3367 Owasp Jobs - Page 50

Urgent hiring need. Love Python? Eager to ship code that powers AI-driven products used by thousands? Join our lean, fast-moving team and own the backend that makes it all happen. What you will build Robust APIs: Django + DRF (REST & GraphQL) that scale and stay secure Data Layers: PostgreSQL, Redis/Memcached, Celery/RabbitMQ for async jobs Cloud Deployments: Docker-first pipelines on AWS/GCP with CI/CD automation High Performance: Profiling, caching, and OWASP-aligned security hardening Cross-Functional Features: Partner with React & ML engineers to ship end-to-end value Must have skill 2–3 years of production experience in Python & Django Strong SQL/PostgreSQL chops and migration discipline Hands-on with Docker, Linux, and a major cloud (AWS / GCP / Azure) Clean Git workflow, unit + integration testing (pytest), agile mindset Clear communicator who thrives on ownership and speed

Company Description Seaionl Inc. is an AI-driven cybersecurity company that provides unified, enterprise-grade integrated security solutions. Our offerings include SSL monitoring, data protection, vCISO leadership, DevSecOps tooling, and managed services, all supported by advanced AI. Our mission, “Security First,” focuses on protecting digital assets, ensuring compliance, and enabling businesses to operate confidently in a threat-intense environment. With operations in both the U.S. and India, we serve SMBs, startups, and large enterprises looking for scalable security platforms. Role Description This is a full-time hybrid role for a Senior Full Stack Developer. The role is located in Hyderabad but allows some work-from-home flexibility. As a Senior Full Stack Developer, you will be responsible for developing both front-end and back-end components of web applications. Your day-to-day tasks will include writing clean, maintainable code, collaborating with cross-functional teams, troubleshooting issues, and ensuring the scalability and performance of developed applications. Responsibilities Lead full development lifecycle: design, code, test, deploy, and maintain scalable web apps. Build responsive interfaces using HTML , CSS , JavaScript , and modern UI frameworks (React, Angular, or Vue) Develop and integrate server-side APIs using Node.js , Python , or Java Design and manage database logic (SQL/NoSQL) Create, review, and maintain Terraform and Helm infrastructure-as-code for Azure-based deployments, leveraging DevOps practices Automate CI/CD pipelines for build, test, and release workflows Monitor app performance and troubleshoot production issues Mentor junior engineers and enforce coding standards Bonus: Implement basic cybersecurity protections—input validation, secure storage, audit logging Required Qualifications 3–6 years full‑stack development experience Strong front-end skills: HTML5, CSS3, JavaScript (+ React/Angular/Vue) Proficient back-end development: Node.js, Python, or Java Experience with relational and NoSQL databases Infrastructure-as-code proficiency: Terraform, Helm Azure services exposure; or similar cloud platforms DevOps tools usage: Docker, GitHub Actions/Jenkins, CI/CD pipelines Solid grasps with version control, testing, and agile workflows Excellent debugging, problem-solving, and communication skills Bachelor’s degree in Computer Science, Engineering, or a related field Preferred (Nice to Have) Hands-on cybersecurity knowledge (OWASP, secure coding, vulnerability scanning) Experience with container orchestration (Kubernetes, AKS) Familiarity with policy-as-code or compliance tools Prior seasonal/interim product development experience

What You Can Expect Zoom are seeking to hire an experienced, hands on AI Security Development Engineer (Detection) to join Zoom’s Detection and Response (D&R) organization. This team also work with Threat Detection & Analytics Engineering, SOC, Incident Response, and Security Monitoring and Logging teams. About The Team The AI security engineer will play a crucial role in ensuring the security of Zoom’s AI products. This team identify, assess, and detect application-level threats and vulnerabilities. Responsibilities Collaborate with AI, engineering and DevOps teams to model AI threats and assess risks. Design and develop threat detection solutions tailored to Zoom’s AI applications and services. Proactively identify AI application log sources with detection values and facilitate onboarding and tuning in order to have better efficacy. Build and maintain automations to streamline detection processes. What We Are Looking For Have a B.S. in Computer Science, Information Security, or related field. 7 - 10 years experience as a Security Engineer with a focus on security testing, and container security. Solid understanding of application security concepts, including OWASP Top Ten for LLM applications. Deep knowledge of security architecture of applications and services deployed to on-premise and cloud environments. Experience with building security defenses against attacks such as prompt injection, data poisoning and leakage for AI/ML systems. Proficiency in programming (Python, Java, Scala, etc.). Proficiency in statistical analysis and machine learning methodologies. Knowledge of MITRE ATLAS framework preferrable. Be experienced with cloud environments and cloud security principles. Also have the technical know-how and understanding of APIs, vulnerability management (CVE, CVSS, OWASP Top 10), container, network, and systems security. Have Data & Automation knowledge of MySQL or similar databases, data visualization, workflow mapping, and enthusiasm for AI-driven automation. Be experienced in collaborating and working effectively with global and remote teams. 7-10 years Security engineer to be eligible. #India #Remote #RemoteIndia Ways of Working Our structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting. Benefits As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn for more information. About Us Zoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars. We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Find room to grow with opportunities to stretch your skills and advance your career in a collaborative, growth-focused environment. Our Commitment At Zoom, we believe great work happens when people feel supported and empowered. We’re committed to fair hiring practices that ensure every candidate is evaluated based on skills, experience, and potential. If you require an accommodation during the hiring process, let us know—we’re here to support you at every step. If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.

