team • Work-Life Balance and utmost effort and environment where you enjoy your work Show more Show less

Implement security-as-code principles and automate security controls in CI/CD pipelines. Conduct secure code reviews and assist developers in adopting secure coding practices. Deploy and manage security tools such as SAST, DAST, SCA, IAST, and container security solutions.

ManekTech is looking for Jr .Net Developer to join our dynamic team and embark on a rewarding career journey Designing and developing software applications using C#, ASP.NET, and other .Net technologies. Collaborating with cross-functional teams to define, design, and ship new features. Debugging and fixing software issues in a timely manner. Writing clean, efficient, and well-documented code. Ensuring software security and data protection. Participating in code reviews and testing to ensure software quality. Staying up-to-date with emerging trends and technologies in .Net development.

ManekTech is looking for Laravel & React JS Professional to join our dynamic team and embark on a rewarding career journey Design and develop scalable and secure web applications using Laravel Write clean, maintainable, and testable code Collaborate with the development team to implement new features and fix bugs Participate in code reviews and contribute to the development of best practices Stay up-to-date with the latest web development technologies and trends Troubleshoot and debug application issues Develop and maintain technical documentation

Happiest Minds Technologies is a Mindful IT Company that focuses on enabling digital transformation for enterprises and technology providers by leveraging disruptive technologies. With a 'Born Digital . Born Agile' approach, we offer digital solutions, infrastructure, product engineering, and security services across various industry sectors. Headquartered in Bangalore, India, Happiest Minds has a global presence in the U.S., UK, Canada, Australia, and the Middle East. Interested professionals can reach out to me ankita.patari@happiestminds.com Experience Details : 7 to 10 Years Location : Bangalore,Pune,Noida,Bhubneswar,Madurai,Coimabatore S kills: Burp suite, Vulnerability Assessment, Static/dynamic testing of mobile applications Job Description: Good written and verbal communication skills Hands on experience in Application security testing: Manual code walkthroughs, using Burp tool, NMap, Radioshark, Checkmarx etc., - Experience in both DAST and SAST - Preparation of detailed testing reports with vulnerabilities with CVSS scoring and remediations - Guiding developers in fixing the vulnerabilities - Knowledge of writing the test cases aligning with OWAP / NIST standards - Knowledge of External PT - Team management - Client management - Tracking and reporting of vulnerabilities - Understanding of Cybersecurity domain Thanks And Regards, Ankita Ghosh

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD : Container Security Engg – Exp –2-5 years Responsibilities: Design, Deploy and Troubleshoot Container Deployments for Security Scanning solution containerized agents using Helm Charts, on Kubernetes Platforms (Open Shift and EKS). Support integration with CI /CD pipelines and automation efforts to ensure that security testing is an integral and painless part of code development. Ensure these tools deliver maximum value for both security and developer stakeholders. Provide training, guidance and JIRA Story Integration with Security Solutions for developers to obtain Remediation Guidance deliver secure code. Provide API analysis and support for the integration of Security Solutions with Risk and Reporting solutions to track, prioritize and drive remediation of code vulnerabilities. Develop and foster effective working relationships within both Security and IT teams to ensure that projects are delivered securely and on-time. Configure and manage OpenSSL for cryptographic operations, including SSL/TLS certificates, key generation, and encryption protocols. Implement and maintain secure communication channels between services using OpenSSL. Design, build, and maintain highly scalable, reliable, and secure AWS cloud infrastructure using Terraform. Write and manage Terraform scripts for the provisioning of AWS resources (e.g., EC2, S3, VPC, RDS, Lambda, etc). Required: Minimum of 2 years of IT experience At least 2+ years of specialization in Container Security. At least 1+ years of application development experience with backend development, Containerized applications At least 1+ Experience with programming languages such as Java, JavaScript, Python At least 1+ Experience working with Container Technologies such as Docker, and Kubernetes Platforms such as OpenShift or EKS or GKE. Experience using or fixing vulnerabilities various container security tools. 1+ years of experience with OpenSSL, managing SSL/TLS certificates and encryption. 1+ years of hands-on experience with Terraform in AWS environments. Preferred: Experience with Container Deployments using Helm Charts and Infrastructure Code preferably Terraform. Experience working with Secure Development Pipelines such as Jenkins or Electric Flow Strong knowledge of relevant Security Standards (OWASP) and how to apply them to the software development lifecycle in a large agile environment. Experience performing security analysis on web applications and APIs. Experience working in an Agile environment. AWS certifications (e.g., AWS Solutions Architect, AWS DevOps Engineer) are a plus. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD : Container Security Engg – Exp –2-5 years Responsibilities: Design, Deploy and Troubleshoot Container Deployments for Security Scanning solution containerized agents using Helm Charts, on Kubernetes Platforms (Open Shift and EKS). Support integration with CI /CD pipelines and automation efforts to ensure that security testing is an integral and painless part of code development. Ensure these tools deliver maximum value for both security and developer stakeholders. Provide training, guidance and JIRA Story Integration with Security Solutions for developers to obtain Remediation Guidance deliver secure code. Provide API analysis and support for the integration of Security Solutions with Risk and Reporting solutions to track, prioritize and drive remediation of code vulnerabilities. Develop and foster effective working relationships within both Security and IT teams to ensure that projects are delivered securely and on-time. Configure and manage OpenSSL for cryptographic operations, including SSL/TLS certificates, key generation, and encryption protocols. Implement and maintain secure communication channels between services using OpenSSL. Design, build, and maintain highly scalable, reliable, and secure AWS cloud infrastructure using Terraform. Write and manage Terraform scripts for the provisioning of AWS resources (e.g., EC2, S3, VPC, RDS, Lambda, etc). Required: Minimum of 2 years of IT experience At least 2+ years of specialization in Container Security. At least 1+ years of application development experience with backend development, Containerized applications At least 1+ Experience with programming languages such as Java, JavaScript, Python At least 1+ Experience working with Container Technologies such as Docker, and Kubernetes Platforms such as OpenShift or EKS or GKE. Experience using or fixing vulnerabilities various container security tools. 1+ years of experience with OpenSSL, managing SSL/TLS certificates and encryption. 1+ years of hands-on experience with Terraform in AWS environments. Preferred: Experience with Container Deployments using Helm Charts and Infrastructure Code preferably Terraform. Experience working with Secure Development Pipelines such as Jenkins or Electric Flow Strong knowledge of relevant Security Standards (OWASP) and how to apply them to the software development lifecycle in a large agile environment. Experience performing security analysis on web applications and APIs. Experience working in an Agile environment. AWS certifications (e.g., AWS Solutions Architect, AWS DevOps Engineer) are a plus. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com , General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Product Security Analyst Location: Pune Position Summary HackerOne is seeking a dynamic individual with a passion for Information Security to join our Technical Services team. As a Security Analyst, you will gain hands-on technical experience and exposure to some of the world s best hackers while delivering high-impact vulnerabilities to the top bug bounty programs in the industry. This role requires excellent communication skills, intellectual curiosity and drive to acquire the technical skills you ll need to ensure every valid bug report is reproducible and provides value to HackerOne customers. What You Will Do Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice Ensure clear and efficient communication between hackers and customers Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact. Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings. Minimum Qualifications Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required) Hands-on experience doing security testing or ethical hacking on web and mobile applications Strong technical knowledge of OWASP top 10 Comfortable using security testing tools including Burpsuite Excellent written and verbal communication skills Experience using frameworks such as CVSS Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm This role is based in our Pune office and you must be able to work 4-5 days a week in office. English fluency Compensation 2.6M - 3.2M Offers Equity # LI-MH1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under COs Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend *Eligibility may differ by country Were committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role At Kyndryl, our Security Consultants are game-changers, constantly pushing the boundaries of what's possible and transforming the way our customers do business. We're looking for a talented individual who thrives in a dynamic environment and is ready to take on the challenge of protecting organizations from threats both known and unknown – being the defender of tomorrow’s digital world. As a Security Consultant, you'll be the guardian of confidentiality, integrity, and availability, ensuring organizations are shielded from the ever-evolving threat landscape. Your expertise will be sought after as you assess, analyze, and implement effective security measures in customer environments, leaving no stone unturned when it comes to safeguarding their most sensitive data. Collaboration will be your forte, as you work closely with clients to understand their unique security requirements and assess their current security posture. Armed with this knowledge, you'll provide expert guidance and recommendations on the best security practices, risk management strategies, and robust security policies that will fortify their defenses. You won't stop at providing advice; you'll roll up your sleeves and get hands-on. Designing and implementing security controls, policies, and procedures will be your playground. You'll work alongside cross-functional teams to deploy