1625 Owasp Jobs - Page 5

Role Overview We are hiring a Technical Lead – AI Security to join our CISO team in Mumbai. This is a critical, hands-on role — ensuring the trustworthiness, resilience, and compliance of AI/ML systems, including large language models (LLMs). You will work at the intersection of cybersecurity and AI, shaping secure testing, understanding secure MLOps/LLMOps workflows, and leading technical implementation of defenses against emerging AI threats. This role requires both strategic vision and strong engineering depth. Key Responsibilities · Lead and operationalize the AI/ML and LLM security roadmap across training, validation, deployment, and runtime to enable AI Security Platform Approach. · Design and implement defenses against threats like adversarial attacks, data poisoning, model inversion, prompt injection, and fine-tuning exploits using industry leading open source and commercial tools. · Build hardened workflows for model security, integrity verification, and auditability in production AI environments. · Leverage AI security tools for scanning, fuzzing, and penetration testing models. · Apply best practices from OWASP Top 10 for ML/LLMs, MITRE ATLAS, NIST AI RMF, and ISO/IEC 42001 to test AI/ML assets. · Ensure AI model security testing framework aligns with internal policy, national regulatory requirements, and global best practices. · Plan and execute security tests for AI/LLM systems, including jailbreaking, RAG hardening, and bias/toxicity validation. Required Skills & Experience · 8+ years in cybersecurity, with at least 3+ years hands-on in AI/ML security or secure MLOps/LLMOps · Proficient in Python, TensorFlow/PyTorch, HuggingFace, LangChain, and common data science libraries · Deep understanding of adversarial ML/LLM, model evaluation under threat conditions, and inference/training-time attack vectors · Experience securing cloud-based AI workloads (AWS, Azure, or GCP) · Familiarity with secure DevOps and CI/CD practices · Strong understanding of AI-specific threat models (MITRE ATLAS) and security benchmarks (OWASP Top 10 for ML/LLMs) · Ability to communicate technical risk clearly to non-technical stakeholders · Ability to guide developers and data scientists to solve the AI Security risks. · Certifications: CISSP, OSCP, GCP ML Security, or relevant AI/ML certificates · Experience with AI security tools or platforms (e.g., model registries, lineage tracking, policy enforcement) · Experience with RAG, LLM-based agents, or agentic workflows · Experience in regulated sectors (finance, public sector) Show more Show less

JD_ Front-End Developer.docx Job Title: Front-End Developer Location: Bangalore About Instasafe: www.instasafe.com About InstaSafe: InstaSafe is Asia's fastest-growing cybersecurity company, empowering organizations in their digital transformation journey. Our Zero Trust Security solutions secure over 500,000 endpoints for more than 100 Fortune 2000 companies globally. InstaSafe aims to simplify cybersecurity by delivering seamless and secure access to enterprise applications, ensuring maximum security and minimal risk. Role Overview: The Frontend Developer will be responsible for creating responsive and user-friendly web applications. Collaborating with design and backend teams, you will translate business requirements into intuitive, high-performance solutions, ensuring seamless user experiences across platforms. Responsibilities Develop, test, and maintain front-end code using HTML, CSS (Flexbox, Grid), and JavaScript frameworks. Build responsive and accessible user interfaces, ensuring cross-browser compatibility and adherence to web standards. Utilize async programming and API calls to create seamless integrations. Manage Git workflows, ensuring smooth version control and team collaboration. Implement and optimize Webpack/Rollup bundling, conduct front-end testing with Cypress, and utilize browser DevTools for optimization. Employ common security practices (OWASP) and manage authentication with JWT, OAuth, and SSO. Build reusable custom elements, develop SSR/SSG for SEO and performance, and manage REST API handling. Create basic PWAs and work with Apollo for managing queries and mutations. Engage in cross-platform mobile development to ensure consistent experiences across devices. Mentor junior developers, sharing knowledge and best practices to support their growth and performance. Core Competencies : Internet Fundamentals: Understanding of protocols, security measures, and performance optimization. HTML & Accessibility: Proficiency in semantic HTML and inclusive design. CSS (Flexbox, Grid): Expertise in responsive frameworks and layout design. Async Programming & API Calls: Experience in JavaScript async functions and integrations. Git Workflows: Strong version control experience. Framework and SSR Proficiency: Skilled in modern frameworks and server-side rendering. Webpack/Rollup & Cypress Testing: Skilled in bundling and front-end testing. OWASP Security Practices: Knowledge of common web security measures. JWT, OAuth, SSO: Proficient in secure authentication methods. DevTools & Optimization: Proficiency in debugging and performance optimization. Custom Elements, SSR/SSG, REST API, PWA, Apollo: Advanced front-end architecture skills. Cross-Platform Development: Ability to troubleshoot across platforms. Behavioral Abilities: Agility: Manages shifting priorities, mentors juniors, adapts to evolving goals, and demonstrates resilience. Problem-solving: Solves complex problems, analyzes data, and encourages strategic thinking within the team. Excellence: Ensures high-quality outputs and implements quality control. Accountability: Drives projects with minimal oversight and fosters autonomy. Learning Orientation: Pursues continuous learning and supports team development. Collaboration: Facilitates open dialogue, builds trust, and promotes inclusivity. Innovation: Proposes and pilots innovative solutions to enhance productivity. Job Specifications: Position Type: Full-Time Reporting To: Lead Front-End Developer or Engineering Manager Work Hours: Standard business hours with occasional flexibility for deadlines Work Environment: Collaborative team environment Travel Requirements: Minimal to none Salary Range: Competitive, commensurate with experience and market standards Benefits: Health insurance, professional development support, paid time off, [mention any other specific benefits here] Education: Bachelor’s degree in Computer Science or related field, or equivalent work experience. Experience: 2-4 years of experience in front-end development. Preferred: Experience in cybersecurity or tech-driven environments. Show more Show less

Job requisition ID :: 83567 Date: Jun 12, 2025 Location: Hyderabad Designation: Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Summary The role requires providing expertise and leadership for Incident Response capabilities including good understanding of cyber incident forensics. It requires providing both subject matter expertise and project management experience to serve as the “point person” of client engagement in domain. The candidate shall pertain efficient incident response and remediation skills to minimise the impact of cyber risks. The individual will oversee and support security monitoring operations team and assist them during security incidents and ensure incidents are managed and responded effectively including and reporting to stakeholders. This role primarily consists of leading team of the Incident responders, Incident managers and stakeholders (including client, vendors, etc.) and to conduct thorough response activities on behalf of a wide variety of clients across sectors. Candidate is required to work in complex security environments and alongside SOC team to design, communicate and execute incident response, containment and remediation plans. Candidate is required to have hands-on experience of incident management and investigation tools and shall be comfortable leading teams on challenging engagements, communicating with clients, providing hands-on assistance with incident response activities, and creating and presenting high-quality deliverables. Skills required Responding to alerts from across the entire global technology and information estate to quickly detect harmful behaviours and events, containing, mitigating, and remediating minor incidents and in coordination with the Cybersecurity Incident Management and Response Team, effectively containing, mitigating, and remediating more serious events. Supporting cyber security incidents through to eradication and feed into the Post Incident Review process that delivers detailed analysis on the root cause of incidents investigated and produces findings and recommendations that support control adjustments to better protect the bank. Identifying, developing, and implementing new detections (Use cases) and mitigations (Playbooks) across the security platforms. Reviewing and approving new Use Cases and Playbooks created by Cybersecurity colleagues. Continuously reviewing the effectiveness of analysis playbooks, processes, and tooling. Communicating new use cases (go-live, demise, tuning), to the cybersecurity operations teams, supporting the Cybersecurity Operations Manager in ensuring all teams are prepared to take on the additional workload and have sufficient tools, training, and capability to do so effectively. Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents. Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy. Supporting the Crew Leads during shift handovers, ensuring all team members are ready to manage ongoing incidents. Supporting the triage of potentially malicious events to determine severity and criticality of the event. Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes. Train, develop, mentor, and inspire cybersecurity colleagues in area(s) of specialism. Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Promote a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank’s control plane (people, process, and technology) are brought to light and addressed in an effective and timely manner. Support engagement in support of Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise Cybersecurity efforts and success. Requirements: To be successful in this role, you should meet the following requirements: 5+ years of technical experience in IT or IT Security, for example as a network or operating system administrator. Expert level knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM), EDR, Email Protection, Case Management & other cyber security tools. Expert level knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc. Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google. Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc. Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation. Formal education and advanced degree in Computer Science or similar and/or commensurate demonstrated work experience in the same. CEH, EnCE, SANS GSEC, GCIH, GCIA CISSP or any similar Certifications. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome … entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas – IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position and Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years’ experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html . RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status ; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com .