About Chargebee: Chargebee is a subscription billing and revenue management platform powering some of the fastest-growing brands around the world today, including Calendly, Hopin, Pret-a-Manger, Freshworks, Okta, Study.com and others. Thousands of SaaS and subscription-first businesses process over billions of dollars in revenue every year through the Chargebee platform. Headquartered in San Francisco, USA, our 500+ team members work remotely throughout the world, including India, the Netherlands, Paris, Spain, Australia, and the USA. Chargebee has raised over $480 million in capital and is funded by Accel, Tiger Global, Insight Partners, Steadview Capital, and Sapphire Ventures. And we’re on a mission to push the boundaries of subscription revenue operations. Not just ours, but every customer and prospective business on a recurring revenue model. Our team builds high-quality and innovative software to enable our customers to grow their revenues powered by the state-of-the-art subscription management platform. Job Summary: We are seeking a Senior Security Engineer – Software Security with 3–6 years hands-on experience in application security testing. The ideal candidate will play a critical role in ensuring the security of our applications and infrastructure by identifying, validating, and helping remediate vulnerabilities across our web applications, APIs, CI/CD pipelines, and emerging GenAI-based systems. This is a highly collaborative role, requiring strong technical expertise in secure code review, SAST, DAST, SCA,vulnerability management and an interest in securing the next generation of AI-powered applications. Roles and Responsibilities: Perform manual and automated secure code reviews - primarily in Java – to identify and triage security vulnerabilities across a variety of codebases and frameworks. Conduct SAST (Static Application Security Testing) and SCA (Software Composition Analysis) scans, analyze and triage findings to support secure development. Collaborate with developers, understand the codebase and guide on secure coding practice Execute DAST (Dynamic Application Security Testing) on web applications and APIs. Perform manual and automated penetration tests on web applications, APIs, and AI-enabled Systems. Document findings with clear risk assessments and actionable remediation steps. Retest fixed vulnerabilities to confirm effective remediation and close the finding. Stay up to date with emerging threats, latest attack techniques, tooling, and best practices in both traditional and GenAI security domain. Collaborate with DevOps/Platform teams to integrate security tools into CI/CD pipelines for automated scanning and enforcement. Proficiency in Python or Go for automating security checks and developing custom security workflows. Participate in security incident analysis and remediation efforts, especially at the application level. Must Have: 3 to 6 years of experience in application/product security with strong focus on penetration testing and code level security. Expertise in web application and API security testing, including tools like Burp Suite, OWASP ZAP, Postman, etc. Able to configure an automated scanner to perform successful scans. Proficient in using and interpreting results from SAST and SCA tools Strong understanding of common vulnerabilities and remediation strategies (OWASP Top 10-Web/API, SANS 25). Familiarity with CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins) and integrating security scans in pipelines. Strong written and verbal communication skills to document findings and engage with development teams. Ability to journal & create high quality wiki documentation for related work. Excellent communication skills, both verbal and written; ability to condense complicated scenarios into simple, risk-based assessments. Experience in operating using Agile methodologies & use of JIRA / confluence Nice to have: Familiarity with security considerations in LLM-based applications and agentic AI systems , such as prompt injection or insecure plugin use. Certifications such as OSCP, GPEN or similar. Domain experience in payments / banking / platform based products. Benefits: Want to know what it means to work for a company that genuinely cares about you? Check out just a few of the benefits we give our employees: We are Globally Local With a diverse team across four continents, and customers in over 60 countries, you get to work closely with a global perspective right from your own neighborhood. We value Curiosity We believe the next great idea might just be around the corner. Perhaps it’s that random thought you had ten minutes ago. We believe in creating an ecosystem that fosters a desire to seek out hard questions, and then figure out answers to them. Customer! Customer! Customer! Everything we do is driven towards enabling our customers’ growth. This means no matter what you do, you will always be adding real value to a real business problem. It’s a lot of responsibility, but also a lot of fun. If you resonate with Chargebee, have a monstrous appetite for curiosity, and an insatiable urge to learn and build new things, we’re waiting for you! We value people from all backgrounds and are dedicated to hiring and employing a diverse and inclusive workplace. Come be a part of the Chargebee tribe!