state-of-the-art technologies, including firewalls, intrusion detection/prevention systems, access controls, and encryption technologies, ensuring a comprehensive security framework. The thrill of uncovering vulnerabilities and risks is what motivates you. Armed with your extensive knowledge, you'll conduct thorough security assessments, leaving no stone unturned in identifying potential security breaches. Your findings will serve as the foundation for meticulous security audits and reviews, ensuring adherence to policies and procedures. Your reports and findings will be the catalyst for management decisions and actions. In the fast-paced world of cybersecurity, staying ahead of the game is crucial. That's why you'll continuously immerse yourself in the latest security threats, technologies, and best practices. Your recommendations will drive enhancements to the organization's security posture, ensuring it remains at the cutting edge of defense. Your influence won't be limited to systems alone. You'll lend your expertise to the design and review of IT infrastructure, systems, and applications, ensuring they are secure by design from inception. Not only will you make an impact within our organization, but you'll also collaborate with customers and vendors on security assessments, audits, and due diligence activities. Your knowledge and experience will be instrumental in shaping secure collaborations and partnerships. Our consultants are restless for innovation. They are at the edge of technology, changing the way our customers implement business solutions – so, if you’re a problem-solver, an innovative thinker, and a self-starter with a passion high impact assignments which align technology to business outcomes, then we want to hear from you! Apply today to join our team that has a host of exciting projects and customers waiting for you to work with them to solve complex transformation puzzles through technology. Your Future at Kyndryl As a Security Consultant at Kyndryl you will join the Kyndryl Consultant Profession, working with other Kyndryl Consultants, Architects, Project Managers, and cross-functional Technical Subject Matter Experts – presenting unlimited opportunities with unmatched support through our investment in your learning, training, and career growth Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Experience Any Professional level active certification from OEM (F5, Citrix) Hands on experience Citrix Net scalar and F5 Devices Experience on F5 Products (LB and WAF) Good Knowledge and Hands on Static and Dynamic Routing protocol: (BGP, EIGRP, OSPF) and failover concepts. Knowledge and hands on LTM/GTM, GSLB, HA, Cloud XC concepts. Experience on ASM will be preferred. Knowledge of SSL offloading and understanding of OWASP waf. Work from client location in Airoli, Navi Mumbai. 24*7 shift operations Implementing change request w.r.t LB and WAF technology Configure and troubleshoot Load balancer and WAF devices Troubleshooting severity issues Attending client meeting of change discussions. Support in providing RCA. Understanding vulnerability assessment and security hardening process. Minimum 6-8years of experience. Attend and able to participate in architecture discussion. Implement and troubleshoot network and security protocols Understanding of ITIL concepts. Experience in ticket handling through service now.\ The Operations Engineer will offer Level 2 and Level 3 Support that includes operation and change management. Understanding and daily use of Microsoft Office 365 Suite and other productivity tools (e.g., Excel, Word, PowerPoint, SharePoint) to accomplish audit and compliance related tasks). Preferred Technical and Professional Experience Application Centric Infrastructure (ACI) deployment and data center experience Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment ..Interested candidate can share resume to ankita.patari@happiestminds.com Work Location: Belapur, Navi Mumbai Experience: 11-15 Years General Shift who can join with 30 days notice period Skills: Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10,OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Job Description: Project Management - Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Thanks And Regards, Ankita Ghosh ankita.patari@happiestminds.com

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD : Container Security Engg – Exp –2-5 years Responsibilities: Design, Deploy and Troubleshoot Container Deployments for Security Scanning solution containerized agents using Helm Charts, on Kubernetes Platforms (Open Shift and EKS). Support integration with CI /CD pipelines and automation efforts to ensure that security testing is an integral and painless part of code development. Ensure these tools deliver maximum value for both security and developer stakeholders. Provide training, guidance and JIRA Story Integration with Security Solutions for developers to obtain Remediation Guidance deliver secure code. Provide API analysis and support for the integration of Security Solutions with Risk and Reporting solutions to track, prioritize and drive remediation of code vulnerabilities. Develop and foster effective working relationships within both Security and IT teams to ensure that projects are delivered securely and on-time. Configure and manage OpenSSL for cryptographic operations, including SSL/TLS certificates, key generation, and encryption protocols. Implement and maintain secure communication channels between services using OpenSSL. Design, build, and maintain highly scalable, reliable, and secure AWS cloud infrastructure using Terraform. Write and manage Terraform scripts for the provisioning of AWS resources (e.g., EC2, S3, VPC, RDS, Lambda, etc). Required: Minimum of 2 years of IT experience At least 2+ years of specialization in Container Security. At least 1+ years of application development experience with backend development, Containerized applications At least 1+ Experience with programming languages such as Java, JavaScript, Python At least 1+ Experience working with Container Technologies such as Docker, and Kubernetes Platforms such as OpenShift or EKS or GKE. Experience using or fixing vulnerabilities various container security tools. 