3171 Owasp Jobs - Page 5

Auriga is looking for a Software Engineer who can develop and deploy APIs and Web applications using Java MVC Frameworks and power a variety of leading-edge digital products. You’ll need to bring creative thinking and architectural problem solving to the table, to devise optimal technical solutions, along with highly performant user experiences. Responsibilities: Work with business users to gather functional requirements Combine your technical expertise and problem-solving passion to turn complex problems into end-to-end solutions Work with client architect/senior developers to do high level/low level design/architecture. Design and implement high-quality, test-driven BE code for various projects Unit Testing/Integration Testing Code Configuration and Release Management. Create and maintain documentation, implement and follow best practices for development workflow. Work collaboratively with team members to ensure deadlines are met. Stay current on changes in technology and keep adding to your skillset. Qualifications: Minimum 3 Years of experience in Web Application and API development in Java 8 and above Working experience with MVC frameworks like Spring, Play, etc. Experience with Multi-threading, Collections, and concurrent API Working experience with web-services and APIs (REST, SOAP) Working experience with data platforms (relational and/or NoSQL) and messaging technologies Excellent OOPs, data structure, and algorithm knowledge Understanding & experience in API management, Swagger Working knowledge of API Testing Tools (e.g. Postman), Version control systems like GIT. Working experience with LINUX/UNIX environment and shell scripts Proficiency in English Strong collaborator and comfortable to work in an agile, remote and distributed team environment Follow secure coding practices and ensure data protection, authentication, and authorization mechanisms are implemented effectively (e.g., OAuth2, JWT). Knowledge of OWASP Top 10 and implementation of security controls in APIs. Nice to have: Experience in one or more front-end development technologies Experience in developing microservices in Spring Boot. Experience writing high-quality code with fully automated unit test coverage (Junit, Mockito, etc.) Experience defining and applying design/coding standards, patterns, and quality metrics depending on the solution Working experience with various CI/CD systems (Jenkins, Docker, Kubernetes) and build tools (ant, maven, gradle, etc.). Working experience creating high performing applications, including profiling and tuning to improve performance Experience with application logging and monitoring using tools like ELK Stack, Prometheus, Grafana, or New Relic Experience in Scrum/Agile Knowledge of public cloud infrastructures (AWS, Azure, GCP) Knowledge of one or more security or integration framework (PING, Octa) Familiarity with services such as S3, Lambda, EC2, IAM, CloudWatch, or RDS is a plus. Understanding of API rate limiting, request throttling, caching strategies (e.g., Redis), and gateway tools like Kong, Apigee, or AWS API Gateway. Ability to take full ownership of assigned modules or projects with minimal supervision. About Company Hi there! We are Auriga IT. We power businesses across the globe through digital experiences, data and insights. From the apps we design to the platforms we engineer, we're driven by an ambition to create world-class digital solutions and make an impact. Our team has been part of building the solutions for the likes of Zomato, Yes Bank, Tata Motors, Amazon, Snapdeal, Ola, Practo, Vodafone, Meesho, Volkswagen, Droom, ICICI and many more. We are a group of people who just could not leave our college-life behind and the inception of Auriga was solely based on a desire to keep working together with friends and enjoying the extended college life. Who Has not Dreamt of Working with Friends for a Lifetime Come Join In! Our Website

We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are seeking an experienced senior security researcher to help grow our team focusing on generating network content and developing new technologies to identify and block network threats. About the role: Develop network signatures that protect our customers against network-based threats and vulnerabilities Collaborate with the engineering and PM teams to develop new detection enhancements Build and improve tools to automate analysis tasks, simulation software and administer the lab environment to replicate attacks. Analyze network protocols to develop and/or update parsers when needed Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Mentor junior members of the team and network attacks About you: A minimum of 10 years of relevant experience is required. A Bachelors degree in Computer Science or equivalent field of study Significant experience with network rule creation like Snort Strong understanding of network protocols and security architectures Highly proficient in any scripting languages such as Python Strong understanding of the attacker landscape and knowledge of MITRE ATT&CK methodologies Experience with software validation/testing Excellent research and analytical skills Strong interpersonal skills and a collaborative work style Proficient in verbal and written communication careers.trellix.com Nice to have Vulnerability analysis experience Development experience to help build/maintain automated tools.