Company Description IS Global Service Center (GSC) operating from Chennai, India, is a part of IS supporting Expeditors IT operations.IS GSC started with 6 employees now we are 520+ employees today delivering world class Information services globally. This Product based Strategic Center's IT transformation has delivered a radical change to Expeditors IT manpower profile and skills. We will continue to deliver services as we continue to grow responsibly in the coming years. Expeditors is a global logistics company headquartered in Seattle, Washington. As a Fortune 500 company, founded in 1979 we have employed over 18,000+ trained professionals in a worldwide network of over 340+ locations across six continents. Expeditors satisfies the increasingly sophisticated needs of international trade through customized solutions and seamless, integrated information systems Job Description A Configuration Administrator works on projects or tasks that ensure consistency & stability in design & implementation of configuration tools used in the development of software & asset management in the production environment. Be creative during collaboration on best practices and ways to improve performance along with efficiency. Possessive resolve troubleshooting complex and simple issues. They will have a keen eye for recognizing inefficiency and take the initiative to simplify processes for their team and customers. A solid understanding of automation and infrastructure as code would be desired! Roles and Responsibilities Utilizing Infrastructure as Code best practices, develop, maintain, and enhance systems using scripting language (Python and bash) Analyze the Infrastructure, pipeline design issues and suggest better solution. Create and maintain CI/CD pipeline for application with DevSecOps standards. Provide recommendations to management through research and review of recent industry solutions in various configuration related tools/technologies. Maintain Config admin owned tools such Nexus, GitLab, k8’s, Apache, Tomcat, etc. with ability to utilize Ansible or Terraform. Create documentation and training material; provide training to others to ensure cross collaboration. Support on patch management and automate the application startup solution. Participate in Companywide working group for contribute to strategy for Enterprise needs. Collaborate with DEV team to stable the application accessibility. Configure and maintain the azure platform using terraform modules. Understand the alerts and its priority, react based on it. Qualifications Minimum Qualifications 5+ years of DevSecOps experience as Config Admin or similar role Excellent troubleshooting and problem-solving skillset. Past participation in major systems rollouts and deployments Good understanding of git workflows and automation. Understanding of advanced continuous delivery methods. Solid foundation in infrastructure and networking concepts Proficient UNIX/LINUX scripting knowledge (Python, Bash, etc.) Ability to formulate a design strategy from a mix of business requirements, concept documents and verbal description. Good understanding of IaC – preferably Terraform Outstanding communication skills, including oral, written, motivation and presentation skills. Desired Qualifications Hands-on experience with Linux Hands-on experience with Docker and Kubernetes including deployments Cloud deployment models and concepts – Azure. Hands-on experience with DevSecops Tools: Jenkins, Nexus, GitLab, Ansible, OWASP, Sonarquble, Trivy, Checkov, etc. Experience in configuring various monitoring tools. (ELK, Grafana, Prometheus, Thanos, Mimir etc.) Experience in DevSecOps and CI/CD pipeline management. Java programming understanding is an added advantage Held the role of a critical contributor to or leading major systems rollouts and deployments Active participant in the vendor/product selection process Additional Information Expeditors offers excellent benefits: Paid Vacation, Holiday Health Plan: Medical Insurance Employee Stock Purchase Plan Training and Education Programs Unlimited opportunities for career advancement

Overview Make your mark at Comcast - a Fortune 30 global media and technology company. Become part of our award-winning, international engineering team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. You’ll do the best work of your career right here. Success Profile What makes a successful Security Engineer 2 at Comcast? Check out these top traits and explore role-specific skills in the job description below. Results-driven Adaptable Inventive Entrepreneurial Team Player Problem-Solver Benefits We’re proud to offer comprehensive benefits to help support you physically, financially and emotionally through the big milestones and in your everyday life. Paid Time off We know how important it can be to spend time away from work to relax, recover from illness, or take time to care for others needs. Physical Wellbeing We offer a range of benefits and support programs to ensure that you and your loved ones get the care you need. Financial Wellbeing These benefits give you personalized support designed entirely around your unique needs today and for the future. Emotional Wellbeing No matter how you’re feeling or what you’re dealing with, there are benefits to help when you need it, in the way that works for you. Life Events + Family Support Benefits that support you no matter where you are in life’s journey. Security Engineer 2 Location Chennai, India Req ID R412615 Job Type Full Time Category Cybersecurity Date posted 06/13/2025 Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. Job Summary "Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. Works with moderate guidance in own area of knowledge. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do what's right for each other, our customers, investors and our communities" Job Description Core Responsibilities Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation. Exposure to commercial and open-source tools such as Burpsuite, Metasploit, WebInspect, Nessus, Qualys, Nexpose, nmap, Kali Linux, etc. Experience cataloguing and risk-scoring vulnerabilities discovered through assessments. Good understanding and experience with: Web application security assessment, including hands-on techniques. Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks. CVSS scoring and its use in risk rating What success looks like Prompt, effective curation of security vulnerabilities. Responsiveness to internal customer requests. Validation of remediated tickets within published service level agreements (SLAs). What You Can Expect A cool and casual work environment with opportunities to showcase your skills. A culture of innovation and continuous learning. Training, support, and mentoring to expand and evolve your expertise. Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require: Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience. Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details. Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Relevant Work Experience 2-5 Years

Job Title: Senior Software Architect & Technical Lead Location: Onsite – Ahmedabad, India Experience: 8+ Years Employment Type: Full-Time Role Overview We are looking for a highly skilled and hands-on Senior Software Architect & Technical Lead to join our core team in Ahmedabad. This individual will lead the end-to-end architecture, development, and technical execution across a range of enterprise, AI-powered, and end-user applications. The ideal candidate is both a builder and a strategist—equally comfortable writing code, guiding teams, and shaping the technical direction of the organization. Key Responsibilities Architecture & Design Architect scalable, modular, and secure platforms with long-term maintainability. Design system-wide components and enforce technical standards across teams. Own architecture reviews, risk mitigation, and technical documentation. AI-Enabled Development Architect and integrate AI tools (e.g., LLMs, recommendation engines, chatbots). Work with prompt engineering, vector databases, and generative AI APIs (e.g., OpenAI, Hugging Face). Guide team members on practical AI use cases across platforms. Security-Driven Engineering Implement secure-by-design principles across backend and frontend systems. Ensure alignment with OWASP, GDPR, SOC2, and other relevant compliance frameworks. Perform secure code reviews and threat modeling sessions. End-User Application Engineering Architect robust, performant user-facing applications (web/mobile/desktop). Collaborate with product and design teams on usability, accessibility, and interaction design. Define and promote frontend architecture and scalable design systems. Leadership & Mentorship Serve as a technical authority across engineering squads. Mentor engineers on design patterns, architecture principles, and technical strategy. Help define KPIs and performance benchmarks for team and product. Requirements Education & Experience Job Type: Full-time Pay: ₹916,802.88 - ₹2,297,783.07 per year Schedule: Day shift Work Location: In person Speak with the employer +91 9081068979 Expected Start Date: 14/06/2025

Line of Service Advisory Industry/Sector Not Applicable Specialism Microsoft Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a risk-based methodology and "shift-left" approach to engage early in the software development lifecycle. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: A career within…. Responsibilities: 1. Review application source code based on the industry standard security frameworks and organization's internal security policy. 2. Running the source code scan and analyzing the results derived from the SAST platform. 3. Coordinate with application development teams to ensure identified gaps are fixed in proper time. 4. Work with the application development team to eliminate false positives, to clarify compensating security controls. 5. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. 6. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. 7. Work closely with other team members, including project leads, regional leads and territory security leadership team. 8. Provide regular updates on progress and issues to project managers and stakeholders 9. Strong knowledge of secure coding practices and common security vulnerabilities (e.g., OWASP Top 10). 10. Strong knowledge of Industry standard SAST tools (e.g. Veracode, Fortify on Demand). 11. Strong knowledge of Industry standard SCA tools (e.g. Blackduck). 12. Strong knowledge in manual and tool-based code review process, focusing on OWASP methodology. 13. Strong Knowledge of security vulnerability identification and remediation methodologies. 14. Familiarity with industry standard security frameworks and policies. 15. Strong knowledge of DevSecOps practices and integration of security within CI/CD pipelines. Mandatory skill sets: VAPT, source code analysis, remediation, mitigation, vulnerability assessment, SAST, SCA, application security, white box testing, Veracode, Checkmarx , source code review. Preferred skill sets: CI/CD Pipelines Years of experience required: 4-7 Years Education qualification: B.Tech/B.E. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Code Review Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coding Standards, Communication, Creativity, Cybersecurity, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Information Security, Intellectual Curiosity, Learning Agility, LoadRunner (Software Testing Tool) {+ 30 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date