1+ years of experience with OpenSSL, managing SSL/TLS certificates and encryption. 1+ years of hands-on experience with Terraform in AWS environments. Preferred: Experience with Container Deployments using Helm Charts and Infrastructure Code preferably Terraform. Experience working with Secure Development Pipelines such as Jenkins or Electric Flow Strong knowledge of relevant Security Standards (OWASP) and how to apply them to the software development lifecycle in a large agile environment. Experience performing security analysis on web applications and APIs. Experience working in an Agile environment. AWS certifications (e.g., AWS Solutions Architect, AWS DevOps Engineer) are a plus. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description: We are seeking a highly experienced VP to lead and enhance our cybersecurity audit and assurance programs. The ideal candidate will have extensive experience in conducting and managing penetration testing, red teaming, social engineering assessments, secure code reviews, and full-scale IT and cybersecurity assessments. This leadership role involves overseeing security audits, and strengthening our client’s overall security posture. #Immediate Joiner. Key Responsibilities: Lead cybersecurity audits and assurance programs across IT systems, applications, and infrastructure for our clients. Oversee penetration testing, red teaming, and social engineering assessments, ensuring effective security testing strategies. Manage secure code reviews and application security assessments to identify and remediate vulnerabilities. Collaborate with SOC teams, vulnerability management teams, and security engineers to enhance threat detection and mitigation. Lead security audit and certification efforts, including ISO 27001, SOC 2 attestations, GDPR etc. Ensure compliance with international security frameworks and data protection regulations (ISO 27001, SOC 2, GDPR, CCPA, NIST, HIPAA, etc.). Evaluate third-party security risks and conduct supplier security assessments. Provide executive-level reports on security assurance findings, risks, and mitigation strategies. Ensure compliance with global security standards and frameworks. Mentor and develop a team of cybersecurity auditors, penetration testers, and security analysts. Qualifications and Skills: 18-20 years of experience in cybersecurity audits, security assessments, and assurance programs. Deep expertise in penetration testing, red teaming, social engineering tactics, and secure coding. Strong knowledge of security frameworks such as OWASP, SANS, CIS, NIST 800-53, ISO 27001, SOC 2, and PCI DSS, HIPAA, GDPR. Experience with security testing tools (Burp Suite, Metasploit, Kali Linux, etc.). Ability to engage with executive leadership and present security risks effectively. Certifications preferred: CISSP, CISA, OSCP, CEH, CRTP, or equivalent. Show more Show less

Job Summary: We are looking for an experienced and passionate Senior Software Engineer with deep expertise in VPN protocols, TLS security, and Quantum-Safe Cryptography to join our cybersecurity product team. In this role, you will lead the design, development, and integration of secure communication protocols, ensuring privacy and resilience against evolving cyber threats—including those posed by quantum computing. You’ll contribute to building next-generation secure networking systems for enterprise-grade deployments. Key Responsibilities: • Design, implement, and maintain secure VPN protocols (e.g., IPsec, OpenVPN, WireGuard, SSTP, L2TP,etc.) • Develop and enhance TLS-based secure communication channels • Integrate Quantum-Safe Cryptographic Algorithms like ML-KEM, ML-DSA, and SLH-DSA into secure protocol workflows • Collaborate with cross-functional teams to deliver high-performance and scalable security modules • Optimise performance and reliability of encrypted traffic handling in high-throughput environments • Conduct protocol-level debugging, vulnerability analysis, and patching of identified issues • Ensure compliance with modern cryptographic standards and best practices • Create comprehensive documentation for design, implementation, and testing • Mentor junior engineers and contribute to code reviews and architectural decisions • Work closely with security teams to evaluate threat models and ensure resilience. • Adhere to high-quality work standards • Responsible for maintaining the Confidentiality, Integrity and Availability information assets,including business-critical information. Skills and Experience: • BE/BTech in Computer Science, Cybersecurity, or a related field • 6+ years of hands-on software development experience in Python, C, and C++ • Strong understanding and practical experience with TLS and VPN protocols such as IPsec, OpenVPN,WireGuard, SSTP, L2TP, PPTP, SoftEther • Familiarity with Quantum-Safe Algorithms like ML-KEM, ML-DSA, SLH-DSA is highly preferred • Deep knowledge of cryptographic principles, public key infrastructure (PKI), and secure key exchange mechanisms • Experience working on Linux/Unix