Skills SIEM tools (Splunk), SentinalOne, CASB tool (NetSkope), DLP OWASP, CWE, SANS, NISTGoogle, Microsoft, AWS scripting languages like Python, PowerShell security certifications (Security+, CEH, ECIH, GCIH Wireshark and packet sniffing tools (Java, Shell, JavaScript, Python threat analysis python cloud security software siem tools information security event log analysis adaptability siem planning scripting securitypeople management skill system java team work gcp leadership splunk logging aws programming communication skills architecture Education BE/B.Tech/MCA/M.Sc./M.Tech in Computer Science or related discipline Year of Experience: Minimum7 to 10 years of experience in the security domain with exposure to Security Products About the Team & Role: Position Overview: We are seeking a highly experienced and proactive Information Security Manager to lead our security initiatives. This role requires deep expertise in threat analysis, SIEM tools (Splunk, SentinelOne), and major security frameworks (OWASP, NIST). The ideal candidate will be responsible for identifying and mitigating technical risks, enhancing security tools, preparing intelligence reports, and providing technical leadership to a team. Candidates should have a minimum of 10 years in the security domain, strong experience with cloud security (Google, Microsoft, AWS), scripting (Python, PowerShell), and security event log analysis. Excellent communication and problem-solving skills are essential. Preferred qualifications include SIEM and vulnerability management experience, relevant security certifications (Security+, CEH, GCIH), and a Bachelor's degree in a related field. What will you get to do here? Initial point of contact for client requirements and operational escalation Proactively identify technical and architectural risks, and work effectively to mitigate them Research, plan, and implement new tool features to make security tools more effective and add value Prepare and present Security Intelligence Reports Provide technical direction to Associates and Analysts within the team Assist in investigations of high-level, complex violations of information security policies Report security performance against established security metrics Provide deep subject matter expertise in architecture, policy, and operational processes for threat analysis and client escalation Provide guidance and support to 3rd-level technical support, including architecture review, rules and policy review/tuning Establish and communicate extent of threats, business impacts, and advise on containment and remediation Collaborate with other BUs on security gaps and educate teams on cybersecurity importance Manage platforms and vendors What qualities are we looking for? Minimum 10 years of experience in the security domain with exposure to Security Products Experience with methodologies and tools for threat analysis of complex systems, such as threat modeling SME knowledge of SIEM tools (Splunk), SentinalOne, CASB tool (NetSkope), DLP, etc. Understanding of major security frameworks (OWASP, CWE, SANS, NIST, etc.) SME-level knowledge of the current threat landscape Experience securing applications deployed on cloud platforms (Google, Microsoft, AWS) Knowledge and experience with scripting languages like Python, PowerShell Experience with security operations program development Proficiency with security event log analysis and various event logging systems Excellent verbal and written communication skills Ability to learn and retain new skills in a changing technical environment Willingness to learn new technology platforms SIEM experience and Vulnerability Management Recognized network and security certifications (Security+, CEH, ECIH, GCIH, etc.) Experience with Wireshark and packet sniffing tools Python development experience Bachelor's degree in Computer Science, Engineering, or a related field Strong proficiency in programming languages (Java, Shell, JavaScript, Python) Excellent problem-solving skills and attention to detail Strong communication and teamwork abilities Expertise with privacy software

Job Title: Lead Quality Analyst (QA Lead) Location: Noida Experience: 8-12 years Type: Full-Time About the Role: We are looking for a proactive and experienced Lead Quality Analyst (QA Lead) to drive our quality assurance strategy, manage a team of QA engineers, and ensure high-quality releases across web, mobile, and API-based products. As the QA Lead, you will lead the test planning, execution, and automation initiatives to deliver scalable, robust, and error-free software. Key Responsibilities: Define and own the overall test strategy , test plans , and quality processes . Lead a team of QA engineers, mentoring them on best practices in testing, automation, and bug triaging. Oversee functional, regression, integration, performance, and security testing efforts. Design and maintain test automation frameworks (Selenium, Cypress, Playwright, etc.). Plan and execute API testing using Postman, Rest Assured, or similar tools. Collaborate with developers, DevOps, product managers, and business stakeholders in an Agile/Scrum environment. Ensure quality metrics are defined, tracked, and reported to leadership. Review requirements, specifications, and technical design documents to ensure test coverage. Manage bug triage, prioritization, and release sign-off responsibilities. Lead initiatives to improve QA efficiency, CI/CD pipeline integration, and shift-left practices. Required Skills and Qualifications: 8+ years of hands-on QA experience, including at least 2+ years in a QA leadership or team management role . Strong command over manual and automated testing techniques. Experience in setting up and maintaining test automation frameworks using Selenium, Cypress, Playwright, or similar tools . Proven experience in API testing and tools like Postman, Rest Assured, SoapUI. Familiarity with CI/CD pipelines , Git, and tools like Jenkins, GitHub Actions. Experience with test case management tools like TestRail, Zephyr, or Xray. Excellent communication, leadership, and analytical skills. Strong understanding of Agile processes and quality gates in SDLC. Nice to Have: Experience with performance testing tools like JMeter, Gatling, or k6. Familiarity with mobile app testing using Appium or BrowserStack. Exposure to cloud-based test environments (AWS, Azure). Knowledge of security testing and OWASP Top 10. Understanding of BDD frameworks like Cucumber or SpecFlow. Educational Qualifications: Bachelor’s degree in Computer Science & Engineering, or related field (B.E., B.Tech, B.Sc-CS, BCA etc.) is required. Master’s degree (optional but preferred) in Computer Science & Engineering, or related domain (M.Tech, M.Sc, MCA) Certifications like ISTQB Advanced , CSTE , or Certified Agile Tester are a plus .