Dev Ops: Support Engineer About Client Our Client is transforming data collection and verification with a secure, scalable, and automated platform designed for industries like lending, leasing, and financial services . Our modular web applications integrate seamlessly with KYC, IBV, and credit decisioning services , delivering efficiency, security, and compliance to businesses handling complex data workflows. As part of our commitment to high performance and reliability , we are expanding our DevOps and test automation capabilities to streamline continuous integration, deployment, and quality assurance across our products. Job Description We are looking for a DevOps & Test Automation Engineer to lead test automation strategies, CI/CD pipelines, and infrastructure management . This role combines DevOps best practices with automated testing frameworks to ensure seamless deployments, minimal downtime, and high-quality software releases . You will work closely with engineering, QA, and product teams to implement scalable automation solutions , optimize test environments, and enhance deployment reliability across our cloud-native applications. Key Responsibilities Test Automation & Quality Assurance Design, implement, and maintain automated test suites for web applications, APIs, and micro services. Develop end-to-end (E2E), integration, and performance tests using frameworks like Cypress, Playwright, Jest, and Selenium . Implement test coverage reporting, monitoring, and continuous feedback loops . Work with developers to create unit testing strategies for critical application components. DevOps & CI/CD Implementation Manage and optimize CI/CD pipelines using GitHub Actions, Jenkins, or GitLab CI . Automate build, test, and deployment processes for front-end and back-end services . Ensure zero-downtime deployments using blue-green, canary, or rolling deployment strategies . Implement infrastructure as code (IaC) with Terraform or AWS CloudFormation . Infrastructure, Monitoring & Security Maintain and optimize Kubernetes, Docker, and cloud-based deployments . Set up observability, logging, and monitoring tools (e.g., Prometheus, Grafana, ELK Stack, Datadog). Collaborate with security teams to implement DevSecOps practices, vulnerability scanning, and compliance automation . Collaboration & Continuous Improvement Work closely with developers, product teams, and QA engineers to integrate testing into the SDLC. Identify bottlenecks and improve deployment speeds, test execution, and incident resolution . Stay up to date with emerging DevOps and test automation tools , advocating for best practices. Qualifications & Experience 4+ years of experience in DevOps, test automation, or software QA engineering . Strong experience with test automation tools (e.g., Cypress, Playwright, Jest, Selenium). Hands-on experience with CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI). Proficiency in containerization and orchestration (Docker, Kubernetes). Familiarity with cloud platforms (AWS, GCP, or Azure) and infrastructure as code (Terraform, Cloud Formation) . Experience with monitoring and logging (Prometheus, Grafana, Datadog, ELK Stack). Strong scripting skills in Bash, Python, or TypeScript . Knowledge of security best practices, OWASP guidelines, and DevSecOps methodologies . Preferred Qualifications Experience in Fintech, SaaS, or high-traffic web applications . Exposure to service mesh architectures and API gateways . Knowledge of database performance tuning and automated database migrations . Experience with contract testing (PACT), chaos engineering, and fault injection . What We Offer High-impact role in a fast-growing company. Work with cutting-edge DevOps and automation technologies . Competitive salary, stock options, and career growth opportunities. Flexible work environment (Remote/Hybrid options). Professional development and mentorship programs. Why Join Us? We are building scalable, secure, and highly automated applications that power the future of Fintech. As our DevOps & Test Automation Engineer , you will play a key role in ensuring product reliability, accelerating deployments, and improving test automation in a modern cloud-native environment. How to Apply If you are passionate about DevOps, automation, and building resilient systems , we’d love to hear from you! Send your resume and cover letter to rajabhattacharya@magmaconsultancy.in Show more Show less

Expert in performance testing tools: LoadRunner, JMeter, NeoLoad, Gatling, k6, BlazeMeter. 2. Strong scripting and coding skills in Java, Python, JavaScript, Groovy, or Shell. 3. Proficient in protocol-based testing: HTTP/HTTPS, WebSockets, REST/SOAP APIs, MQ, Citrix, SAP GUI. 4. Hands-on experience with APM & monitoring tools: AppDynamics, Dynatrace, Grafana, Prometheus, Splunk, ELK Stack. 5. Experience with CI/CD tools and integration: Jenkins, Git, Maven, Docker, Kubernetes. 6. Deep knowledge of system resource profiling: CPU, memory, disk I/O, network utilization, GC logs. 7. Expertise in analyzing server-side logs, thread dumps, heap dumps for bottleneck identification. 8. Familiarity with cloud platforms: AWS, Azure, GCP and cloud-native performance testing. Experience with database performance testing and optimization: Oracle, MySQL, PostgreSQL, MongoDB. 2. Exposure to microservices and containerized architecture testing. 3. Understanding of security and compliance testing (e.g., OWASP-related performance risks). 4. Knowledge of DevOps and SRE practices. 5. Agile methodology and Test Management tools: JIRA, Confluence, TestRail. Show more Show less

Job Family Advanced Business Analysis (India) Travel Required None Clearance Required None What You Will Do Utilizing technology to streamline processes and integrate different systems within an organization, including implementing software and tools to automate tasks, improve efficiency, and ensure seamless system integration. Ensuring smooth and high-quality delivery of software products to end users by coordinating release schedules, conducting quality assurance testing, and implementing processes to minimize the risk of errors in software releases. Tailoring and implementing technology solutions to meet the specific needs and expectations of clients, involving understanding client requirements, customizing solutions, and ensuring successful delivery and adoption of the technology. Participating in the design, development, and enhancement of software applications, including tasks such as coding, testing, debugging, and collaborating with team members to create software that meets user requirements and industry standards. What You Will Need Candidates from computer background (B.Tech Computer Science, B.Sc CS, BCA, etc.) Good communication and teamwork skills Knowledge in programming/scripting languages Understanding of database concepts and hands-on experience in SQL Knowledge of SDLC and Agile methodologies Knowledge in OOPs concepts Flexibility to learn and build new skill set, eagerness to stay updated Algorithms and Data Structures Strong problem-solving skills Positive attitude, commitment, and can-do approach Must be Trained, certified, or an intern with experience in the following technologies: Full-stack development (React, Angular, or Vue.js, GoLang, Python, Ruby on Rails, or Java Spring, MySQL, PostgreSQL), Cloud computing (AWS, Microsoft Azure, serverless computing, container orchestration, cloud databases) DevOps (Git, Jenkins, Docker, Kubernetes) Microservices architecture Vulnerability (OWASP) Agile methodologies (Scrum, Kanban, Jira) AI and machine learning (basic understanding of concepts and algorithms, integrating AI and machine learning features into applications). What Would Be Nice To Have You will receive a skills assessment sheet to share your proficiency. What We Offer Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. About Guidehouse Guidehouse is an Equal Opportunity Employer–Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco. If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation. All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or guidehouse@myworkday.com. Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process. If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse’s Ethics Hotline. If you want to check the validity of correspondence you have received, please contact recruiting@guidehouse.com. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant’s dealings with unauthorized third parties. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee. Show more Show less

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle. Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues. Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner. Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Monitor and log the actual service provided, compared to that required by service level agreements. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Understanding of OWASP most 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Familiarity with software development/delivery lifecycle and related technologies Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 07/2/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R342303 Show more Show less

