Bangalore, India or Chennai, India The Opportunity Anthology delivers education and technology solutions so that students can reach their full potential and learning institutions thrive. Our mission is to empower educators and institutions with meaningful innovation that’s simple and intelligent, inspiring student success and institutional growth. The Power of Together is built on having a diverse and inclusive workforce. We are committed to making diversity, inclusion, and belonging a foundational part of our hiring practices and who we are as a company. For more information about Anthology and our career opportunities, please visit www.anthology.com. Anthology's Security Program is dedicated to the engineering and operation of cutting-edge technologies that monitor and strengthen the confidentiality, integrity, and availability of all our information systems and products. We are building a high-performing team that fosters frictionless collaboration with partners across the organization, driven by transparency, trust, and teamwork. Our goal is to elevate Anthology’s security posture through strong partnerships and proactive engagement. As the Director of Application Security, you will report directly to the Chief Information Security Officer (CISO) and will be responsible for leading, coaching, and mentoring a dynamic team of security professionals. You will oversee the processes and technologies that empower our global development teams to meet Anthology's stringent security standards, ensuring alignment with our clients' objectives. Your leadership will be pivotal in driving a culture of collaboration and security across the organization. You will build and nurture relationships with key leaders and stakeholders within our product and technology teams, advising them on security control requirements, posture, and best practices. You will take ownership of driving a shift-left mindset, ensuring that security is embedded early in the development lifecycle. The ideal candidate will be a proven leader with a track record in program management, a strong understanding of application security, and a deep expertise in integrating security practices and tools into product development processes. Your ability to inspire, guide, and elevate your team, while ensuring seamless collaboration with cross-functional teams, will be critical to the success of our security strategy. The Candidate Required skills/qualifications: Strong leadership skills, including experience with project/program management, performance management, initiating and driving high-value process change and continuous improvement, and developing/mentoring teams Minimum of 7 years of prior relevant experience, with at least 2 years’ experience as a manager or director Experience operating security testing automation and continuous improvement processes with automated testing tools as integrated components of the SDLC to improve software quality across multiple information systems Working knowledge of common application security vulnerabilities, including those cataloged in the OWASP Top 10, SANS CWE Top 25, and implementing processes to prevent, detect, mitigate and remediate vulnerabilities as an ongoingprogram Ability to communicate security posture, risk, and mitigation strategies to technical and non-technical audiences, and act as an evangelist of security objectives to influence decision making at senior management levels in support of business risk management processes and complianceobjectives Experience in software engineering and/or product architecture roles, with a working knowledge of application securityarchitectures Experience managing improvement projects and communicating project riskseffectively Demonstrated ability to communicate and collaborate effectively with stakeholders at multiple levels across the organization Fluency in written and spoken English Minimum of bachelors’ degree in Computer Science or a related field Preferred Skills/qualifications Experience integrating and scaling security testing automation and continuous improvement cycles into the software development process, creating a collaborative and efficient culture across development, security and operations teams Experience managing a security program in a global organization Experience managing technology vendor relationships as an extension of the team and execution of planned projects on schedule and onbudget Familiarity with compliance standards and control catalogs such as ISO 27000 series, NIST 800-53, PCI DSS This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time. Anthology is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor. Show more Show less

About the Role: We are looking for a technically sound and customer-focused Support Engineer to assist in deploying and troubleshooting our Web Application Firewall (SiteWALL) for our clients. The ideal candidate will have a strong understanding of web application infrastructure, DNS, HTTP/HTTPS protocols, SSL/TLS and basic cybersecurity concepts. You will play a critical role in ensuring successful deployment, configuration, and ongoing support of SiteWALL in various customer environments — from simple setups to complex, high-availability architectures. Key Responsibilities: Assist customers in deploying and configuring SiteWALL WAF across cloud and on-prem environments. Guide clients through DNS routing and traffic redirection to enable protection via SiteWALL. Troubleshoot web application connectivity, performance, or blocking issues post-WAF deployment. Collaborate with engineering and product teams