We are hiring for one of the IT product-based company Designation: - Senior Software Engineer/Staff Software Engineer Location: - Gurgaon/Pune Skills: -.Net, asp.net, .Net Core, react/Angular, SQL Server, Azure Devops, CI/CD Domain Experience: - Healthacare Job Description: - What you will do Major Responsibilities/Activities: Responsible for developing new features and the maintenance and enhancements of existing functionality Responsible for working within and maintaining an extensible and performant system architecture Maintain a broad knowledge of emergent trends in software development platforms, tools, methodologies and their underlying principles Code review, unit test coverage and continuous improvement Build tools to support automation and productivity Communicate effectively with team members and project leadership to identify needs and evaluate alternative business solutions. Ensure unit tests written for all new code Seek opportunities to incorporate new technologies into the product’s technology stack when they can add value Work directly with support organizations to resolve production issues Provide application support by analyzing defects, replicating/fixing defects and providing root cause analysis for defects Troubleshoot and resolve functional and performance related issues What you will bring 5+ years of experience in Software Development. Expertise in Visual Studio, C#, ASP.NET (MVC, RESTful APIs). Strong knowledge of .NET Framework 4.8 and .NET 8. Proficiency with Git and modern branching strategies. Experience with modern web development (React, Angular, or similar). Hands-on experience with SQL Server using ORM tools like Dapper or Entity Framework. Understanding of OOD & Design Patterns, including Dependency Injection (e.g., Autofac, Unity). Experience with microservices architecture and Azure cloud-based development. Proficiency in messaging protocols (REST, SOAP, WSDL, X12). Familiarity with unit testing frameworks (e.g., NUnit, MSTest, Moq). Experience with CI/CD pipelines and DevOps tools (Azure DevOps, GitHub Actions, or Jenkins). Secure coding practices and understanding of OWASP guidelines. Strong debugging and performance optimization skills Excellent oral and written communication skills. What we would like to see Bachelor’s degree in computer science or related field. Experience with distributed, message-based systems (e.g., Azure Service Bus, RabbitMQ, NServiceBus). Automated Testing and Test-Driven Development (TDD). Front-end testing experience (e.g., Jest, Cypress, Playwright). Healthcare domain knowledge, including HIPAA compliance, Patient Accounting, Revenue Cycle Management, and IT integration. Familiarity with performance monitoring and troubleshooting tools (e.g., Prometheus). Strong collaboration and mentoring skills for team development

Quality Assurance Engineer as part of Site Reliability Engineering (SREs) team is responsible for ensuring that the CDL (Core Data Lake) platform components follow industry standards for all Software Development Lifecycle activities related to quality and testing. SREs are a blend of pragmatic operators and software craftspeople that apply sound engineering principles, operational subject area, and mature automation to our operating environments and the P&G codebase. Open to explore and experiment new testing processes and tools to support technical requirements of the D&A platform Define and support implementation of testing strategy for a portfolio of applications and works on sophisticated IT Testing aspects with full proficiency Provide leadership for architecture, design, and implementation of the QA framework including automation and CI/CD objectives Has in-depth knowledge of specified technological areas including applicable processes, methodologies, standards, products, and frameworks Play a key role in developing, establishing, and making sure testing measures and standards Evaluate multiple testing tools and identifies appropriate testing tool for the portfolio of applications Architect, craft and develop (through team) solution for product/project & sustenance delivery Recommend client value creation initiatives and implement industry standard processes Coordinate the setting up of performance test environment and the activities of the testing team Provide leadership in the evaluation of new and emerging trends in testing automation and assist in the development of testing estimates Must have good insights into detailed test architecture and its underlying components Advises and coordinates the implementation of new test framework, test suite, automation and performance toolset etc. Should be aware of basic information security awareness protocols, software security in the SDLC lifecycle, and OWASP top 10 concepts

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

```html Company Description DragonFlyTest is a leading provider of independent software quality assurance and testing services to clients worldwide. We offer a comprehensive range of high-quality and efficient testing solutions to assist our customers in building quality products. With a team of over 70 skilled professionals, we deliver mission-critical testing solutions tailored to clients' business needs through our offices in the USA, UK, and India. DragonFlyTest is both ISO 9001:2015 and ISO/IEC 27001:2022 certified. Our tailored testing solutions improve operational efficiency, reduce time to market, increase credibility, and enhance customer retention. Location: Hyderabad Job Type: Full-Time Experience Level: 0-3 Years Department: Information Security / QA / Cybersecurity Role Description Plan and execute security testing (manual and automated) for web, mobile, API, and network components. Conduct Vulnerability Assessment and Penetration Testing (VAPT) using tools like Burp Suite Pro, OWASP ZAP, SQLMap, and Nmap. Perform API security testing including fuzzing, authentication/authorization checks, rate limiting, and schema validation. Execute Mobile Application Security Testing (Android/iOS) using tools like MobSF, Frida, or Drozer. Utilize Kali Linux tools and scripts for reconnaissance, exploitation, and reporting. Identify, document, and report security vulnerabilities with detailed risk analysis and remediation suggestions. Collaborate with developers, DevOps, and QA teams to fix and verify security vulnerabilities. Participate in threat modeling , risk assessments, and security reviews for new features or applications. Stay updated with latest security trends, exploits, and mitigation techniques. Email Your Profiles to info@dragonflytest.com ```

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab. Thanks to products like Duo Enterprise, and Duo Workflow, customers get the benefit of AI at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier. All team members are encouraged and expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact across our global organization. The Engineering Manager for Composition Analysis specializes in leading teams focused on application security scanning technologies. This role is an extension of the Engineering Manager position. The Composition Analysis Group Is Responsible For Software Composition Analysis Container Scanning What You’ll Do Manage engineers across the Composition Analysis group Drive key initiatives including: Auto-remediation of vulnerable software packages Scanning of unmanaged dependencies in C/C++ Static reachability analysis with function-level granularity Snippet detection for open source dependencies Author project plans for epics Run agile project management processes Provide guidance on security product architecture Coordinate with Dynamic Analysis team to ensure consistent and complementary approaches to application security What You’ll Bring In-depth understanding of application security concepts, particularly in software composition analysis techniques to evaluate the security risks associated with application dependencies Understanding of the challenges in developing and maintaining security scanning tools Familiarity with containerization technologies and dependency management systems Knowledge of web application security testing techniques and tools Experience with open source security tooling (such as OWASP ZAP, Trivy, or similar) Experience in DevSecOps practices and implementation Experience in vulnerability management and remediation How GitLab Will Support You Benefits to support your health, finances, and well-being All remote, asynchronous work environment Flexible Paid Time Off Team Member Resource Groups Equity Compensation & Employee Stock Purchase Plan Growth and Development Fund Parental leave Home office support Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range $131,600—$282,000 USD Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.