🚀 We're Hiring: Manager– AppSec & Vulnerability Management 📍 Location: India – Managed Security Services Organization 💼 Job Type: Full-Time We are looking for an experienced and dynamic Lead – AppSec & Vulnerability Management to join our team and take charge of security assessments, penetration testing, vulnerability management, and DevSecOps for IT/Cloud and OT infrastructure. In this leadership role, you'll manage a talented team, drive the execution of security projects, and ensure the successful delivery of services to customers. Key Responsibilities: 🔒 Lead and manage the AppSec & Vulnerability Management function, ensuring top-notch service delivery and operational success. 🔧 Provide technical leadership and guide your team to build and grow expertise in cybersecurity best practices. 🛠️ Perform penetration testing, vulnerability assessments, and security architecture reviews for IT, Cloud, and OT environments. 📈 Manage customer relationships, pre-sales strategies, and continuously identify opportunities to expand business. 💬 Communicate technical findings effectively to non-technical stakeholders and help implement mitigation strategies. Key Skills & Experience: ✅ 10+ years of experience in managing threat & vulnerability management functions, cybersecurity projects, and customer engagements. ✅ 6-8 years of hands-on experience in security assessments, penetration testing, vulnerability management, and web/mobile app security. ✅ Strong knowledge of security frameworks, OWASP Top 10, cloud security (AWS/Azure), API security, and DevSecOps. ✅ Proven leadership experience in managing teams, driving results, and handling key customer relationships. ✅ Strong communication and interpersonal skills, able to work cross-functionally with senior stakeholders. Qualifications & Certifications: 🎓 Education: B.Tech/B.E. in CSE/IT or related fields. 📜 Certifications: CEH, CISSP, OSCP, or similar security certifications. 🔧 Technical Skills: Expertise in vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP), mobile app security, and security in DevOps environments. Why Join Us? 🌟 Lead and innovate in a fast-paced, growing industry. 🌟 Collaborate with cross-functional teams and drive impactful results. 🌟 Opportunity to shape the security strategy for large-scale enterprise clients. If you're passionate about cybersecurity and ready to make an impact, we’d love to hear from you! 👉 Apply Now! Shruti.Muskara@tribastion.com Show more Show less

🛡️ Cyber Security Analyst Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is a rapidly growing edtech startup focused on practical, real-world learning. Our Cyber Security Analyst Internship is built to provide aspiring professionals with the tools, knowledge, and experience needed to understand, detect, and respond to cyber threats. 🚀 Internship Overview As a Cyber Security Analyst Intern , you will gain hands-on experience in monitoring systems, identifying vulnerabilities, analyzing threats, and implementing basic security measures. You will work on real-time use cases and contribute to strengthening the organization’s cyber defense posture. 🔧 Key Responsibilities Monitor and analyze system logs and network traffic for suspicious activities Conduct vulnerability assessments and assist in penetration testing Use tools like Wireshark, Nmap, Nessus, Burp Suite, or Splunk Assist in implementing security policies, firewalls, and access controls Respond to simulated incident scenarios and create incident reports Stay updated with the latest cyber threats, malware trends, and attack vectors Document findings, recommendations, and best practices ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, Computer Science, IT , or related fields Familiarity with network protocols , Linux/Windows systems , and security tools Understanding of concepts like firewalls, encryption, OWASP Top 10, and vulnerability scanning Strong analytical thinking and problem-solving abilities Basic knowledge of scripting or automation tools (e.g., Bash, Python) is a plus Eagerness to learn, research, and grow in the cybersecurity domain 🎓 What You’ll Gain Real-world exposure to cyber threat analysis and defensive strategies Hands-on practice with popular security tools and platforms Internship Certificate upon successful completion Letter of Recommendation for outstanding performance Opportunity for a Full-Time Offer based on performance Experience to help prepare for certifications like CEH, CompTIA Security+, or OSCP Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities: Technical Leadership: Architect and design secure, scalable Java backend systems for cybersecurity applications, including APIs, data processing pipelines, and user authentication mechanisms. Lead the development and implementation of secure coding practices to mitigate vulnerabilities in Java applications. Stay abreast of emerging cybersecurity threats and trends, incorporating relevant security protocols into backend architectures. Review and approve technical designs, ensuring adherence to security standards and best practices. Team Management: Manage a team of Java backend developers, providing technical guidance, mentoring, and performance feedback. Assign tasks, prioritize projects, and monitor team progress to meet project deadlines. Foster a collaborative environment within the team, encouraging knowledge sharing and continuous improvement. Development and Deployment: Oversee the development lifecycle of backend applications, including requirement gathering, design, coding, testing, and deployment. Ensure efficient implementation of secure coding practices, including input validation, encryption, and access control mechanisms. Work closely with DevOps teams to streamline the deployment process and manage infrastructure. Security Focus: Collaborate with security architects to design and implement robust security measures, including threat modeling, vulnerability assessments, and penetration testing. Monitor system logs and alerts to detect potential security incidents and respond effectively Implement security best practices for data handling, access management, and API security. Required Skills and Experience: Technical Expertise: Deep proficiency in Java programming language, including core Java concepts, Spring Framework, and microservices architecture Experience with relational databases (MySQL, PostgreSQL) and NoSQL databases (MongoDB) Flink streaming architectures lambda designs Understanding of security principles like authentication, authorization, encryption, and secure coding practices Familiarity with cloud platforms (AWS, Azure, GCP) for deployment and scaling Leadership and Management Skills: Proven ability to lead and mentor a team of backend developers Excellent communication and collaboration skills to work with cross-functional teams Strong problem-solving and analytical skills to troubleshoot complex technical issues Cybersecurity Knowledge: Awareness of current cybersecurity threats and vulnerabilities Understanding of security standards and compliance requirements (e.g., GDPR, HIPAA) Experience with security tools and frameworks (e.g., OWASP, SIEM) Education: Bachelor's degree in Computer Science or a related field Show more Show less

Sprinto is a leading platform that automates information security compliance. By raising the bar on information security, Sprinto ensures compliance, healthy operational practices, and the ability for businesses to grow and scale with unwavering confidence. We are a team of 300+ employees & helping 2500+ Customers across 75+ Countries . We are funded by top investment partners Accel, Elevation, and Blume Ventures and have raised 31.8 million USD in funding, including our latest Series B round. The Role We are looking for a Product Security Engineer to lead efforts in securing our products. This role involves integrating security into the SDLC, conducting threat assessments, and collaborating with engineering teams to ensure secure design and coding practices. You will also manage vulnerability remediation, ensure compliance, and educate teams on security best practices What You Will Do Secure SDLC Integration: Embed security into CI/CD pipelines and secure coding practices across development teams Threat Modeling & Risk Assessments: Perform threat assessments and define mitigation strategies for new features Application Security Audits: Conduct security reviews and vulnerability assessments for applications Security Design Reviews: Provide feedback on product designs to ensure security is built in from the start Vulnerability Management: Oversee vulnerability identification, prioritization, and remediation workflows Cross-Functional Collaboration: Work closely with development teams to promote secure coding and operational practices What We’re Looking For 5–9 years in application security, product security, or related roles Proficient in web application security (OWASP Top 10), secure coding practices, and vulnerability remediation Hands-on experience with security tools (SAST/DAST) and securing cloud environments Familiar with cloud security (AWS, Azure) and container security (Docker, Kubernetes) Strong understanding of compliance standards like SOC 2, ISO 27001, and GDPR. Benefits Remote First Policy 5 Days Working With FLEXI Hours Group Medical Insurance (Parents, Spouse, Children) Group Accident Cover Company Sponsored Device Education Reimbursement Policy Show more Show less

For over four decades, PAR Technology Corporation (NYSE: PAR) has been a leader in restaurant technology, empowering brands worldwide to create lasting connections with their guests. Our innovative solutions and commitment to excellence provide comprehensive software and hardware that enable seamless experiences and drive growth for over 100,000 restaurants in more than 110 countries. Embracing our "Better Together" ethos, we offer Unified Customer Experience solutions, combining point-of-sale, digital ordering, loyalty and back-office software solutions as well as industry-leading hardware and drive-thru offerings. To learn more, visit partech.com or connect with us on LinkedIn, X (formerly Twitter), Facebook, and Instagram. Position Description ParTech, Inc. is seeking a Quality Assurance Automation Engineer to join our ParPay-Payments software development team. The QA Automation Engineer will, under general supervision and adhering to established procedures for quality assurance design and implement test strategies related to POS software. The QA Automation Engineer will coordinate, create, execute and maintain test cases to ensure quality control standards are achieved. The QA Automation Engineer will be involved in system, regression, and performance and scalability testing to meet quality objectives. Position Location: Jaipur / Gurugram Reports To: Engineering Manager What We’re Looking For Bachelor’s in computer science/Engineering or related field required. Minimum of 5 years of functional testing background, including defining test strategy, test planning, test case design, and execution 4+ years of professional coding experience in C#, JavaScript, Powershell Project experience using an Agile methodology (e.g. Scrum) Expertise in automated testing frameworks and scripting. Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines. Knowledge of testing strategies around microservices architecture and modern monolith architecture. Experience with API testing and tools (e.g., Postman, REST-assured, Swagger). Proficiency with and/or familiarity with a variety of software testing tools such as: Selenium Test Complete JMeter Ready API Additional technical experience Performance / load testing SQL proficiency Proficiency in version control systems (e.g., Git) Good understanding with AWS, Azure, or any other related Cloud Infrastructure. Good understanding of security testing practices and tools (e.g., OWASP, SAST, DAST). Unleash your potential: What you will be doing and owning: Collaborates closely with Scrum team to monitor and provide constant feedback, to ensure the quality of the final product Designs test strategies and test cases for complex systems and execute various types of testing (e.g. functional, integration, end-to-end) on a variety of platforms (e.g. desktop, web) Create and execute automated test cases and report test results Interview Process Interview #1: Phone Screen with Talent Acquisition Team Interview #2: Video interview with the Technical Teams (via MS Teams/F2F) Interview #3: Video interview with the Hiring Manager (via MS Teams/F2F) PAR is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. We also provide reasonable accommodations to individuals with disabilities in accordance with applicable laws. If you require reasonable accommodation to complete a job application, pre-employment testing, a job interview or to otherwise participate in the hiring process, or for your role at PAR, please contact accommodations@partech.com. If you’d like more information about your EEO rights as an applicant, please visit the US Department of Labor's website. Show more Show less