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Software Engineer Who is Mastercard Mastercard is a global technology company in the payments industry. We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview The Transfer Solutions team was created to establish Mastercard as the frontrunner in the fast-evolving real-time payments space, and to position MasterCard to be able to incubate the development of new payment flows. The team is responsible for designing, building, and operating the technology that powers Mastercard’s next generation payment applications – Domestic, Cross Border and Bill Payments. Mastercard seeks to define a world beyond cash. To accelerate this mission, we are committed to building & scaling products & applications that transform payments of any type. Real time payment technology is central to this strategy. Do you like to be part of a team that creates and executes strategic initiatives centered around digital payments? Do you look forward to developing and engaging with high performant diverse teams around the globe? Would you like to be part of a highly visible, strategically important global engineering organization? The Role What’s it all about and what we expect you to do day to day Own complex problems having dependency across services and facilitate cross-functional team interactions to drive resolution Write code to build and enhance applications/services and promote code-reviews, code scanning, and other standard development practices to deliver high-quality artifacts to production. Define, design, and develop procedures and solutions at a service level to meet the business requirements/enhancements Participate and contribute to team’s agile process and decisions. Understand and contribute to Prioritization. Drive prioritization decisions and trade-offs in working with product partners Identify opportunities and build backlogs to enhance primary service/function Automate and simplify all aspects of software delivery and development actively evangelizing the need to automate and simplify where needed. Lead by example with hands-on approaches to demonstrate engineering excellence. Able to troubleshoot and refactor existing code for exceptional code quality. Drive seamless integration across all connected services to meet end-user expectations Drive blameless postmortems culture to identify root causes of incidents and implement learnings Introduce new technologies and architecture by following enterprise guidelines Advocate for engineering principles outside of current organization/platform Provide development and architecture guidance to team members Build relationships and effective partnerships across organizations Write and evaluate recommendations for job promotions based on an unbiased view of one's accomplishments Conduct technical interviews for hiring engineering staff and raising the performance bar Experience working in cross-functional and large projects with globally dispersed development resources All About You And What You Need To Bring Able to write secure code in three or more languages (e.g., Java, .NET, JavaScript, SQL) Familiar with secure coding standards (e.g., OWASP, CWE, SEI CERT) and vulnerability management Infrastructure as code and cloud first software development knowledge experience preferred. Understands and implements standard branching (e.g., Gitflow) and peer review practices. Move the team towards trunk based development Apply tools (e.g., Sonar, Zally, Checkmarx ) and techniques to scan and measure code quality and anti-patterns as part of development activity Has skills in test driven and behavior driven development (TDD and BDD) to build just enough code and collaborate on the desired functionality. Ability to keep the full testing pyramid healthy - Has skills to author test code with lots of smaller tests followed by few contract tests at service level and fewer journey tests at the integration level Understands the use of basic design patterns (e.g., factory, adaptor, singleton, composite, observer, strategy, inversion of control) Understands use cases for advanced design patterns (e.g., service-to-worker, MVC, API gateway, intercepting filter, dependency injection, lazy loading, all from the gang of four) to implement efficient code Understands and implements Application Programming Interface (API) standards and cataloging to drive API/service adoption and commercialization and effort estimation Experienced in agile and modern SDLC practices (Scrum/Kanban/Continuous Delivery/DevOps/Quality engineering) and the delivery situations they are used for Has skills to elaborate and estimate non-functional requirements, including security (e.g., data protection, authentication, authorization), regulatory, and performance (SLAs, throughput, transactions per second) Has skills to orchestrate release workflows and pipelines, and apply standardized pipelines via APIs to achieve CI and CD using industry standard tools (e.g., Jenkins, AWS/Azure pipelines, XL Release, others). Familiar with different application patterns to implement different types of business processes (e.g., APIs, event-driven-services, batch-services, web-applications, big data) Experience in Continuous Integration (CI) and Delivery (CD) concepts, and capabilities to support automation, pipelines, virtualization, and containerization Has ability to write code (in languages such as Java, Python, Ruby, Bash, Perl, Groovy) to build automation tasks that are repeatable and efficient Able to perform debugging and troubleshooting to analyze core, heap, thread dumps and remove coding errors Has skills to conduct product demos and co-ordinate with product owners to drive product acceptance signoffs Has skills to Understands customer journeys and ensure a Mastercard good experience by continuously reducing Mean time to mitigate (MTTM) for incidents and ensuring high availability (99.95% as a starting point) Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Software Engineer Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview The Real Time Payments (RTP) Program at Mastercard is an integral part of the Core Network. RTP is designed to facilitate instantaneous money transfers, enabling individuals, businesses, and governments to send and receive funds in real time. By integrating advanced technology, RTP aims to power an inclusive, digital economy, thereby unlocking priceless possibilities for everyone, everywhere. We are looking for a passionate and innovative individual with proven experience in delivering technology and helping teams achieve success Role Actively participate in team prioritization discussions with Product and Business stakeholders to align engineering efforts with business goals. Take full ownership of delivery tasks, including design, development, testing, deployment, configuration, and documentation, to ensure business requirements are met with high quality. Drive the automation of build, operation, and runtime processes to improve efficiency, scalability, and reliability. Lead code, design, and process trade-off discussions within the team, balancing technical quality with business priorities. Proactively report progress, identify risks, and implement solutions to ensure seamless delivery of applications and services. Oversee the integration of services with a strong focus on delivering exceptional customer journeys and seamless user experiences. Present demos and participate in acceptance discussions with Product Owners to align on functionality and quality expectations. Continuously improve operational and engineering metrics in your area of ownership, enhancing performance, availability, and user satisfaction. Develop a comprehensive understanding of end-to-end technical architecture and related dependency systems to guide sound engineering decisions. Drive the adoption of technology standards, best practices, and opinionated frameworks while reviewing team members' coding, testing, and automation efforts. Mentor junior and less-experienced team members, fostering growth and building a culture of knowledge sharing and collaboration. Identify inefficiencies and opportunities to improve processes, reduce waste, and enhance productivity across the team. Actively contribute to knowledge sharing within your Guild/Program, promoting the reuse of patterns, libraries, and best practices to boost overall team productivity. All About You 6+ Years of Experience Extensive experience as a Front-End Software Engineer or Software Developer in a fast-paced, collaborative environment. Proficient in front-end technologies, including HTML, CSS, JavaScript, React (JEST and others), and TypeScript. Familiarity with Figma Skilled in secure coding practices and experienced with JavaScript and Node.js. Knowledgeable in design patterns, modular JavaScript codebases, and responsive design. Familiar with secure coding standards (e.g., OWASP) and vulnerability management. Comfortable working in containerized environments (Docker, Kubernetes) and implementing CI/CD pipelines. Adept in debugging, troubleshooting, and analyzing technical issues. Understanding of API standards, service-oriented architecture, and modern engineering principles. Experienced in test-driven development (TDD) and behavior-driven development (BDD). Strong ability to estimate and prioritize requirements, both functional and non-functional. Focused on continuously improving delivery metrics and ensuring high availability for systems. Excellent verbal and written communication skills, with the ability to articulate complex ideas clearly and concisely to both technical and non-technical stakeholders. Strong analytical and problem-solving abilities, with a focus on improving processes to accelerate delivery, foster innovation, reduce costs, and improve quality. Additional experience in building server-side applications with Java, Spring, Spring Boot, Rabbit MQ etc. and managing relational databases like Oracle would be added advantage. Bachelor’s degree in Computer Science, Engineering, or a related field. Equivalent practical experience will be considered. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Software Engineer-2-2 Who is Mastercard? Mastercard is a global technology company in the payments industry. We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview The Transfer Solutions team was created to establish Mastercard as the frontrunner in the fast-evolving real-time payments space, and to position Mastercard to be able to incubate the development of new payment flows. The team is responsible for designing, building, and operating the technology that powers Mastercard’s next generation payment applications – Domestic, Cross Border and Bill Payments. The Role What’s it all about and what we expect you to do day to day? Technology leader who is hands-on & and can lead a team of engineers. Expected to spend 70% of time coding/on code related activities, and 30% coaching engineers on the team. This person is recognized as a team’s authority and technical expert who drives innovation and organizational growth through their contributions. They get their adrenaline rush by coding away in IDEs. They spend majority of their time in writing non-feature code. They are hands all the time and collaborate by writing interfaces, tests (unit or acceptance) and architecture fitness functions, outside of meeting rooms. Tools like JDepend, ArchUnit, ADRs and NetArchTest make them feel at home. Domain driven design in their game. They code to enforce the contextual mappings and aggregates for each bounded context. They drive implementation of consumer driven contracts to allow for evolution and learning of the domain model with hyper speed while meeting our promises to other teams internally and customers alike. They are polyglot engineering gurus. they bring cutting edge engineering practices to life in multiple evolving frameworks – Feature flags, fitness functions and whatever is required to reduce the cost and increase the lifecycle value of next feature delivered by engineering teams. They love declarative paradigm and functional programming. No one can stop them from paying off technical debt and refactoring the code for better SDLC, performance and availability. Work on complex enterprise-wide initiatives spanning multiple services/programs and drives resolution Work with business/product owners to architect and deliver on new services to introduce new products and bundles Participate and contribute to team’s agile process and decisions. Understand and contribute to Prioritization. Drive prioritization decisions and trade-offs in working with product partners Drive the architectural design, including dependent services, service interactions, and policies Contribute and lead Guild initiatives by engaging and mentoring Engineers at all levels to improve the craftsmanship of Software Engineering Simplify and improve the cost/benefit of a function/service/architecture strategy Apply judgment and experience to balance trade-offs between competing interests Venture beyond comfort zone to take on assignments across different areas of Software Engineering Take on organization-wide and public speaking engagements and publishes white papers and blogs on relevant and emerging technical topics Consult across teams and across organization lines to identify synergies and reuse opportunities Participate and contribute to Principal review architecture meetings and drive resolutions to enterprise-wide challenges and regulatory needs Write recommendations for job promotions based on an unbiased view of one's accomplishments Conduct technical interviews for hiring engineering staff and raising the performance bar All About You And What You Need To Bring Expert in building highly resilient & scalable distributed systems. Has deep exposure to various database, messaging & caching technologies. Progressively grown career with proven design and development experiences in multiple languages (e.g., Java, .NET, JavaScript, SQL), secure coding standards (e.g., OWASP, CWE, SEI CERT), and vulnerability management. Has an expert understanding and experience of DevOps best practices to guide developers and abstract application development from underlying hosting platforms and infrastructure. Infrastructure as code and cloud first software development knowledge experience preferred. Experienced in the skills required to implement advanced test set ups in production environment (e.g., A/B testing, canary releases, blue-green deployment, feature flags) Experience in Continuous Integration (CI) and Delivery (CD) concepts, and capabilities to support automation, pipelines, virtualization, and containerization Understands internals of operating systems (Windows, Linux, Mainframe) to write interoperable and performant code. Has skills to develop and evangelize on reference architecture and run principles to help teams adopt Engineering Principles from the start (poison pill, active/active/active, auto-scaling, self-healing, others) Understands use cases for advanced design patterns (e.g., service-to-worker, MVC, API gateway, intercepting filter, dependency injection, lazy loading, all from gang of four) to implement efficient code Understands and implements Application Programming Interface (API) standards and cataloging to drive API/service adoption and commercialization Has skills to engage engineers across Technology organization to promote standard software patterns and reuse of common libraries and services Has experience in leading and coaching teams to perform software planning and estimation for large scale complex programs Has skills to drive trade-off discussions to set right development capacity based on value drivers (e.g., regulatory, security, new business, market parity, technical debt) Has experience in design and execution of automation across multiple business areas and provides guidance on best methods and tools. Performance engineering experience to ensure applications are built to scale, run, and perform for varying demands Has skills to perform architecture and cost analysis for internal, hybrid, and public cloud environments Has skills to succinctly articulate architecture patterns of complex systems, with business and technical implications, to executive and customer stakeholders Has skills to define and drive advanced chaos and other operational testing practices to test points of failures, monitors, and system behaviors under adverse conditions (e.g., resource spikes, network congestion, component or infrastructure failure) Experienced in agile and modern SDLC practices (Scrum/Kanban/Continuous Delivery/DevOps/Quality engineering) and the delivery situations they are used for. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