Company Name: Travtech Software Location: Bengaluru Work Mode: Work from office Role: Sr. Cyber Security Officer Reporting to: EVP Travtech seeking a Senior Cybersecurity Officer to lead and manage our cybersecurity initiatives in a fast-paced, product-driven environment within the travel technology industry . This role is critical in ensuring the security of our platforms, customer data, and internal systems while supporting agile product development, third-party integrations, and global customer operations. Key Responsibilities: Cybersecurity Strategy & Governance: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with business goals and regulatory requirements. Lead risk assessments and audits across systems, products, and data environments. Define and enforce security policies, frameworks, and best practices across the organization. Product Security: Work closely with product and engineering teams to embed security into the SDLC (Secure Development Lifecycle). Conduct security reviews of application architecture, APIs, and third-party integrations commonly used in the travel domain (e.g., GDS systems, booking engines, payment gateways). Coordinate secure code reviews and threat modeling for new and existing products. Incident Response & Threat Management: Lead security incident response efforts, from detection to containment and post-mortem analysis. Monitor threat intelligence and emerging cyber risks relevant to the travel industry. Compliance & Data Protection: Ensure adherence to data protection and privacy regulations like GDPR, PCI-DSS, and regional travel-specific compliance standards. Collaborate with legal, compliance, and IT teams to maintain audit readiness and regulatory reporting. Team Leadership & Awareness: Mentor security team members and lead cross-functional training efforts. Drive security awareness and training across development and business teams. Qualifications: Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, 10+ years of experience in information security, with 4+ years in a senior or lead role. Experience in product-based companies, preferably in the travel, or fintech domains. Strong understanding of: Web and API security Cloud platforms (AWS, Azure, GCP) DevSecOps practices Network and endpoint security IAM, SIEM, EDR, and vulnerability management tools Hands-on knowledge of security standards and frameworks: NIST, ISO 27001, OWASP, CIS Controls, etc. Relevant certifications preferred: CISSP, CISM, CEH, OSCP, CCSP

Role Overview We are seeking a skilled and driven Sr. Security Engineer with a strong background in penetration testing (web, mobile, and network) and an understanding of security compliance standards such as SOC 2, ISO 27001, and GDPR. The ideal candidate will have hands-on experience identifying and exploiting vulnerabilities, preparing technical and compliance reports, and guiding clients or internal teams on remediation and governance. Key Responsibilities Conduct penetration testing of web applications, mobile apps (iOS/Android), and internal/external networks. Perform vulnerability assessments and risk evaluations across client environments. Create detailed technical and executive reports with prioritized remediation strategies. Assist in SOC 2 readiness assessments, ISO 27001 implementation, and GDPR compliance checks. Collaborate with cross-functional teams for remedial activities to improve the security posture. Stay updated with the latest exploits, tools, and compliance updates. Required Qualifications 5+ years of experience in cybersecurity with a focus on penetration testing and compliance. Proficiency in tools like Burp Suite, Nmap, Metasploit, Nessus, MobSF, and manual testing techniques. Strong knowledge of OWASP Top 10, secure coding practices, network protocols, and common attack vectors. Understanding of SOC 2, ISO 27001, GDPR, and associated implementation or audit processes. Certifications (Preferred) CEH (Certified Ethical Hacker) ISO/IEC 27001 Lead Auditor / Lead Implementer Other relevant certs: e.g., CompTIA Security+, eWPT, eCPPT, GPEN Nice-to-Have Skills Familiarity with DevSecOps pipelines, source code reviews, or CI/CD security integration. Client-facing consulting experience or report presentation skills. Cyber Security vibe is a must. (ref:hirist.tech)

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers. NetSPI is seeking a Senior Security Consultant who will serve as a resource for delivery of secure code review and web application penetration assessment. This position requires an understanding of various web technologies, enterprise secure development and risk management. In addition, it requires experience with application security assessments/testing, as well as demonstrated competencies in problem solving, client service, written/verbal communication, and project execution. Responsibilities Conduct in-depth penetration testing and secure code review assessments on web applications Dynamically exploit vulnerabilities found in codebase and correlate insecure coding practices into dynamic application vulnerabilities Deliver secure code review assessment on programming languages such as Java, C#, Python, C/C++, Perl, PHP Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques Train and assist developers in writing secure software and remediating existing vulnerabilities Provide oversight to peers on service lines through QA process Mentor and assist team members in effectively delivering assessments and enhancing skillsets Present detailed penetration test findings to clients and assist in remediation planning Engage in research to develop new penetration testing methods, tools, and innovative exploit techniques Contribute to the cybersecurity community through tools, presentations, white papers, and blogging Maintain consistency with other internal requirements related to day-to-day administration tasks (time keeping, status updates to clients, etc.) Minimum Qualifications Minimum of 3-5 years of experience in application security including both secure code review and web application penetration testing Exceptional familiarity in all Burp Suite functions. Published Burp extensions and ability to create new Burp Suite extensions preferred Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code Ability to explain risk and business impact of security vulnerabilities to variety of audience Bachelor’s degree or higher, preferably in Computer Science, Engineering, Mathematics, IT, or a related field; equivalent