systems, including networking stack and kernel modules • Exposure to network security tools and traffic analysis (e.g., Wireshark, tcpdump) • Strong problem-solving, debugging, and optimization skills in secure systems development • Good understanding of secure coding practices, threat modeling, and vulnerability assessments • Familiarity with version control tools like Git, CI/CD pipelines, and Agile development practices • Excellent communication, documentation, and collaboration skills • Passion for building cutting-edge security solutions in a fast-paced environment • Knowledge of firewall technologies, packet filters, DPI (Deep Packet Inspection) or similar networking/security systems is a strong plus • Familiarity with packet capture tools (Wireshark/tcpdump) and network debugging techniques • Good grasp of cybersecurity principles, threat detection, and secure coding practices • Familiarity with Git, CI/CD pipelines, and modern development practices • Strong communication and collaboration skills • Bonus: Knowledge of MITRE ATT&CK, OWASP, or experience in building security-focused products Show more Show less

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Full Stack Engineer - Java Backend & React Overview Responsible for the analysis, design, development and delivery of software solutions Defines requirements for new applications and customizations, adhering to standards, processes and best practices Participate in team prioritization discussions with Product/Business stakeholders Estimate and own delivery tasks (design, dev, test, deployment, configuration, documentation) to meet the business requirements Automate build, operate, and run aspects of software Drive code/design/process trade-off discussions within their team when required Report status and manage risks within their primary application/service Drive integration of services focusing on customer journey and experience Perform demos/acceptance discussions in interacting with Product owners Understands operational and engineering experience, actively works to improve experience and metrics in ownership area Develop complete understanding of end-to-end technical architecture and dependency systems Drive adoption of technology standards and opinionated frameworks, and review coding, test, and automation work of team members Mentor and guide new and less-experienced team members Identify opportunities to improve an overall process and trim waste Share and seek knowledge within their Guild/Program to drive reuse of patterns/libraries/practices and enhance productivity Experiences Overall 6-9 years of career experience in Java / Full Stack Development Expertise on React a must Has ability to write secure code in three or more languages (e.g., C, C+, C#, Java, JavaScript) and familiar with secure coding standards (e.g., OWASP, CWE, SEI CERT) and vulnerability management Understands the basic engineering principles used in building and running mission critical software capabilities (security, customer experience, testing, operability, simplification, service-oriented architecture) Understands internals of operating systems (Windows, Linux) to write interoperable and performant code Able to perform debugging and troubleshooting to analyze core, heap, thread dumps and remove coding errors Understands and implements standard branching (e.g., Gitflow) and peer review practices Has skills in test driven and behavior driven development (TDD and BDD) to build just enough code and collaborate on the desired functionality Understands use cases for advanced design patterns (e.g., service-to-worker, MVC, API gateway, intercepting filter, dependency injection, lazy loading, all from the gang of four) to implement efficient code Understands and implements Application Programming Interface (API) standards and cataloging to drive API/service adoption and commercialization Has skills to author test code with lots of smaller tests followed by few contract tests at service level and fewer journey tests at the integration level (Test Pyramid concept) Apply tools (e.g., Sonar, Zally, Checkmarx ) and techniques to scan and measure code quality and anti-patterns as part of development activity Has skills to collaborate with team and business stakeholders to estimate requirements (e.g., story pointing) and prioritize based on business value Has skills to elaborate and estimate non-functional requirements, including security (e.g., data protection, authentication, authorization), regulatory, and performance (SLAs, throughput, transactions per second) Has skills to orchestrate release workflows and pipelines, and apply standardized pipelines via APIs to achieve CI and CD using industry standard tools (e.g., Jenkins, AWS/Azure pipelines, XL Release, others). Has skills to understand, report, and optimize delivery metrics to continuously improve upon them (e.g., velocity, throughput, lead time, defect leakage, burndown) Has skills to document and drive definition-of-done for requirements to meet both business and operational needs Understands how to build robust tests to minimize defect leakage by performing regression, performance, deployment verification, and release testing Has skills to conduct product demos and co-ordinate with product owners to drive product acceptance signoffs Has skills to Understands customer journeys and ensure a Mastercard good experience by continuously reducing Mean time to mitigate (MTTM) for incidents and ensuring high availability (99.95% as a starting point) Corporate Security Responsibility All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. R-229008 Show more Show less