to replicate, escalate, and resolve complex technical issues . Deliver training and onboarding sessions for customers and partners. Create and maintain deployment documentation, how-to guides , and solution articles and knowledge base. Provide support via email, phone, or remote sessions during business hours (or shifts, if applicable). Stay up-to-date with new features, releases, and threat trends relevant to SiteWALL. Requirements: Technical Skills: Solid understanding of DNS , CDN , and reverse proxy concepts. Experience with Linux command-line , nginx/apache , or similar systems. Knowledge of web protocols (HTTP, HTTPS, SSL/TLS) and web server behaviours. Hands-on experience with WAF, firewalls, load balancers , or cloud security tools is a strong plus. Understanding of common web vulnerabilities (OWASP Top 10) is preferred. Soft Skills: Strong problem-solving and troubleshooting skills . Ability to communicate technical concepts clearly to non-technical stakeholders. Customer-first mindset with the ability to remain calm under pressure. Good documentation and organizational skills. Preferred Qualifications: Bachelor’s degree in Computer Science, IT, or related field (or equivalent practical experience). Prior experience in support, cybersecurity , or web hosting technical support . Certifications like CEH , CompTIA Security+ , or AWS Certification are a bonus. What We Offer: Opportunity to work on a cutting-edge cybersecurity product. A collaborative and growth-oriented work environment. Training, certification support, and career growth opportunities. Job Type: Full-time Pay: ₹300,000.00 - ₹750,000.00 per year Shift: Day shift Evening shift Morning shift Work Days: Monday to Friday Work Location: In person

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Job Summary: Seeking a WAF Management and Governance Lead to oversee the security, operational integrity, and compliance of Web Application Firewall (WAF) systems. The ideal candidate will be responsible for ensuring robust protection against web-based threats, optimizing security policies, and governing WAF implementations across enterprise environments. WAF Administration : Lead the deployment, configuration, and ongoing management of Web Application Firewall solutions. Security Policy Development : Define, implement, and refine WAF rulesets to mitigate risks such as SQL injection, cross-site scripting (XSS), and other web threats. Governance & Compliance : Ensure WAF policies align with regulatory and industry security frameworks (e.g., OWASP, PCI-DSS, GDPR). Threat Monitoring & Mitigation : Collaborate with cybersecurity and internal teams to analyse threat patterns and adjust WAF settings for optimal protection. Performance Optimization : Evaluate WAF impact on application performance and optimize configurations without compromising security. Incident Response : Support investigation and response to security incidents related to web applications. Stakeholder Collaboration : Work with IT, security, and application development teams to integrate WAF security seamlessly. Reporting & Metrics : Establish key security performance indicators and provide regular governance reports. ͏ Experience : 9+ years in web security, including WAF deployment and governance. Technical Expertise : Hands-on experience with leading WAF platforms (e.g., AWS WAF, F5, Cloudflare WAF, Akamai Kona Security). Security Knowledge : Strong understanding of OWASP top 10 threats, secure coding practices, and web security protocols. Knowledge of DevSecOps practices and security automation. Compliance Awareness : Familiarity with regulatory requirements impacting web security governance. Communication : Ability to convey security risks and technical details to non-security stakeholders effectively. ͏ Certifications such as CISSP, CEH, CCSP, AWS Security Specialty or equivalent. Experience in DevSecOps, automation, and integrating WAF into CI/CD pipelines. Knowledge of cloud security architectures and API security governance. ͏ ͏ Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Job Summary: Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). ͏ Threat Intelligence Integration : Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. ͏ Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking : Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. ͏ ͏ Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role: Linux Administrator Experience: 6+ Years Location: Chennai Mandatory: Linux, Unix, GCP, AWS JD: Experience: o 8+ years of experience in cloud security, with a focus on enterprise product software in the cloud. o At least 3+ years of hands-on experience with major cloud platforms (AWS, Microsoft Azure, or Google Cloud Platform). o Proven experience with securing enterprise software applications and cloud infrastructures. o Strong background in securing complex, large-scale software environments with a focus on infrastructure security, data security, and application security. o Hands-on experience with the OWASP Top 10 and integrating security measures into cloud applications. o Experience with Hybrid Cloud environments and securing workloads that span on-premises and public cloud platforms. Technical Skills: o In-depth experience with cloud service models (IaaS, PaaS, SaaS) and cloud security tools (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center). o Expertise in securing enterprise applications, including web services, APIs, and microservices deployed in the cloud. o Strong experience with network security, encryption techniques, IAM policies, security automation, and vulnerability management in cloud environments. o Familiarity with container security (Docker, Kubernetes) and serverless computing security. o Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or similar tools. o Knowledge of regulatory compliance requirements such as SOC 2, GDPR, HIPAA, and how they apply to enterprise software hosted in the cloud. Show more Show less