For over four decades, PAR Technology Corporation (NYSE: PAR) has been a leader in restaurant technology, empowering brands worldwide to create lasting connections with their guests. Our innovative solutions and commitment to excellence provide comprehensive software and hardware that enable seamless experiences and drive growth for over 100,000 restaurants in more than 110 countries. Embracing our "Better Together" ethos, we offer Unified Customer Experience solutions, combining point-of-sale, digital ordering, loyalty and back-office software solutions as well as industry-leading hardware and drive-thru offerings. To learn more, visit partech.com or connect with us on LinkedIn, X (formerly Twitter), Facebook, and Instagram. Position Description ParTech, Inc. is seeking a Quality Assurance Automation Engineer to join our ParPay-Payments software development team. The QA Automation Engineer will, under general supervision and adhering to established procedures for quality assurance design and implement test strategies related to POS software. The QA Automation Engineer will coordinate, create, execute and maintain test cases to ensure quality control standards are achieved. The QA Automation Engineer will be involved in system, regression, and performance and scalability testing to meet quality objectives. Position Location: Jaipur / Gurugram Reports To: Engineering Manager What We’re Looking For Bachelor’s in computer science/Engineering or related field required. Minimum of 5 years of functional testing background, including defining test strategy, test planning, test case design, and execution 4+ years of professional coding experience in C#, JavaScript, Powershell Project experience using an Agile methodology (e.g. Scrum) Expertise in automated testing frameworks and scripting. Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines. Knowledge of testing strategies around microservices architecture and modern monolith architecture. Experience with API testing and tools (e.g., Postman, REST-assured, Swagger). Proficiency with and/or familiarity with a variety of software testing tools such as: Selenium Test Complete JMeter Ready API Additional technical experience Performance / load testing SQL proficiency Proficiency in version control systems (e.g., Git) Good understanding with AWS, Azure, or any other related Cloud Infrastructure. Good understanding of security testing practices and tools (e.g., OWASP, SAST, DAST). Unleash your potential: What you will be doing and owning: Collaborates closely with Scrum team to monitor and provide constant feedback, to ensure the quality of the final product Designs test strategies and test cases for complex systems and execute various types of testing (e.g. functional, integration, end-to-end) on a variety of platforms (e.g. desktop, web) Create and execute automated test cases and report test results Interview Process Interview #1: Phone Screen with Talent Acquisition Team Interview #2: Video interview with the Technical Teams (via MS Teams/F2F) Interview #3: Video interview with the Hiring Manager (via MS Teams/F2F) PAR is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. We also provide reasonable accommodations to individuals with disabilities in accordance with applicable laws. If you require reasonable accommodation to complete a job application, pre-employment testing, a job interview or to otherwise participate in the hiring process, or for your role at PAR, please contact accommodations@partech.com. If you’d like more information about your EEO rights as an applicant, please visit the US Department of Labor's website. Show more Show less