We are seeking an experienced and detail-oriented Penetration Tester to assess the security posture of web and mobile applications. The ideal candidate will have a strong background in ethical hacking, vulnerability assessment, and hands-on experience identifying and exploiting application-level security flaws. Key Responsibilities: Perform penetration testing of web and mobile applications to identify vulnerabilities and security weaknesses. Conduct threat modeling and risk analysis for new and existing applications. Simulate real-world cyberattacks and document exploit paths. Prepare detailed technical reports, proof of concepts, and risk assessments. Work closely with development and infrastructure teams to provide remediation guidance. Ensure compliance with industry standards such as OWASP Top 10 , CWE/SANS , and relevant data privacy regulations. Conduct security assessments using both manual techniques and automated tools. Stay up-to-date with the latest security threats, trends, and technologies. Requirements: Minimum 4 years of experience in penetration testing or ethical hacking. Solid experience testing web and mobile applications (Android/iOS). Proficiency with tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Nikto, MobSF , etc. Deep understanding of web technologies (HTTP/HTTPS, APIs, authentication mechanisms). Familiarity with OWASP Top 10 , Mobile Top 10 , CVSS scoring, and common exploit techniques. Experience with manual testing techniques to complement automated tools. Strong knowledge of common mobile platforms and application architectures. Scripting skills (Python, Bash, or similar) to aid in custom testing scenarios. Excellent documentation, reporting, and communication skills.