Job Title: Tech Lead Location: Gurugram (On-site) Employment Type: Full-Time About Aaizel Tech Labs Aaizel Tech Labs is a cutting-edge tech startup specializing in cybersecurity, AI, geospatial solutions, and more. We are at the forefront of technological innovation, committed to developing breakthrough products and solutions that drive industry transformation. Join our dynamic team and work directly with our CTO, contributing to strategic technical decisions and solving complex challenges. Role Overview We are seeking an experienced Tech Lead with a minimum of 8+ years of industry experience. This role requires a deep understanding of multiple technical domains. The ideal candidate will possess in-depth expertise in at least 5-6 of the following areas: Software Development, Geospatial, Meteorology, Frontend, Backend, Embedded Systems, AI, ML, Generative AI, Cloud, System Architecture, Solution Architecture, DevOps, Cybersecurity, Blockchain, among others. You will serve as the right-hand expert to our CTO, helping troubleshoot complex technical problems, guide project teams, and drive innovation across the company. Key Responsibilities Technical Leadership & Collaboration CTO Support: Provide direct assistance to the CTO in evaluating, planning, and executing technology strategies. Cross-Domain Expertise: Leverage your multi-domain expertise to support diverse projects, ensuring technical excellence across teams. Project Guidance: Lead technical discussions, architecture reviews, and troubleshooting sessions across multiple technology stacks. Solution Architecture & System Design Design & Development: Contribute to designing robust, scalable solutions that integrate multiple technologies. Technical Roadmaps: Collaborate in developing and refining technical roadmaps and architecture blueprints. Technology Evaluation: Assess and recommend new technologies, frameworks, and best practices to improve product performance and security. Problem Solving & Innovation Issue Resolution: Diagnose and resolve critical technical issues across software development, cloud infrastructure, security, and other domains. Innovation Catalyst: Drive innovation by identifying opportunities for automation, process improvements, and technology enhancements. Mentorship: Mentor and guide technical teams, fostering a culture of continuous learning and high performance. Domain Expertise Integration Multi-Domain Strategy: Utilize your expertise in at least 5-6 domains (such as Software Development, Geospatial, Meteorology, AI/ML, Cloud, Cybersecurity, Blockchain, etc.) to support and optimize our solutions. Interdisciplinary Collaboration: Work closely with domain-specific teams to ensure integration and alignment of technical strategies across projects. Standards & Best Practices: Establish and enforce technical standards and best practices within your areas of expertise. Technical Stack Specificity Programming Languages Proficiency in at least 3-4 of the following languages: Python (Primary data science, AI/ML, backend development) JavaScript/TypeScript (Frontend and full-stack development) Java/Kotlin (Enterprise and Android development) C/C++ (Embedded systems and performance-critical applications) Go (Cloud-native and systems programming) Rust (Systems programming with high security) R (Statistical computing and geospatial analysis) Frameworks and Technologies Web Frameworks: React, Angular, or Vue.js Django, Flask, or FastAPI Node.js, Express.js Mobile Development: React Native Flutter Kotlin/Swift Cloud Platforms: AWS (Amazon Web Services) Google Cloud Platform Microsoft Azure Containerization and Orchestration: Docker Kubernetes Helm AI/ML Frameworks: TensorFlow PyTorch Keras scikit-learn Blockchain: Ethereum Hyperledger Fabric Solidity DevOps Tools: Jenkins GitLab CI/CD Terraform Ansible Cybersecurity Tools: Wireshark Metasploit OWASP ZAP Burp Suite Technology Vision Alignment Technology Roadmap Focus Areas Advanced AI and Machine Learning capabilities Enhanced Cybersecurity solutions Geospatial intelligence platforms Edge computing and IoT integration Blockchain and decentralized technologies Collaborative Innovation Model Regular technology forums and knowledge-sharing sessions Partnerships with academic institutions and research centers Open-source contributions and community engagement Internal hackathons and innovation challenges Required Skills & Qualifications Experience Minimum 8+ years of hands-on experience in technical leadership or advanced technical role. Educational Background Bachelor's or Master's degree in computer science, Engineering, or a related technical field. Domain Expertise Demonstrable expertise in at least 5-6 of the following areas: Software Development (Full-stack, Mobile, or Desktop) Geospatial Technologies Meteorological Systems Frontend/Backend Development Embedded Systems Artificial Intelligence, Machine Learning, Generative AI Cloud Computing & Infrastructure System Architecture & Solution Architecture DevOps & Automation Cybersecurity Blockchain Technologies Technical Skills Proficiency in multiple programming languages and frameworks. Strong understanding of system integration, microservices, and distributed