Principal Secuirty Researcher Manager Hyderabad, Telangana, India Date posted Jun 13, 2025 Job number 1830120 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. The Microsoft Security Response Center (MSRC) is responsible for detecting, protecting, and responding to threats that affect Microsoft’s products and services. We are looking for a motivated Leader to manage a team of highly skilled security researchers who also is adept at vulnerability research to join our team. As part of the MSRC, our team is responsible for analyzing vulnerabilities found in Microsoft’s products and services to determine their root cause, severity, and security impact. This analysis plays a critical role in shaping the security updates that are deployed to customers. The knowledge that we gain from analyzing vulnerabilities also informs the offensive and defensive security research performed by our team. As part of this research, our team works collaboratively with many teams across Microsoft to investigate, develop, and deploy security features that help discover and mitigate the biggest threats to customers. Our team is passionate about a range of topics including vulnerability discovery & automation, safer programming languages, exploit and vulnerability mitigations, software sandboxes, penetration testing & red teaming, exploit development, operating systems security (Windows and Linux), virtualization security, cloud services security, OWASP top 10, and hardware vulnerabilities and mitigations. This particular role is focused on the online services (OLS), e.g. cloud and web bugs. This is a unique opportunity to have a positive impact on improving safety for customers around the world and to work on challenging real-world security problems as part of a supportive and collaborative team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 10+ years of experience in vulnerability/exploits research and mitigation Bachelor's Degree in Statistics, Mathematics, Computer Science or related field and experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. In-depth experience in working as a security engineer Experience in identifying common vulnerability types (OWASP top 10, CWE top 25) in software and services written in C#, JavaScript/HTML, C++, C, etc Ability to debug and root cause vulnerabilities in software, services, and cloud platforms Excellent written and verbal communication skills Preferred Qualifications: Public track record of vulnerability research and discovery Familiarity with cloud service architectures (Azure etc), design, and implementations Familiarity with operating system internals for Windows and/or Linux Familiarity with exploitation techniques and mitigations Responsibilities Lead and manage a team of security researchers to Analyzing vulnerabilities in software and services to determine their root cause, severity, and security impact Identifying variants of vulnerabilities and discovering new vulnerabilities. Lead the team while also collaborating with stakeholders in peer teams and organizations to build tools and invent new approaches to automate the discovery & analysis of vulnerabilities Influence and align org vision by collaborating with customers, partners, product management and engineering teams. Analyzing trends in vulnerabilities being discovered to spot patterns Researching, developing, and deploying mitigations for common patterns of vulnerabilities Performing penetration testing, offensive security research, and red teaming activities Engaging with and contributing knowledge back to the security research community Mentoring and contributing to the growth of individuals within the team and across Microsoft Supporting a healthy and inclusive culture within the team and across Microsoft Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Job Title - Senior Security Engineer (Application & Cloud Security) Location: Chennai About Tazapay Tazapay is a cross border payment service provider. They offer local collections via local payment methods, virtual accounts and cards in over 70 markets. The merchant does not need to create local entities anywhere and Tazapay offers the additional compliance framework to take care of local regulations and requirements. This results in decreased transaction costs, fx transparency and higher auth rates. They are licensed and backed by leading investors. www.tazapay.com What's exciting waiting for you? This is an amazing opportunity for you to join a fantastic crew before the rocket ship launch. It will be a story you will carry with you through your life and have the unique experience of building something ground up and have the satisfaction of seeing your product being used and paid for by thousands of customers. You will be a part of a growth story in securing critical payment infrastructure that spans both application security and cloud security across 70+ markets. We believe in a culture of openness, innovation & great memories together. About The Senior Security Engineer Role As a Senior Security Engineer, you will play a pivotal role in securing our entire technology stack - from application-level security to cloud infrastructure protection. You will lead comprehensive security initiatives across our AWS cloud environments and payment applications built with Node.js and GoLang microservices, while leveraging AWS security services and modern security tools to protect against evolving threats. This role combines deep technical expertise in both application security and cloud security with leadership responsibilities. Key Responsibilities Application Security Leadership Lead comprehensive security assessments of microservices-based applications built with GoLang, Java, or Scala Conduct advanced security reviews of Vue.js and ReactJS frontend applications and their integration with backend services Execute expert-level manual and automated web application penetration testing using industry-standard methodologies (OWASP Testing Guide, PTES) Design and implement vulnerability scoring and risk assessment frameworks using CVSS, OWASP Risk Rating, and custom business impact metrics Utilize govulncheck for Go-specific vulnerability detection and dependency analysis across microservices Deploy Semgrep/OpenGrep for advanced static code analysis and custom security policy enforcement Integrate Gitleaks for comprehensive secret detection across development workflows Lead secure development lifecycle (SDLC) integration and establish security standards for development teams Perform complex web application penetration testing including authentication bypass, authorization flaws, injection attacks, and business logic vulnerabilities AWS Cloud Security Architecture Design and implement enterprise-level security architecture for AWS cloud environments Configure and optimize AWS Shield (Standard and Advanced) for comprehensive DDoS protection Implement and manage AWS CloudFront security configurations including advanced WAF rules, SSL/TLS, and origin protection Secure complex AWS services including EC2, ECS, EKS, Lambda, RDS, S3, API Gateway, and multi-region deployments Design network security controls using VPC, Security Groups, NACLs, AWS Transit Gateway, and PrivateLink Establish and lead secure CI/CD pipeline implementations for Node.js applications and GoLang microservices Architect container security solutions for Docker and Kubernetes (EKS) environments Security Automation & Monitoring Implement comprehensive security monitoring using AWS CloudTrail, GuardDuty, and Security Hub Deploy and manage Prowler for continuous AWS security assessments and compliance validation Utilize ScoutSuite for multi-cloud security posture management and configuration auditing Configure Gitleaks for continuous secret monitoring across enterprise development workflows Implement Semgrep/OpenGrep rules for real-time security vulnerability detection and policy enforcement Lead automation initiatives using Infrastructure as Code (Terraform, CloudFormation, AWS CDK) Develop advanced security automation scripts and frameworks using Python, Bash, and AWS SDKs Create comprehensive security dashboards and executive reporting mechanisms Vulnerability Management & Risk Assessment Lead enterprise vulnerability management programs with comprehensive scoring using CVSS v3.1, OWASP Risk Rating, and custom business impact assessments Develop sophisticated risk scoring matrices incorporating technical severity, business impact, exploitability, and regulatory requirements Create detailed penetration testing reports with executive summaries, technical findings, and strategic remediation roadmaps Establish vulnerability SLA metrics and track remediation timelines based on risk scores and business priorities Conduct root cause analysis (RCA) on complex security incidents and implement preventive measures Lead threat modeling sessions and strategic risk assessments for new features and infrastructure changes Mentor junior security engineers and provide technical guidance on vulnerability remediation Compliance & Regulatory Security Ensure comprehensive compliance with financial industry regulations (PCI DSS, SOX, GDPR, PSD2) Lead compliance audits and regulatory assessments using Prowler for AWS compliance validation Implement ScoutSuite for comprehensive multi-cloud security auditing Design and maintain data protection controls for sensitive payment processing workloads Develop and maintain disaster recovery and business continuity security plans Lead security aspects of vendor risk assessments and third-party integrations Represent security requirements to business leadership and regulatory bodies Technical Leadership & Strategy Serve as technical security leader for complex cross-functional projects Influence security strategies, standards, and architectural decisions across the organization Lead security initiatives and mentor junior engineers on advanced security practices Participate in strategic security planning and technology evaluation Drive security culture transformation and champion security best practices Represent security needs to executive leadership and board-level communications Experience Required Qualifications 8+ years of experience in information security with demonstrated expertise in both application security and cloud security Extensive experience securing microservices architectures, particularly those built with GoLang, Java, or Scala Advanced experience with AWS cloud security including Shield, CloudFront, and comprehensive security service management Expert-level web application penetration testing experience including complex business logic vulnerabilities and multi-tier architectures Proven leadership in vulnerability scoring and risk assessment using industry-standard frameworks Hands-on expertise with security automation tools: govulncheck, Gitleaks, Semgrep/OpenGrep, Prowler, ScoutSuite Strong experience securing Node.js applications and modern JavaScript frameworks (Vue.js, ReactJS) Experience leading security teams and influencing organizational security strategy Technical Skills Expert-level proficiency in AWS security services including Shield, CloudFront, GuardDuty, Security Hub, WAF, and comprehensive service portfolio Advanced application security expertise across GoLang, Java, Scala, Node.js, Vue.js, and ReactJS technologies Mastery of security automation tools: govulncheck (Go vulnerability scanning), Gitleaks (secret detection), Semgrep/OpenGrep (static analysis), Prowler (AWS security assessment), ScoutSuite (multi-cloud auditing) Expert-level web application penetration testing skills using advanced tools and custom exploitation frameworks Comprehensive knowledge of vulnerability scoring frameworks including CVSS v3.1, OWASP Risk Rating, and FAIR methodology Advanced Infrastructure as Code proficiency (Terraform, CloudFormation, AWS CDK) Expert container and orchestration security (Docker, Kubernetes/EKS, service mesh security) Advanced scripting and automation capabilities (Python, Bash, PowerShell, Go) Enterprise network security and cloud networking expertise Security Expertise Deep understanding of application security principles and advanced penetration testing methodologies Expert knowledge of cloud security frameworks (NIST, CSA, AWS Well-Architected Security Pillar) Advanced understanding of financial services security and payment processing compliance requirements Expertise in security architecture design for complex distributed systems Advanced threat modeling and risk assessment capabilities Comprehensive knowledge of cryptography, PKI, and secure communication protocols Expert-level incident response and forensic analysis skills Advanced understanding of regulatory compliance frameworks and audit requirements Nice to Have Certifications AWS Security Specialty certification (required) Advanced penetration testing certifications (OSCP, GWEB, eWPT, eWPTX) Security leadership certifications (CISSP, CISM, CISSP) Cloud architecture certifications (AWS Solutions Architect Professional, DevOps Engineer Professional) Additional cloud security certifications (Azure Security, GCP Security) Additional Skills Experience with multi-cloud security architectures and hybrid environments Advanced knowledge of serverless security (AWS Lambda, API Gateway, serverless frameworks) Expertise in security orchestration and automated response (SOAR) platforms Experience with machine learning/AI security applications and threat detection Advanced understanding of payment processing security and financial services infrastructure Experience with regulatory examination processes and security audit leadership Knowledge of emerging security technologies and threat landscape evolution Experience with security product evaluation and vendor management Advanced presentation and executive communication skills Key Abilities And Traits Technical Excellence: Demonstrated ability to architect and implement comprehensive security solutions across complex application and cloud environments processing sensitive financial data. Leadership: Proven capability to lead security initiatives across multiple teams, influence strategic decisions, and mentor engineering talent while representing security needs to executive leadership. Strategic Thinking: Ability to balance immediate security needs with long-term strategic objectives, translating business requirements into technical security solutions. Problem-Solving: Expert-level analytical and problem-solving skills with the ability to address complex security challenges spanning application code to cloud infrastructure. Communication: Exceptional verbal and written communication skills, capable of explaining complex security concepts to technical teams, business stakeholders, and executive leadership. Continuous Innovation: Commitment to staying current with emerging security threats, technologies, and industry best practices while driving security innovation within the organization. Project Management: Advanced ability to manage multiple complex security initiatives simultaneously while ensuring compliance with regulatory requirements and business objectives. Mentorship: Strong commitment to developing junior security talent and fostering a security-conscious culture across engineering teams. Join our team and let's groove together to the rhythm of innovation and opportunity! Your Buddy, Tazapay Show more Show less