Experience required: Experience in performing various security assessments Experience in providing meaningful hardening and mitigation strategies. Expertise in Conducting network and web-based application penetration tests Expertise in Conducting physical security assessments Expertise in Conducting logical security audits and hands-on technical security evaluations and implementations Expertise in Conducting subject matter expertise of focused capabilities in the topics of database security, wireless security, or application and development security Expertise in Conducting wireless security assessments Expertise in Conducting social engineering assessments Expertise in Conducting mobile application assessments Experience with pen testing tools, and network and application security scanners Familiarity with OWASP Top Ten Security Standard and any other similar standards Knowledge in Linux & Windows Network platform Should be certified in CEH or any recognized cyber security certifications Willing to travel to client onsite locations Remuneration will be best as per Industry standard. Experience : 3 to 6 years, minimum of 3years is a must for this position Qualifications : B.Sc, B.Tech, Mtech or MCA or Msc-IT.( Branch CS / IT/ Cyber Security/ Cyber forensics) Candidate who has work experience in one or more areas mentioned above can also apply. This position is open exclusively to experienced professionals in penetration testing only. Job Type: Full-time Pay: ₹800,000.00 - ₹1,200,000.00 per year Experience: penetration testing: 3 years (Required) Work Location: Hybrid remote in Thiruvananthapuram, Kerala

Tesco India • Bengaluru, Karnataka, India • Hybrid • Full-Time • Permanent • Apply by 21-Aug-2025 About the role Whilst specific responsibilities will be dependent upon the changing needs of the Tesco business, the following provides an overview of the role’s key responsibilities and measures: Build Responsive UI screens according to the requirements/mockups defined by the Product Managers Integration of user-facing elements with server-side logic / REST API’s Ability to independently design and execute the layout of the website and individual screens. Ensure that the website is optimized for various form factors / devices. Participate in Peer Code reviews and contribute to the overall aim of a clean code. Integrate analytics for every critical user paths and constantly evaluate the end-user engagement. Take a defined problem and come up with the design / implementation with minimal guidance Have good domain knowledge and deliver with more autonomy Continuously Learn and apply technologies, techniques and methodologies that add value to the team and the overall portfolio. Fully participate in retrospectives and other team ceremonies The role expects high standard of engineering excellence with practical experience in building and maintaining internet-scale applications and services. Nurture highly effective relationships with internal business partners such as product management, technical teams, systems operations, and service and support. Comfortable working in an Agile environment Acquiring a level of design and business understanding to not compromise on business goals and design intents Willingness and ability to take up and respond to production incidents at priority and support it based on the need which will have appropriate incentives. Required Technical Skills In depth knowledge of Javascript, css, html Deep expertise in building single page applications using JavaScript frameworks especially with React JS / RsPack . Knowledge of Micro Frontend architecture is a plus. Familiarity with TypeScript and its integration with React. Versatile with various state management techniques especially Redux . Design and implementation of low-latency, high-availability, and performant applications Experience with cross-browser, cross-platform and design constraints on the web. Experience with test automation: TDD, unit/e2e/integration/functional testing using the frameworks like ViTest / Playwright . Solid understanding of object-oriented design and programming concepts. Have a passion for quality and writing clean, solid, readable code that scales and performs well. Proficient in Git and familiarity with continuous integration. Implementation of security and data protection with basic understanding of the top 10 OWASP security vulnerabilities in web development Exceptional debugging ability and good understanding of the developer tools like Postman, Fiddler, Browser Developer Tools. Experience with front-end monitoring tools like New Relic Experience in tracking end user journeys with User Analytics tooling like Google Analytics or Adobe analytics Behavioral Elements Flexibility, ability to plan and organise, responsiveness, creativity, self-starter Able to build solid working relationships with peers and work across teams What is in it for you At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles -simple, fair, competitive, and sustainable. Salary - Your fixed pay is the guaranteed pay as per your contract of employment. Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the company’s policy. Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Physical Wellbeing - Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. You will be responsible for In depth knowledge of Javascript, css, html Deep expertise in building single page applications using JavaScript frameworks especially with React JS / RsPack . Knowledge of Micro Frontend architecture is a plus. Familiarity with TypeScript and its integration with React. Versatile with various state management techniques especially Redux . Design and implementation of low-latency, high-availability, and performant applications Experience with cross-browser, cross-platform and design constraints on the web. Experience with test automation: TDD, unit/e2e/integration/functional testing using the frameworks like ViTest / Playwright . Solid understanding of object-oriented design and programming concepts. Have a passion for quality and writing clean, solid, readable code that scales and performs well. Proficient in Git and familiarity with continuous integration. Implementation of security and data protection with basic understanding of the top 10 OWASP security vulnerabilities in web development Exceptional debugging ability and good understanding of the developer tools like Postman, Fiddler, Browser Developer Tools. Experience with front-end monitoring tools like New Relic Experience in tracking end user journeys with User Analytics tooling like Google Analytics or Adobe analytics You will need Refer about the role About us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations – from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built.