architectures. Familiarity with cloud platforms (AWS, Azure, Google Cloud) and containerization (Docker, Kubernetes). Deep knowledge of security best practices and modern cybersecurity strategies. Problem-Solving Exceptional analytical and problem-solving skills, with the ability to manage complex technical challenges. Communication Excellent communication and leadership skills, with experience presenting technical concepts to both technical and non-technical stakeholders. Collaboration Proven ability to work in cross-functional teams and mentor junior technical staff. Preferred Skills Certifications Relevant certifications in cloud technologies, cybersecurity, or project management are a plus. Innovative Mindset A track record of contributing to or leading innovative projects that integrate emerging technologies. Agile Methodologies Familiarity with Agile and DevOps practices, with experience in continuous integration/continuous deployment (CI/CD). Strategic Thinking Ability to see the big picture while diving deep into technical details as needed. Why Join Aaizel Tech Labs? Direct Impact: Work closely with the CTO and senior leadership, playing a key role in shaping the company's technology strategy. Diverse Projects: Engage with a broad range of cutting-edge technologies across multiple domains. Growth & Innovation: Be part of an innovative startup where your expertise can directly influence product development and strategic decisions. Collaborative Culture: Join a vibrant team that values knowledge sharing, creativity, and continuous improvement. How to Apply If you are a seasoned technical expert ready to drive innovation and support our technology leadership, please send your resume, cover letter, and portfolio (if applicable) to hr@aaizeltech.com , bhavik@aaizletech.com or anju@aaizeltech.com. Show more Show less

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Experience Overall – 8+ years of IT experience 7+ years of application security Experience 5+ years of Application Security testing Experience Must Have Skill : DAST/SAST/SCA Location : Bangalore/Hyderabad Type : Contract with Client Job Description Bachelor’s degree required. Deep familiarity with the OWASP Top 10 and other security concerns for web applications Deep Understanding of OWASP Application Security Verification Standards (ASVS) Deep understanding of SAST, DAST, SCA Scanning practices Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools. Understanding of SAST, DAST tools and dependency scanning tools Experience working/integrating with secret management systems. Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.) Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications. Strong documentation skills Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required) Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team. Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas. Technical Skills: SAST, DAST, SCA Roles and Responsibility Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA – Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE’s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST – Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. Apply Now Click Here to Apply Apply for this position Full Name * Email * Phone * Cover Letter * Upload CV/Resume *Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. * Show more Show less

As a startup, ChangingBox is looking for a Senior Flask Developer with real-world experience. This hybrid role is strictly Mumbai-based . We need a self-starter who writes clean, well-tested code – our product is client-facing, so code quality and reliability are paramount. What You’ll Do / Role Overview Experience: 3-4 years of hands-on development with Flask in a production environment (strong experience on live projects also considered). Flask & Python Proficiency: Solid understanding of the Flask framework and Python ecosystem. Able to build and consume RESTful APIs. Database & ORM: Experience with PostgreSQL and ORM libraries (e.g. SQLAlchemy); comfortable designing relational database models and queries. AWS Familiarity: Practical experience deploying and running applications on AWS cloud infrastructure (EC2, S3, RDS, etc.). Testing & QA: Demonstrated ability to write unit and integration tests (e.g. using PyTest) and follow best practices for QA. A track record of shipping well-tested, bug-resistant code is essential. Version Control: Proficient with Git and collaborative development workflows. Lead and mentor junior developers (as we scale). Own incident response, debugging, and root-cause analysis for production issues. Design systems with scale in mind (100+ concurrent users, flexible booking logic). Analyze bottlenecks and proactively optimize for performance, reliability, and cost. Education & Experience: 4+ years professional experience building web applications in Python (Flask required). Bachelor’s degree in Computer Science/Engineering or related field (preferred). Technical Skills: Expert-level proficiency with Flask, SQLAlchemy, PostgreSQL. Deep understanding of REST API design, ORM, and modern Python. Hands-on experience with AWS stack (EC2, S3, RDS), Docker, and Linux server management. Payment gateway integration experience is mandatory. Strong grasp of security fundamentals (authentication, authorization, OWASP). Proficiency in HTML, CSS, JavaScript basics (for API integration with frontend). Exposure to CI/CD pipelines (GitHub Actions, Jenkins, etc.). Familiarity with scalable systems design and cloud cost optimization. Soft Skills & Attitude: Start-up mindset: Ownership, hustle, self-initiative, and comfort with ambiguity. Excellent problem-solving, debugging, and communication skills. Willingness to mentor juniors and contribute to team culture. Ability to work directly with the CTO/founder and adapt to fast-changing priorities. Bonus Points: Experience with React.js or other modern front-end frameworks. Exposure to other marketplace platforms, multi-vendor workflows, or SaaS products. Prior experience in an early-stage startup environment. What we offer: Direct impact on business, technology, and product decisions. Work alongside founder and core team, with a high degree of autonomy. Stock options/equity for long-term value creation. Flexible work options. Opportunity to grow into a technology leadership or founding team role as we scale. A chance to solve real, high-impact problems in a market ripe for innovation. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Exposure Assessment Lead, Vulnerability Discovery Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity As the Exposure Assessment Lead within Vulnerability Management, you revolutionize the way we identify and mitigate digital risks. This role will leverage deep technical expertise to manage the full lifecycle of vulnerability patching, create innovative solutions to complex security challenges, and develop risk-based metrics to enhance EY’s digital defenses. Automating vulnerability discovery and distilling intricate technical data into actionable insights will be key to safeguarding EY's digital assets against the latest threats. With your leadership, EY will not only maintain but also advance our position at the forefront of cybersecurity and vulnerability management. Your Key Responsibilities The Exposure Assessment Lead within Vulnerability Management will spearhead the evaluation and management of the firm's digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. The candidate will play a crucial role in managing third-party risk assessments and identifying assets failing to meet stringent EY security standards. Collaborating closely with various departments, the lead will enhance digital risk management practices and develop comprehensive strategies to protect EY's digital assets. Additionally, you will monitor emerging threats in the digital landscape, advising on proactive measures to safeguard the firm against potential security breaches. Skills And Attributes For Success Strong written communication skills Analytical background Strategic planning experience Demonstrated ability to distil complex, technical data into clear, concise explanations Interest in developing creative solutions to complex issues Ability to handle high volume requests Collaborative mindset Efficient research methodologies To qualify for the role you must have A minimum of 8 years of experience in vulnerability management, red team, or purple team Strong understanding of cloud services, network security, and data protection principles Expert knowledge of offensive security principles Experience in automating vulnerability discovery An understanding and clear ability to develop performance metrics and risk-based assessment of digital exposure Excellent analytical and problem-solving skills, with the ability to translate complex technical issues into clear business impacts Demonstrated experience in managing third-party risk assessments and vendor relationships Exceptional communication and interpersonal skills Experience developing team and program performance metrics Leadership experience with the ability to manage and develop a high-performing team Ability to evaluate and prioritize competing priorities from varying stakeholders Ideally, you’ll also have OWASP training Incident response experience What We Look For We are looking for an experienced, creative leader that can operate independently and mentor junior team members to improve the organization’s ability to reduce the attack surface while enabling the business. The ideal candidate will seek to develop a comprehensive strategy to identifying and managing the risk of the firm’s digital footprint. What Working At EY Offers As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Requisition Id : 1569844 As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. The opportunity : Manager-TMT-Assurance-ASU - TR - Technology Risk - Gurgaon TMT : Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of M&A strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future – building a better working world for all. ASU - TR - Technology Risk : Assurance’s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by: Ensuring their accounts comply with the requisite audit standards Providing a robust and clear perspective to audit committees and Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities Technical Excellence Key skill sets required: Experience of working on IT Audits and advisory work such as FAIT, SOCR (SOC1, SOC2), SOX 404, ISO 27001, etc. Should have an understanding of what are the typical risks/challenges we encounter in these audits. Should have Understanding of Manage Change, Manage Access and Manage IT Operations Should have experience of working on ERP systems like SAP, Oracle etc so that they can conduct the IT audit on these systems Should be able to manage multiple clients independently at the same time and also provide regular status updates to both client and EY management. Ability to work on tight schedules and deadlines. Excellent written and verbal communication, interpersonal, networking, teaming and problem-solving skills. Initiative in keeping abreast of