experience will also be considered. Preferred Qualifications Experience in detecting, analyzing and providing recommendation guidance on security vulnerabilities using SAST and/or manual secure code review in at least two of the following languages: Java, C#, PHP, Python, C/C++ Experience in software development in at least one server-side programming language We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Quality Assurance Engineer as part of Site Reliability Engineering (SREs) team is responsible for ensuring that the CDL (Core Data Lake) platform components follow industry standards for all Software Development Lifecycle activities related to quality and testing. SREs are a blend of pragmatic operators and software craftspeople that apply sound engineering principles, operational subject area, and mature automation to our operating environments and the P&G codebase. Open to explore and experiment new testing processes and tools to support technical requirements of the D&A platform Define and support implementation of testing strategy for a portfolio of applications and works on sophisticated IT Testing aspects with full proficiency Provide leadership for architecture, design, and implementation of the QA framework including automation and CI/CD objectives Has in-depth knowledge of specified technological areas including applicable processes, methodologies, standards, products, and frameworks Play a key role in developing, establishing, and making sure testing measures and standards Evaluate multiple testing tools and identifies appropriate testing tool for the portfolio of applications Architect, craft and develop (through team) solution for product/project & sustenance delivery Recommend client value creation initiatives and implement industry standard processes Coordinate the setting up of performance test environment and the activities of the testing team Provide leadership in the evaluation of new and emerging trends in testing automation and assist in the development of testing estimates Must have good insights into detailed test architecture and its underlying components Advises and coordinates the implementation of new test framework, test suite, automation and performance toolset etc. Should be aware of basic information security awareness protocols, software security in the SDLC lifecycle, and OWASP top 10 concepts

Looking for a candidate with 5-7 years of experience in Security Testing. Experience in ethical hacking/penetration testing for web, API & mobile applications aligned to OWASP. Suitable candidates, please share your updated CV to trinadh@desicrew.in

Job Title: Sr. Automation Tester Job Overview We are seeking a skilled Automation Tester to join our team. The successful candidate will be responsible for developing, implementing, and maintaining automation frameworks, as well as executing automated tests to ensure the quality and reliability of our software applications. You will collaborate with cross-functional teams to identify and resolve issues and contribute to the overall improvement of our testing processes. Responsibilities Develop, implement, and maintain automation frameworks to streamline the testing process and improve efficiency. Create and execute automated test scripts using programming languages such as Java, Python, Ruby, or C#. Conduct API testing using tools like Postman and SoapUI to verify the functionality and performance of application programming interfaces. Utilize your understanding of database technologies and SQL to perform database testing and validate data integrity. Conduct performance testing using tools such as JMeter or LoadRunner to assess system scalability, responsiveness, and resource usage. Collaborate with cross-functional teams to integrate automation testing into DevOps and CI/CD pipelines. Troubleshoot and debug automation scripts and frameworks, identifying and resolving issues to ensure reliable test execution. Apply security testing principles and use tools like OWASP ZAP and Burp Suite to identify vulnerabilities and security flaws. Utilize testing frameworks and tools such as Selenium WebDriver, Appium, TestNG, JUnit, and Cucumber to automate various types of tests. Participate in test planning, test case creation, and test execution activities. Document test results, track defects, and provide detailed reports to stakeholders. Requirements Bachelor's degree in Computer Science, Engineering, or a related field. Proven experience in developing and maintaining automation frameworks for software testing. Strong analytical and problem-solving skills, with keen attention to detail. Excellent communication and collaboration skills, with the ability to work well within a team. Demonstrated leadership abilities, including the ability to lead and manage a testing team. Experience in creating test plans, test scenarios, and test cases based on project requirements. Ability to assign work, provide guidance to team members, and crosscheck their work for quality assurance, code reviews. Skills:- Automated testing, Selenium, Test Automation (QA), Postman, JMeter, CI/CD and TestNG

a Bit About Us Appknox is a leading mobile application security platform that helps enterprises automate security testing across their mobile apps, APIs, and DevSecOps pipelines. Trusted by global banks, fintechs, and government agencies, we enable secure mobile experiences with speed and confidence. About The Role We're looking for a Jr. Technical Support Engineer to join our global support team and provide world-class assistance to customers in the US time zones from 8pm to 5am IST. You will troubleshoot, triage, and resolve technical issues related to Appknox’s mobile app security platform, working closely with Engineering, Product, and Customer Success teams. Key Responsibilities Respond to customer issues via email, chat, and voice/voip calls during US business hours. Diagnose, replicate, and resolve issues related to DAST, SAST, and API security modules. Troubleshoot integration issues across CI/CD pipelines, API connections, SDKs, and mobile app builds. Document known issues and solutions in the internal knowledge base and help center. Escalate critical bugs to engineering with full context, reproduction steps, and logs. Guide customers on secure implementation best practices and platform usage. Collaborate with product and QA teams to suggest feature improvements based on customer feedback. Participate in on-call support rotations if