You are a highly skilled and experienced Lead Software Engineer who will be joining the dynamic PowerSchool International team. Your primary responsibility will be to lead the R&D efforts for PowerSchool's portfolio of products across various countries worldwide. You will focus on building framework components for Internationalization using Java and React JavaScript technologies. As part of the SchoolMessenger organization, you will collaborate with an Agile team of developers. SchoolMessenger products are essential for thousands of schools to achieve their communication objectives, ranging from notifications, websites, digital forms, attendance management, two-way chat messaging, and more, in multiple languages and on any device. Under the guidance of the Manager, Software Engineering, you will provide technical and development support for the award-winning K-12 software. Your role involves implementing, coding, testing new features, maintaining existing features, and developing reports with components, data models, customization, and reporting features. You will also gather requirements, refine designs, implement solutions, test, and document to ensure high-quality products and customer satisfaction. **Responsibilities:** - Lead software development projects from inception to delivery - Code, mentor, and coach team members for skill development - Enhance team efficiency and effectiveness towards long-term goals - Participate in team member hiring - Analyze and improve web application performance - Upgrade 3rd party libraries and tools - Implement new software features following best practices - Specialize in client and server-side web application development - Develop software to support internal initiatives and tools - Work as part of an Agile SCRUM team - Work within a wide range of code and technologies - Perform other assigned duties **Qualifications:** - 8+ years of experience in a software engineer role - 0-2 years of prior team leadership experience - Bachelor's degree in Computer Science or Information Technologies or equivalent experience - Proficiency in HTML, CSS, JavaScript, jQuery - Recent experience in React JavaScript, TypeScript, Java, and Spring - Advanced knowledge of web client technologies - Proficient in MySQL databases, DynamoDB, database design, and query optimization - Experience with cloud platforms, particularly AWS; Azure - Strong knowledge of essential build tools and OWASP threats - Excellent written and verbal communication skills - Ability to work with software design principles and handle a heavy workload - Strong ability to work in a changing, dynamic environment - Mentorship and coaching abilities As an equal opportunity employer, PowerSchool is committed to providing a diverse and inclusive work environment.,

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. Inspired by innovation, powered by people. Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

Dear Candidate, Greetings from LTIMindtree! We have an urgent requirement for a Dot Net Developer with 3 to 5 years of experience to join our team at Vadodara. As a Dot Net Developer, you will be responsible for full stack software development in .NET technologies like MVC using C#. This includes developing new applications as per business requirements and supporting existing applications developed in dot net. The key responsibilities of this role include: - Strong knowledge in SQL Server Database design including Tables, views, Stored Procedures, Functions, triggers, etc. - Implementation of Software Development Lifecycle & Application Security such as OWASP - Utilizing Version Control tools like TFS, GitHub - Collaborating with internal teams to produce software design and architecture - Writing clean, scalable code using .NET programming languages - Testing and deploying applications and systems - Revising, updating, refactoring, and debugging code - Improving existing software and developing documentation throughout the software development life cycle (SDLC) This is an on-site requirement with deputation at L&T Knowledge City, Vadodara. If you meet the requirements and are interested in this opportunity, please share your updated profile to archana.anand1@ltimindtree.com. Additionally, feel free to forward this opportunity to your friends and colleagues who might be interested in this position. We look forward to potentially welcoming you to our team at LTIMindtree. Regards, Talent Acquisition,

Job Responsibilities Building Android Apps and Tools to assist in Red Teaming. Delivering Capacity Building services at Client Site. Perform and report Application Audits, Vulnerability Assessments / Penetration Testing for IT infrastructure including network devices, operating systems, Databases, applications, etc. Analyze and report security breaches and other cybersecurity incidents. Developing PoCs for past vulnerabilities or find new vulnerabilities whenever necessary. Stay current on IT security trends and technologies. Research security enhancements recommendations to management. Technical Skillsets (Mandatory) Strong fundamentals of OS, Network and Programming Concepts. Good command of at least one Mobile related programming language like Java, Kotlin, etc. Mobile Application Architecture. Mobile Security and OWASP Mobile Top 10. Exposure to network security controls. Solid understanding of Linux and Android Platform Vulnerability Assessment and Penetration Testing Tools. Virtualization concepts and tools. Configuration and internal working of Network protocols and services like DNS, DHCP, HTTP, HTTPS, NFS, SMB, FTP, SSH, SFTP, ARP, ICMP, NTP, SSL, TLS, etc. Technical Skillsets (Preferred) Cryptography and PKI Concepts TCP/IP and OSI Layer Concepts. Fundamentals of DevOps. Hands-on experience with Network Security tools like Firewall, Intrusion Detection Systems and Intrusion Prevention Systems. Malware Analysis and Reverse Engineering. Experience 1 2 years experience in information security or related field in Android Development. (ref:hirist.tech)