Description : We are seeking a skilled Cloud Vulnerability Management Operator to join our dynamic team. As an Cloud Vulnerability Management Operator, you will be responsible for identifying, assessing, and mitigating vulnerabilities across our multi-cloud environments. You will leverage native cloud tooling and services to ensure the security and integrity of our cloud infrastructure. What you will do: Work under the supervision and direction of the Threat and Vulnerability Operations Manager (TVM) and other senior members of the Security Operations team Develop strong working relationships with support teams, management, and cross-functional working groups Provide guidance to junior-level staffing where appropriate You would be responsible for reducing the Security risks in the cloud infrastructure environment Curate and ensure metrics and reporting are shared with leadership and key stakeholders, time to triage, time to respond Configure and maintain Cloud Posture Management tooling (CSPM) and provide guidance on secure infrastructure best practices Provide expertise within the Threat and Vulnerability Management program which includes Cloud Security Posture Management (CSPM) Develop technical security controls and secure configuration baselines for public cloud resources in AWS, Azure, and GCP Responsible for identifying, assessing, and mitigating vulnerabilities within a multi-cloud infrastructure Implement and leverage native cloud services to ensure the security and integrity of the multi-cloud infrastructure (e.g., AWS Inspector, GCP SCCP, Azure Defender) Ensure the regular scanning of instances and images to identify and assess vulnerabilities Assist with the tracking of the Infrastructure Bill of Materials (IBOM) to maintain an up-to-date inventory of all components and their security status Collaborate with development and operations teams to integrate security best practices into the CI/CD pipeline as it relates to posture management Review and ensure cloud infrastructure assets follow traditional CIS benchmarking standards and complete all required scanning (e.g., image scanning, VM, container, etc.) Create and maintain remediation tickets across our multi-cloud environment Proactively document and communicate deviations from standard baselines Fundamentals, Network/Endpoint Security, Cybersecurity Risk & Compliance, or Information Technology Strong organizational, interpersonal, and presentation skills Excellent written and oral communication skills Ability to multi-task and handle multiple projects at the same time Exceptional problem-solving, critical thinking, and analytical skills Desired Skills: 5-10+ years of Cloud Security experience Experience in Cloud Vulnerability management, configuration, and validation using various tools across multi-cloud environments Subject matter specialist or expert knowledge in AWS Inspector for Cloud, GCPs SCCP Cloud-related certification in either AWS or GCP Azure certification desired Awareness of metrics and reporting structure including experience with metrics curation tools (e.g., PowerBi) Proficiency using both the AWS Management Console and the AWS Command Line Interface (CLI) Proficiency in using both the GCP SCCP and the GCloud CLI commands Experience leading teams without a management role Possess at least five years of Linux and/or Windows System Administration knowledge Experience with vulnerability scanning tools and reporting Experience with vulnerability management scoring methodologies Knowledge of Cloud Posture Management tooling Knowledge of OWASP Top 10 Experience with the threat intelligence lifecycle Experience with application security frameworks Show more Show less

Company Description IS Global Service Center (GSC) operating from Chennai, India, is a part of IS supporting Expeditors IT operations.IS GSC started with 6 employees now we are 520+ employees today delivering world class Information services globally. This Product based Strategic Center's IT transformation has delivered a radical change to Expeditors IT manpower profile and skills. We will continue to deliver services as we continue to grow responsibly in the coming years. Expeditors is a global logistics company headquartered in Seattle, Washington. As a Fortune 500 company, founded in 1979 we have employed over 18,000+ trained professionals in a worldwide network of over 340+ locations across six continents. Expeditors satisfies the increasingly sophisticated needs of international trade through customized solutions and seamless, integrated information systems Job Description A Configuration Administrator works on projects or tasks that ensure consistency & stability in design & implementation of configuration tools used in the development of software & asset management in the production environment. Be creative during collaboration on best practices and ways to improve performance along with efficiency. Possessive resolve troubleshooting complex and simple issues. They will have a keen eye for recognizing inefficiency and take the initiative to simplify processes for their team and customers. A solid understanding of automation and infrastructure as code would be desired! Roles And Responsibilities Utilizing Infrastructure as Code best practices, develop, maintain, and enhance systems using scripting language (Python and bash) Analyze the Infrastructure, pipeline design issues and suggest better solution. Create and maintain CI/CD pipeline for application with DevSecOps standards. Provide recommendations to management through research and review of recent industry solutions in various configuration related tools/technologies. Maintain Config admin owned tools such Nexus, GitLab, k8’s, Apache, Tomcat, etc. with ability to utilize Ansible or Terraform. Create documentation and training material; provide training to others to ensure cross collaboration. Support on patch management and automate the application startup solution. Participate in Companywide working group for contribute to strategy for Enterprise needs. Collaborate with DEV team to stable the application accessibility. Configure and maintain the azure platform using terraform modules. Understand the alerts and its priority, react based on it. Qualifications Minimum Qualifications 5+ years of DevSecOps experience as Config Admin or similar role Excellent troubleshooting and problem-solving skillset. Past participation in major systems rollouts and deployments Good understanding of git workflows and automation. Understanding of advanced continuous delivery methods. Solid foundation in infrastructure and networking concepts Proficient UNIX/LINUX scripting knowledge (Python, Bash, etc.) Ability to formulate a design strategy from a mix of business requirements, concept documents and verbal description. Good understanding of IaC – preferably Terraform Outstanding communication skills, including oral, written, motivation and presentation skills. Desired Qualifications Hands-on experience with Linux Hands-on experience with Docker and Kubernetes including deployments Cloud deployment models and concepts – Azure. Hands-on experience with DevSecops Tools: Jenkins, Nexus, GitLab, Ansible, OWASP, Sonarquble, Trivy, Checkov, etc. Experience in configuring various monitoring tools. (ELK, Grafana, Prometheus, Thanos, Mimir etc.) Experience in DevSecOps and CI/CD pipeline management. Java programming understanding is an added advantage Held the role of a critical contributor to or leading major systems rollouts and deployments Active participant in the vendor/product selection process Additional Information Expeditors offers excellent benefits: Paid Vacation, Holiday Health Plan: Medical Insurance Employee Stock Purchase Plan Training and Education Programs Unlimited opportunities for career advancement Show more Show less

What we offer Home About Services Back IT Consulting DevSecOps DevOps Site Reliability Engineering Cloud Advancement Managed Kubernetes Services Platform Engineering Infrastructure Automation Data Intelligence and Innovation Cloud Native Architecture Internet of Things (IoT) SAP DevEx Need different solutions? BerryBytes scalable solutions adapt to your needs, ensuring robust growth without compromise. Talk to sales Learn more about 01Cloud Protection Against Cyber Threats Scalable and Tailored Solutions Expert Guidance and Support Careers Events News Contact SecOps Engineer SecOps Engineer Job Category: Infrastructure Engineering Job Type: Full Time Job Location: India & Nepal Reports To: Director of Cloud Infrastructure We’re looking for a SecOps Engineer to help us get to cyber resiliency in our infrastructure. You will be responsible for ensuring security standards are set and adhered to for operational excellence in the areas of availability, productivity, capacity, and efficiency. Responsibilities Define & execute on company’s strategy for a secure infrastructure, applications and third party vendors Understanding the tooling behind the security Analyse, identify and remediate security weaknesses in cloud infrastructure Build cyber resiliency in our cloud infrastructure Consult on security-critical infrastructure and system features Championing improvements for a company’s security controls, identifying automation opportunities and tools that could improve the ability to detect and react to events Internal infrastructure network testing, mainly within Kubernetes clusters Vulnerability assessment (VMs, container images) Container runtime security Web application security testing (ability to identify vulnerabilities within the OWASP Top Ten) Static Application Security Testing (SAST) and DAST (Dynamic Application Security Testing); mainly automated but some manual work required to eliminate false positives Mobile Application Security Testing (MAST) Participate in security code reviews Develop KPIs to show how many issues found and how many issues fixed Participate in security architecture reviews Assist with automation to help development and operations consume security service Requirements Experienced with Application Security Tools (SAST, DAST, SCA) Knowledge on threat modelling and security design review methodologies Promoting security knowledge sharing within technical organisations Assisting in the design of enhancements to the cloud security strategy by identifying and alerting on appropriate event types Managing CI/CD security strategy with integration of Security as Code (SaC) and Policy as Code (PaC) Great To Have Ability to carry out manual code security review (this would mean some knowledge of the Javascript, Java, PHP, Go, C#, Python, Terraform, HTML, XML and CSS languages) Experience in helping an organisation to meet the PCI DSS and SOC-2 compliance standards Experience in Kubernetes AWS/GCP exposure. Qualification Bachelor’s or master’s degree in Computer Science, Information Technology, or a related field, or 1 years equivalent practical Information Security professional experience. 1+ years of Information Technology experience with a focus on Security. 1+ years of experience in Cloud Administration, Networking, or another operations-related field. Candidates should have exceptional troubleshooting and problem-solving skills. Experience engineering and operating public-facing infrastructure Knowledge with integrating crucial security tasks into CI/CD pipelines Apply for this position Full Name * Email * Phone * Cover Letter * Upload CV/Resume *Allowed Type(s): .pdf By using this form you agree with the storage and handling of your data by this website. * Get the latest BerryBytes updates by subscribing to our Newsletter! Unleash Your Potential with Cloud Native Solutions Contact Us Navigation Home About Careers Events News Contact Services IT Consulting DevSecOps DevOps Site Reliability Engineering Cloud Advancement Managed Kubernetes Services Platform Engineering Services Infrastructure Automation Data Intelligence and Innovation Cloud Native Architecture Internet Of Things (IoT) SAP DevEx Legal Terms & Conditions Cookie Policy Privacy Policy Copyright © 2025 BerryBytes. All Rights Reserved. Designed & Built by Wattdot What we offer Home About Services Back IT Consulting DevSecOps DevOps Site Reliability Engineering Cloud Advancement Managed Kubernetes Services Platform Engineering Infrastructure Automation Data Intelligence and Innovation Cloud Native Architecture Internet of Things (IoT) SAP DevEx Need different solutions? BerryBytes scalable solutions adapt to your needs, ensuring robust growth without compromise. Talk to sales Learn more about 01Cloud Protection Against Cyber Threats Scalable and Tailored Solutions Expert Guidance and Support Careers Events News Contact Show more Show less