needed. Requirements 1–4 years of experience in technical support, Delivery or QA roles at a SaaS or cybersecurity company. Excellent communication and documentation skills in English. Comfortable working independently and handling complex technical conversations with customers. Basic understanding of mobile platforms (Android, iOS), REST APIs, Networking Architecture, and security concepts (OWASP, CVEs, etc.). Familiarity with command-line tools, mobile build systems (Gradle/Xcode), and HTTP proxies (Burp). Ability to work full-time within US time zones. Ensure that you have a stable internet connection and work station. Good To Have Skills Experience working in a product-led cybersecurity company. Knowledge of scripting languages (Python, Bash) or log analysis tools. Familiarity with CI/CD tools (Jenkins, GitHub Actions, GitLab CI) is a plus. Familiarity with ticketing and support tools like Freshdesk, Jira, Postman, and Slack. Compensation As per Industry Standards Interview Process Application- Submit your resume and complete your application via our job portal. Screening-We’ll review your background and fit—typically invite you on cutshort for a Profile Evaluation call (15 mins) Assignment Round- You'll receive a real-world take-home task to complete within 48 hours. Panel Interview- Meet with a cross-functional interview panel to assess technical skills, problem-solving, and collaboration. Stakeholder Interview- A focused discussion with the Director to evaluate strategic alignment and high-level fit. HR Round- Final chat to discuss cultural fit, compensation, notice period, and next steps. Personality Traits We Admir A confident and dynamic working persona, which can bring fun to the team, and a sense of humour, is an added advantage. Great attitude to ask questions, learn and suggest process improvements. Has attention to details and helps identify edge cases. Highly motivated and coming up with fresh ideas and perspectives to help us move towards our goals faster. Follow timelines and absolute commitment to deadlines. Why Join Us Freedom & Responsibility: If you are a person who enjoys challenging work & pushing your boundaries, then this is the right place for you. We appreciate new ideas & ownership as well as flexibility with working hours. Great Salary & Equity: We keep up with the market standards & provide pay packages considering updated standards. Also as Appknox continues to grow, you’ll have a great opportunity to earn more & grow with us. Moreover, we also provide equity options for our top performers. Holistic Growth: We foster a culture of continuous learning and take a much more holistic approach to train and develop our assets: the employees. We shall also support you all on that journey of yours. Transparency: Being a part of a start-up is an amazing experience, one of the reasons being open communication & transparency at multiple levels. Working with Appknox will give you the opportunity to experience it all first-hand. Skills:- SaaS, Cyber Security, Technical support, JIRA, SDK, CI/CD and API

Application Security Engineer-II At Urbint, our mission is to make communities more resilient. We do this by pairing external data with artificial intelligence to identify areas of high risk and prevent catastrophic loss for utilities across the country. We are a team of close-knit engineers, entrepreneurs, and data geeks who obsess over problem-solving, new technologies and making a positive impact in our communities. Job Summary We are seeking an Application Security Engineer-II to help embed security within Urbint s software development lifecycle and scale our product security practices. This role focuses on enabling developers with the right tools, patterns, and guidance, while collaborating with engineering, CloudOps, and InfoSec to proactively identify, assess, and mitigate risk across Urbint s platforms. You ll also support Urbint s security posture in customer engagements and help evaluate and improve the maturity of security controls across our products. What Youll Do Design and implement security tooling and automation in CI/CD pipelines (SAST, secrets scanning, dependency checks, IaC scanning) to integrate security at build-time. Conduct security assessments of Urbint s web apps, APIs, cloud-native services, and internal tooling using manual and automated approaches. Lead and facilitate threat modeling for critical features and systems, and drive mitigation strategies with engineering teams. Collaborate on application security design, providing guidance on authentication, authorization, encryption, input validation, error handling, and data protection. Evaluate the security maturity of Urbint products, identify gaps, and partner with engineering to close them. Partner with InfoSec to support customer security questionnaires, audits, and external security posture communications. Promote secure coding practices and define reusable secure patterns, golden paths, and developer guides. Support and enable Security Champions across squads through mentorship, training, and playbooks. Work with CloudOps on runtime guardrails, including secrets management, identity controls, and logging practices. Assist in security incident investigations related to application-layer vulnerabilities and support remediation planning. Deliver security awareness sessions and workshops to uplift team security knowledge. Stay up to date on security trends, tools, and best practices, and share knowledge with engineering teams. Who You Are 6+ years experience in application security or DevSecOps roles. Solid understanding of web application security (e.g., OWASP Top 10, ASVS) and common vulnerabilities Hands-on experience with security tooling in CI/CD pipelines (e.g., SAST, SCA, secrets scanning, IaC scanning). Experience in secure architecture, threat modeling, and design reviews. Proficiency with a modern programming language (Python, TypeScript, JavaScript, or similar). Strong communication skills, able to collaborate effectively across engineering, CloudOps, and InfoSec teams. Bonus: Experience supporting data security initiatives or customer security assessments. Bonus: Familiarity with cloud-native environments (AWS, GCP, Azure) Benefits Competitive compensation package Generous Paid Time off, Paid Company Holidays including Mental Health Days Medical Insurance covering self, spouse, 2 children and parents/in-laws Hybrid work - 3 days at office; 2 days at home Were an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