As an Application Security professional, you will play a crucial role in safeguarding the solutions by analyzing their design and identifying potential security threats. Your expertise in threat modeling methodologies such as STRIDE and DREAD will enable you to recommend appropriate mitigations for the identified threats. Furthermore, you will be responsible for providing Secure Software Development Lifecycle (SDL) Training, where you will communicate security concepts effectively to developers and deliver engaging training sessions. Your proficiency in manual code review techniques and familiarity with automated code analysis tools like SAST and SCA will be essential in identifying vulnerabilities and interpreting code review results. In addition, your hands-on experience with security testing tools like Burp Suite and knowledge of security testing methodologies will help you identify and exploit common web application vulnerabilities. You will also be involved in vulnerability scanning and analysis using tools such as Nessus and Qualys, where your ability to analyze scan results, filter out false positives, and prioritize remediation actions will be critical. Your technology-specific knowledge of Microsoft .NET technologies, Identity protocols like OpenID Connect and OAuth 2.0, and cloud technologies, particularly Microsoft Azure, will be beneficial in addressing security implications. A deep understanding of web security fundamentals, including HTTP, HTML, JavaScript, and databases, along with knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and web security mitigations and best practices, will be required in this role. Additionally, your basic penetration testing skills, understanding of penetration testing methodologies and tools, and ability to report findings and recommend remediation actions will be valuable assets. To excel in this role, you should stay up-to-date with the latest security trends, vulnerabilities, and mitigation strategies. Active participation in the security community to maintain current knowledge will be essential to ensure the security posture of applications remains robust. Your skills in threat modeling, penetration testing, code review, Burp Suite, OWASP, and Nessus will be instrumental in fulfilling the responsibilities of this role effectively.,

Job Description: As an Azure Developer, you will be responsible for designing, developing, and implementing technical solutions within Microsoft Azure environments using .NET and other programming languages. You will collaborate with business analysts and senior team members to define system requirements and present solutions and recommendations. Your technical expertise will be crucial in working with Azure Logic Apps, Azure Service Bus, Azure Web/API Apps, Azure Functions, and Azure SQL Database/Cosmos DB. Additionally, you should have a good understanding of the .NET stack, including REST APIs, Web Applications, and distributed systems. Knowledge of security best practices such as OWASP, SQL querying, and familiarity with NoSQL data stores will be beneficial. Strong written and oral communication skills in English are essential for this role. This is a full-time, permanent position with benefits including health insurance, life insurance, and Provident Fund. The work schedule is during the day with additional perks such as a joining bonus, performance bonus, shift allowance, and yearly bonus. The work location is in person at Kalyani Nagar, Pune. (Note: Job Types, Benefits, Schedule, and Work Location information have been included as per the provided Job Description),

As a Senior Python Developer, you will be leading Python development teams on enterprise-grade projects. Your responsibilities will include owning and driving architectural decisions and ensuring code quality. You will conduct design and code reviews to guarantee adherence to best practices. In terms of backend development, you will be tasked with building and maintaining robust, scalable backend services using Python frameworks such as Django, FastAPI, and Flask. Your role will involve designing APIs, background workers, and data pipelines. A crucial aspect of your position will be team mentoring. You will mentor and guide junior and mid-level developers, providing them with training, performance feedback, and career guidance. Regarding DevOps and Deployment, you will collaborate with DevOps to define CI/CD pipelines and deployment strategies. Additionally, you will work on containerization using Docker and orchestration with Kubernetes. In your interactions with clients and stakeholders, you will be expected to translate business requirements into technical solutions. You will also participate in client calls for requirement gathering, demos, and feedback sessions. To excel in this role, you should have at least 7 years of Python development experience. You must demonstrate a strong command over frameworks like Django, FastAPI, and Flask, as well as proven experience in API development and integration (REST, GraphQL). Experience with relational (PostgreSQL, MySQL) and NoSQL (MongoDB, Redis) databases is essential. A solid understanding of system architecture, design patterns, and scalability is required, along with familiarity with asynchronous programming (e.g., Celery, asyncio) and tools like Docker, Git, and CI/CD pipelines. Exposure to cloud platforms (AWS/GCP/Azure) and knowledge of security best practices (OWASP, data protection) are also expected. Preferred skills for this role include experience with AI/ML pipelines, data engineering, or microservices, as well as prior experience in leading Agile/Scrum teams. Familiarity with front-end technologies (React/Angular) is a plus, along with contributions to open-source projects or technical blogs. Soft skills that will benefit you in this position include strong problem-solving and decision-making abilities, excellent communication and stakeholder management skills, and the ability to multitask and manage priorities in a fast-paced environment. A team-oriented approach with a proactive and collaborative mindset is highly valued.,