Cyber Security Trainer Job Location: Pune Required Experience: 3 to 5 Years Skills Technical process trainer in Cyber Security, Network Security, Web application, Mobile application & API, Cloud Security, Cyber Security Governance and Security Operations Centre Incident Management Excellent Communication, Strong Interpersonal skills, Organizational and Presentation skills : Conduct pre-scheduled seminars and trainings for college students and corporate employees Conduct Training sessions on Cyber Security, Web Application Security and concepts of VAPT Enhancing Course plans, Assignments and Presentations to suit the training needs Designing hands-on sessions with practice labs Providing assessments for measuring proficiency of the trainees Impart training programs, webinars, workshops in groups or individually Maintain training related MIS (attendance, feedback forms, evaluation scores and certificate issued) Incorporate participants feedback for improvisation of the training programs Working on Creative slides and upgrading training material Researching the latest security best practices, staying abreast of new threats and vulnerabilities, technologies Flexible in travelling for delivering the training at Varutra offices or client locations if needed Any Certification related in Cyber Security would be beneficial Required Skills Proven experience as technical process trainer in Cyber Security, Network Security, Application Security (Web, Mobile, API), Cloud Security, Cyber Security Governance and Security Operations Centre Incident Management Hands-on experience in delivering security testing and ethical hacking modules on Penetration Testing, OWASP testing methodologies to corporate as well as freshers Hands-on working experience and understanding of OWASP Top 10 Technical experience in conducting cyber security assessments, vulnerability and exploitation engagements Knowledge of modern training techniques and tools Should have Excellent Communication, Strong Interpersonal, Organizational, and Presentation skills Innovative and able to think outside the box Apply For This Position First Name Email address Phone Cover Letter Upload CV/Resume Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website Show more Show less

Description Job Summary: Responsible for developing software programs per technical specifications following programming standards and procedures, performing testing, executing program modifications, and responding to problems by diagnosing and correcting errors in logic and coding. Key Responsibilities Applies secure coding and UI standards and best practices to develop, enhance, and maintain IT applications and programs. Assists with efforts to configures, analyzes, designs, develops, and maintains program code and applications. Performs unit testing and secure code testing, and issues resolution. Follow the process for source code management. Participate in integration, systems, and performance testing and tuning of code. Participates in peer secure code reviews. Harvest opportunities for re-usability of code, configurations, procedures, and techniques. Responsibilities Competencies: Action oriented - Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm. Balances stakeholders - Anticipating and balancing the needs of multiple stakeholders. Business insight - Applying knowledge of business and the marketplace to advance the organization’s goals. Drives results - Consistently achieving results, even under tough circumstances. Plans and aligns - Planning and prioritizing work to meet commitments aligned with organizational goals. Tech savvy - Anticipating and adopting innovations in business-building digital and technology applications. Performance Tuning - Conceptualizes, analyzes and solves application, database and hardware problems using industry standards and tools, version control, and build and test automation to meet business, technical, security, governance and compliance requirements. Programming - Creates, writes and tests computer code, test scripts, and build scripts using algorithmic analysis and design, industry standards and tools, version control, and build and test automation to meet business, technical, security, governance and compliance requirements. Solution Configuration - Configures, creates and tests a solution for commercial off-the-shelf (COTS) applications using industry standards and tools, version control, and build and test automation to meet business, technical, security, governance and compliance requirements. Solution Functional Fit Analysis - Composes and decomposes a system into its component parts using procedures, tools and work aides for the purpose of studying how well the component parts were designed, purchased and configured to interact holistically to meet business, technical, security, governance and compliance requirements. Solution Validation Testing - Validates a configuration item change or solution using the Function's defined best practices, including the Systems Development Life Cycle (SDLC) standards, tools and metrics, to ensure that it works as designed and meets customer requirements. Values differences - Recognizing the value that different perspectives and cultures bring to an organization. Education, Licenses, Certifications College, university, or equivalent degree in Computer Science, Information Technology, Business, or related subject, or relevant equivalent experience required. This position may require licensing for compliance with export controls or sanctions regulations. Experience Intermediate level of relevant work experience required. 3-5 years of experience. Qualifications Key Responsibilities: Development & Coding: Design, develop, and maintain scalable web applications using modern front-end and back-end technologies. Write clean, efficient, and reusable code for both front-end and back-end components. Integrate APIs and third-party services into the web applications. Develop and manage NoSQL database schemas, and optimize queries for performance and scalability. Collaborative Problem-Solving: Collaborate with product managers, designers, and other developers to create functional, user-friendly, and visually appealing web applications. Participate in code reviews to ensure code quality, security, and maintainability. Troubleshoot, debug, and optimize applications for better performance and user experience. Technical Leadership & Mentorship: Provide guidance and support to junior developers and help them grow technically. Continuously stay updated with new technologies, tools, and best practices to contribute innovative ideas to the team. Front-End Development: Build responsive and adaptive user interfaces using modern front-end frameworks and libraries (e.g., React, Angular, Vue.js). Implement best practices for UI/UX design and ensure the application is mobile-friendly. Back-End Development: Develop RESTful APIs, microservices, and server-side logic using backend technologies (e.g., Node.js, Python, Java, Typescript). Ensure security, data protection, and compliance with industry standards. Database & Storage: Design, implement, and manage relational (SQL) and non-relational (NoSQL) databases such as PostgreSQL, MySQL, Neo4J, CosmosDB, etc. Perform database optimizations for faster query processing and better performance. Version Control & Deployment: Use version control systems (e.g., Git) to manage and document changes to the codebase. Participate in continuous integration and continuous deployment (CI/CD) processes, ensuring the software is regularly deployed to production. Testing & Debugging: Write unit, integration, and end-to-end tests for applications to ensure robustness and reliability. Conduct thorough testing and debugging to ensure a smooth user experience. Documentation: Document technical specifications, API endpoints, and any relevant development processes. Maintain clear and concise documentation for code, database schemas, and deployment procedures. Technical Skill Set Front-End Technologies: Strong experience with HTML5, CSS3, and JavaScript. Proficiency in front-end frameworks such as React, Angular, or Vue.js. Knowledge of responsive design and cross-browser compatibility. Familiarity with front-end build tools (Webpack, Gulp, etc.). Back-End Technologies: Proficient in one or more back-end programming languages such as Node.js, Python or Java. Experience with server-side frameworks (Express.js, Django, Spring, GraphQL etc.). Strong knowledge of RESTful API and GraphQL design and development. Strong experience in Azure Cloud web services. Experience in Kubernetes development and deployment. Databases: Proficiency in relational databases (SQL Server, PostgreSQL, etc.). Knowledge of NoSQL databases (MongoDB, Neo4J, CosmosDB, Redis, etc.). Strong SQL skills and ability to write optimized queries. Version Control: Experience with Git for version control, including branching, merging, and pull requests. Familiarity with Git workflows such as GitFlow or trunk-based development. Deployment & DevOps: Experience with CI/CD tools such as Jenkins, GitLab CI, or CircleCI. Familiarity with containerization technologies like Docker and container orchestration platforms like Kubernetes. Knowledge of cloud platforms (AWS, Azure, GCP) for hosting and deploying applications. Testing & Debugging: Knowledge of testing frameworks and tools like Jest, Mocha, or Jasmine. Experience with test-driven development (TDD) and writing unit and integration tests. Familiarity with debugging tools and strategies. Agile Methodology: Experience working in Agile development environments, participating in Scrum ceremonies (stand-ups, sprint planning, etc.). Familiarity with project management tools like Jira, Trello, or Asana. Additional Skills: Strong problem-solving skills and ability to think critically. Good understanding of web security best practices (e.g., OWASP Top 10). Ability to work in a collaborative, team-oriented environment. Strong communication skills and ability to articulate technical concepts to non-technical stakeholders. Preferred Qualifications 3-5 years of hands-on experience as a full-stack developer. Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience). Familiarity with additional technologies or frameworks like React, Vue.js, Svelte, etc. Job Systems/Information Technology Organization Cummins Inc. Role Category Hybrid Job Type Exempt - Experienced ReqID 2411090 Relocation Package Yes Show more Show less