security testing of web and mobile applications. Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a “Security by Design” principle.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. Responsibilities Designing, developing and maintaining applications and databases by evaluating business needs, analyzing requirements and developing software systems. Executing full software development life cycle (SDLC) – concept, design, build, deploy, test, release and support. Ensuring application development lifecycle is on track and adjusting the plan to meet release timelines. Acting as a strategic thinker joining a high-profile, high-visibility team that powers data science and strategic thinking for Verizon. Implementing information security concepts, practices and procedures to build security solutions. What We’re Looking For... You are curious about new technologies and the possibilities they create. You enjoy the challenge of supporting applications while exploring ways to improve upon the technology. You are driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You have a thirst for working on cutting edge technology with the drive to change the status quo. You'll Need To Have Bachelor’s degree or four or more years of work experience. Two or more years of relevant work experience. Two or more years of experience on Frontend/Web technologies and backend services. Development experience in Core / Advanced Java, and J2EE. Experience in Design Patterns. Experience on JMS, Spring Boot (REST & SOAP API skills), experience in Spring frameworks (MVC, IOC, Boot, Batch) and ORM framework like Hibernate. Experience in Oracle & SQL. Experience with Core Java, J2EE, SOA based Web Services, RESTful Web Services. Development experience with Web Services (SOAP and REST). Strong understanding of Artificial Intelligence and Machine Learning implementation. Ability to build, train, evaluate, and deploy machine learning models to address specific business problems. Knowledge of Secure-SDLC Knowledge of cloud-native application development. Effective code review, quality, performance tuning experience. Knowledge of shell scripting (Bash, Python, Ruby, JavaScript, and/or Perl) Familiarity with scripting for MAC systems Even better if you have one or more of the following: Experience with a high-performance, high-availability environment. Strong analytical, debugging skills. Good communication and presentation skills. Relevant certifications. Experience with UI framework. Experience with OWASP rules and mitigate security vulnerabilities using security tools like Fortify, Sonarcube, Blackduck etc. Ability to understand Agile and DevOps tools and technologies. Strong problem solving and debugging skills. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. Responsibilities Designing, developing and maintaining applications and databases by evaluating business needs, analyzing requirements and developing software systems. Executing full software development life cycle (SDLC) – concept, design, build, deploy, test, release and support. Ensuring application development lifecycle is on track and adjusting the plan to meet release timelines. Acting as a strategic thinker joining a high-profile, high-visibility team that powers data science and strategic thinking for Verizon. Implementing information security concepts, practices and procedures to build security solutions. What We’re Looking For... You are curious about new technologies and the possibilities they create. You enjoy the challenge of supporting applications while exploring ways to improve upon the technology. You are driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You have a thirst for working on cutting edge technology with the drive to change the status quo. You'll Need To Have Bachelor’s degree or four or more years of work experience. Two or more years of relevant work experience. Two or more years of experience on Frontend/Web technologies and backend services. Development experience in Core / Advanced Java, and J2EE. Experience in Design Patterns. Experience on JMS, Spring Boot (REST & SOAP API skills), experience in Spring frameworks (MVC, IOC, Boot, Batch) and ORM framework like Hibernate. Experience in Oracle & SQL. Experience with Core Java, J2EE, SOA based Web Services, RESTful Web Services. Development experience with Web Services (SOAP and REST). Strong understanding of Artificial Intelligence and Machine Learning implementation. Ability to build, train, evaluate, and deploy machine learning models to address specific business problems. Knowledge of Secure-SDLC Knowledge of cloud-native application development. Effective code review, quality, performance tuning experience. Knowledge of shell scripting (Bash, Python, Ruby, JavaScript, and/or Perl) Familiarity with scripting for MAC systems Even better if you have one or more of the following: Experience with a high-performance, high-availability environment. Strong analytical, debugging skills. Good communication and presentation skills. Relevant certifications. Experience with UI framework. Experience with OWASP rules and mitigate security vulnerabilities using security tools like Fortify, Sonarcube, Blackduck etc. Ability to understand Agile and DevOps tools and technologies. Strong problem solving and debugging skills. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. Responsibilities: Designing, developing and maintaining applications and databases by evaluating business needs, analyzing requirements and developing software systems. Executing full software development life cycle (SDLC) – concept, design, build, deploy, test, release and support. Ensuring application development lifecycle is on track and adjusting the plan to meet release timelines. Acting as a strategic thinker joining a high-profile, high-visibility team that powers data science and strategic thinking for Verizon. Implementing information security concepts, practices and procedures to build security solutions. What we’re looking for... You are curious about new technologies and the possibilities they create. You enjoy the challenge of supporting applications while exploring ways to improve upon the technology. You are driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You have a thirst for working on cutting edge technology with the drive to change the status quo. You'll need to have: Bachelor’s degree or four or more years of work experience. Two or more years of relevant work