At EY, you will have the opportunity to shape a career that reflects your unique identity, supported by a global network, inclusive environment, and cutting-edge technology to empower you to reach your full potential. Your individual voice and perspective are key in contributing to EY's continuous improvement. By joining us, you will create a rewarding experience for yourself while playing a role in fostering a more productive working world for everyone. As a Container Security Engineer with 1-2 years of experience, your responsibilities will include designing, deploying, and troubleshooting container deployments for security scanning solutions utilizing Helm Charts on Kubernetes Platforms such as Open Shift and EKS. You will collaborate on integrating with CI/CD pipelines and automating processes to ensure seamless security testing within the code development lifecycle. Your role will involve designing security architectures and controls to protect container orchestration platforms, ensuring value delivery for both security and development teams. Additionally, you will be responsible for enforcing network policies to secure Kubernetes namespaces and pods, as well as providing API analysis and support for integrating Security Solutions with Risk and Reporting solutions to address and prioritize code vulnerabilities effectively. To excel in this role, you should possess a minimum of 1-2 years of IT experience, with at least 1 year specializing in Container Security. Proficiency in Container Technologies like Docker and Kubernetes Platforms such as OpenShift, EKS, or GKE is required. Preferred qualifications include experience in Container Deployments using Helm Charts and Infrastructure Code, particularly with Terraform, as well as familiarity with Secure Development Pipelines like Jenkins or Electric Flow. A strong understanding of relevant Security Standards (OWASP) and their application in the software development lifecycle within an agile environment is essential. Your expertise in conducting security analysis on web applications and APIs, along with knowledge of tools like Sysdig, will be beneficial in this role. EY is dedicated to building a better working world by creating sustainable value for clients, individuals, and communities while fostering trust in the global capital markets. Through the utilization of data and technology, diverse EY teams across 150 countries deliver assurance and support clients in growth, transformation, and operations. With a focus on assurance, consulting, law, strategy, tax, and transactions, EY teams strive to address complex challenges by asking innovative questions and providing new solutions to current global issues.,

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,

A Multi-Player Gaming Company - Head Digital Works is the pioneer & one of India's largest online skill-gaming companies that develop and operate zeal-driven applications for online gaming enthusiasts. With more than 60 million+ users and multiple brand verticals like A23Rummy and Cricket.com, We have come a long way in the past 18 years. What started from a small garage in 2006 with nothing but a dream - "To become India's leading online gaming portal" has now turned into one of the most profitable start-ups in India that have gone through cycles of angel, venture capital and private equity investments. We're a diverse group of thinkers and doers who are reimagining what's possible to make it easier for all of us to do what we love in new ways. Responsibilities Design, build, test & deploy high performant code Troubleshoot, debug and enhance existing modules Verify and deploy code to live Produce clean, efficient code based on specifications Ability to provide elegant tech solutions to business problems Work with peer developers, QA, product managers, scrum masters in an Agile environment Qualification Strong computer science fundamentals Bachelor’s/Master’s degree in Engineering, Computer Applications Minimum 4 years of Work Experience in IT Industry 2-7 years of relevant programming experience in Java Strong in Object-Oriented Programming Good Experience working with collections/data structures Hands-on Experience in Springboot, Microservices, Spring Security Experience working with Message Queues and Sockets Experience in front end technologies like JavaScript, React JS, CSS, HTML is a big plus Experience working in CI/CD development Experience in Git, Maven, Experience in SQL/No-SQL databases, caching technologies Knowledge of code quality control platforms like Sonar, secure coding practices, OWASP vulnerabilities Working experience in cloud – AWS Good communication & interpersonal skills What We Offer - Competitive salary Mediclaim Policy - Best in Industry Flexible working hours Career Development Program Best in Industry Reward and Recognition program Inclusive and Collaborative Work culture Complimentary snacks are served everyday If you would want to be a part of this multi-million user company, apply on the given link

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec - Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: As a Consultant, you are responsible for performing following activities as a SAST/DAST professional: Integrate SAST and DAST tools into CI/CD pipelines to automate security testing throughout the development lifecycle. Perform regular static (SAST) and dynamic (DAST) security assessments on applications to identify vulnerabilities such as SQL injection, cross-site scripting, and other OWASP Top 10 risks. Analyze scan results, triage findings, and provide actionable remediation guidance to development teams. Collaborate with developers to ensure secure coding practices and support secure design reviews. Define and maintain security roles, responsibilities, and ownership between Deloitte and client stakeholders for test preparation, execution, and support. Ensure that vulnerabilities are tracked, reported, and resolved in accordance with organizational policies and client requirements. Conduct root cause analysis (RCA) workshops and publish performance and security testing reports. Stay current with industry trends, emerging threats, and advancements in SAST/DAST tools and methodologies. Required Skills Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304772

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304773

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304774

Summary Position Summary Job title: SAST/DAST AppSec – Senior Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk Deloitte's application security testing professionals review the test results output from various in-scope security services and take the appropriate actions to minimize developer effort and provide truly actionable results to provide protection spanning applications’ entire lifecycle in the client environment. Work you’ll do Roles & Responsibilities: Hands-on experience with leading SAST and DAST tools (e.g., Checkmarx, Veracode, Fortify, Burp Suite, OWASP ZAP). Strong understanding of secure software development lifecycle (SSDLC) principles and OWASP Top 10 vulnerabilities. Experience integrating security testing into CI/CD pipelines and cloud (e.g., Jenkins, Azure DevOps, GitLab CI). Ability to interpret and communicate vulnerability findings and remediation steps to technical and non-technical stakeholders. Familiarity with both black-box (DAST) and white-box (SAST) testing methodologies. Excellent collaboration, communication, and documentation skills. Required Skills Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. Qualification Bachelor's degree or higher in Computer Science, or equivalent experience. Security certifications such as CSSLP, CEH, or similar. Experience with cloud-native application security and container security. Knowledge of regulatory and compliance requirements related to application security. Good to have: Experience participating in or conducting security architecture reviews to identify design-level vulnerabilities and ensure alignment with security best practices and organizational standards. Proficiency in performing threat modeling exercises (e.g., using STRIDE, PASTA, or other frameworks) to systematically identify, document, and prioritize potential threats and attack vectors in applications and systems. Skill in translating threat model findings into actionable SAST/DAST test cases and ensuring that identified threats are adequately tested and mitigated. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2025. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 304773