experience. Two or more years of experience on Frontend/Web technologies and backend services. Development experience in Core / Advanced Java, and J2EE. Experience in Design Patterns. Experience on JMS, Spring Boot (REST & SOAP API skills), experience in Spring frameworks (MVC, IOC, Boot, Batch) and ORM framework like Hibernate. Experience in Oracle & SQL. Experience with Core Java, J2EE, SOA based Web Services, RESTful Web Services. Development experience with Web Services (SOAP and REST). Strong understanding of Artificial Intelligence and Machine Learning implementation. Ability to build, train, evaluate, and deploy machine learning models to address specific business problems. Knowledge of Secure-SDLC Knowledge of cloud-native application development. Effective code review, quality, performance tuning experience. Knowledge of shell scripting (Bash, Python, Ruby, JavaScript, and/or Perl) Familiarity with scripting for MAC systems Even better if you have one or more of the following: Experience with a high-performance, high-availability environment. Strong analytical, debugging skills. Good communication and presentation skills. Relevant certifications. Experience with UI framework. Experience with OWASP rules and mitigate security vulnerabilities using security tools like Fortify, Sonarcube, Blackduck etc. Ability to understand Agile and DevOps tools and technologies. Strong problem solving and debugging skills. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Job Description: Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA – Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE’s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST – Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users Validation - Supplier will perform manual validation and false-positive analysis on the automated scan results. Remediation Support: The remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Scan Retest: Supplier will perform revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. Complex application testing and remediation/mitigation recommendation author Technical leadership of group of less experienced testers. Adversary based approach to test plan development Attempt to access unauthorized data Attempt to make unauthorized changes Bypass business logic, authentication, user privileges, etc.. Hijack accounts (Does not include social engineering methods) Attempt to exploit OWASP Top 10 vulnerabilities EcoSystem Testing All forms of application security testing, attempt to exploit All forms of device security testing, attempt to exploit All forms of database security testing, attempt to exploit Full Stack review, weakness enumer #Cybersecurity Weekly Hours: 40 Time Type: Regular Location: Bangalore, Karnataka, India It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Title: QA Tester Location:Gurugram WFO 6 Days Working Job Description: We are seeking a skilled QA Tester with expertise in Vulnerability Testing to ensure the security, functionality, and reliability of our applications. The ideal candidate will have experience in penetration testing, security testing methodologies, automation, and compliance standards. Key Responsibilities: Develop and execute test cases, scripts, and security test plans for applications and APIs. Perform vulnerability assessments and penetration testing on web, mobile, and cloud-based applications. Identify security loopholes, conduct risk analysis, and provide actionable recommendations. Work closely with development and DevOps teams to ensure secure coding practices. Automate security testing and integrate it into CI/CD pipelines. Test applications for OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, SSRF, etc. Utilize security tools such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux, Nessus, etc. Conduct API security testing and validate authentication & authorization mechanisms. Document security vulnerabilities and collaborate with teams for remediation. Ensure compliance with industry standards like ISO 27001, GDPR, HIPAA, PCI-DSS where applicable. Required Skills & Qualifications: 3+ years of experience in Quality Assurance with a focus on Security & Vulnerability Testing. Strong knowledge of penetration testing tools and security frameworks. Experience with automated security testing in CI/CD (Jenkins, GitHub Actions, GitLab CI, etc.). Proficiency in manual and automated security testing of web and mobile applications. Familiarity with scripting languages like Python, Bash, or JavaScript for automation. Experience working with cloud platforms such as AWS, Azure, or GCP is a plus. Strong understanding of HTTP, APIs, authentication protocols (OAuth, JWT, SAML, etc.). Knowledge of network security, firewalls, and intrusion detection systems (IDS/IPS). Certifications like CEH, OSCP, CISSP, or Security+ are an added advantage. Job Type: Full-time Pay: ₹200,000.00 - ₹500,000.00 per year Application Question(s): are you okay for 6days working Experience: Penetration testing: 3 years (Required) vulnerability testing: 3 years (Required) Scripting: 3 years (Preferred) Work Location: In person Expected Start Date: 15/07/2025

Job Description: Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA – Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE’s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST – Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users Validation - Supplier will perform manual validation and false-positive analysis on the automated scan results. Remediation Support: The remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Scan Retest: Supplier will perform revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. Complex application testing and remediation/mitigation recommendation author Technical leadership of group of less experienced testers. Adversary based approach to test plan development Attempt to access unauthorized data Attempt to make unauthorized changes Bypass business logic, authentication, user privileges, etc.. Hijack accounts (Does not include social engineering methods) Attempt to exploit OWASP Top 10 vulnerabilities EcoSystem Testing All forms of application security testing, attempt to exploit All forms of device security testing, attempt to exploit All forms of database security testing, attempt to exploit Full Stack review, weakness enumer #Cybersecurity Weekly Hours: 40 Time Type: Regular Location: Bangalore, Karnataka, India It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.