changing industry practices, analysis and design methods, tools and techniques and emerging technologies. Be highly flexible, adaptable, and creative. Willingness to work in different time-zones as required. Willingness to travel is an added benefit tentative countries of travel are Saudi, UAE, Bahrain. Skills and attributes To qualify for the role you must have Qualification To qualify for the role you must have: Sc. in Computers, B. Tech/ B.E. in Computers, BCA in Computers MCA in Computers, MS/ Sc. (Science) in Computers, M. Tech in Computers Charted Accountant with experience in handling technology risk related engagement Addon Skills & Certification: Beneficial if they have done CISA, CCSFP or any relevant certification Hands-on experience on SAP/ Oracle/ DevOps like environment Cyber Security Professional with hands on experience in implementing and reviewing cyber security security related solutions to identify and manage the cyber security risks (VA, PT, Secure configuration review, OWASP Top 10, IT Infrastructure Assessments, etc. Beneficial if have hands on experience on Generative AI related solutions in technology risk domain Experience Experience: 6+ years of experience of working on IT Audits and advisory work such as FAIT, SOCR (SOC1, SOC2), SOX 404, ISO 27001, etc. Should have experience of working and testing IT Application Controls and ITGCs and also understand how to prepare risk and control matrix’s. How to report issues/findings in an audit and ability to lead client meetings. Should have experience of drafting controls and report for Third-Party reporting, for example - SOC1/ SOC2 reports. Experience on HITRUST control testing will be an added advantage. Expectation is to manage the client and also the reporting manager vis a vis should have understanding of preparing Data Request Lists, Status Trackers etc. Determine that the work delivered is of high quality. Anticipate and identify engagement related risks and escalate issues as appropriate. Actively establish & strengthen client (functional heads & key influencers) and internal relationships. Big 4 Experience Preferred What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer With more than 200,000 clients, 300,000 people globally and 33,000 people in India, EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now. Show more Show less

Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What You’ll Be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Operations Lead. What You Will BRING We’re looking for someone who has these abilities and skills: Required Skills And Abilities Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Desired Skills And Abilities Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. Show more Show less

Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What You’ll Be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Operations Lead. What You Will BRING We’re looking for someone who has these abilities and skills: Required Skills And Abilities Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Desired Skills And Abilities Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. Show more Show less

At PwC, our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations, reduce costs, and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management, technology, and process optimization to deliver high-quality services to clients. Those in managed service management and strategy at PwC will focus on transitioning and running services, along with managing delivery teams, programmes, commercials, performance and delivery risk. Your work will involve the process of continuous improvement and optimising of the managed services process, tools and services. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Role Overview The C/C# Support Analyst is responsible for monitoring, troubleshooting, and optimizing C/C# applications, ensuring seamless operation, performance, and availability of enterprise applications. The role involves incident resolution, debugging, performance tuning, database optimization, API troubleshooting, and CI/CD support. The analyst will work in an Agile, DevOps-driven environment supporting legacy modernization, stabilization, enhancements, and performance improvements for mission-critical Freight, Rail, and Logistics applications. Required Technical Skills 🔹 Programming & Debugging: C, C++, C#, .NET Core, ASP.NET, WinForms, WPF 🔹 API & Database Support: REST, SOAP, SQL Server, PostgreSQL, Entity Framework, Dapper 🔹 Performance & Optimization: Profiling tools (PerfView, dotTrace, Visual Studio Profiler) 🔹 Server & Deployment: IIS, Apache, Nginx, Windows Services, Docker, Kubernetes 🔹 DevOps & CI/CD: Jenkins, Azure DevOps, GitHub Actions, Terraform, Ansible 🔹 Cloud & Monitoring: AWS, Azure, GCP, Splunk, ELK Stack, Dynatrace 🔹 Security & Compliance: OAuth2, JWT, SSL/TLS, SonarQube, Fortify, OWASP Key Responsibilities 1️ ⃣ Incident Management & Troubleshooting ✅ Provide Level 2/3 support for C and C# applications, resolving crashes, performance issues, and integration failures. ✅ Debug memory leaks, concurrency issues, deadlocks, and threading problems in C/C# applications. ✅ Investigate and resolve .NET Framework/.NET Core issues, DLL conflicts, and application dependencies. ✅ Use Windows Event Logs, Debugging Tools (WinDbg, GDB, Visual Studio Debugger), and Log Monitoring to identify root causes. ✅ Work with ITIL-based Change, Incident, and Problem Management processes (JIRA, ServiceNow, Remedy). 2️ ⃣ API & Database Support ✅ Troubleshoot RESTful APIs, Web Services, and SOAP APIs in ASP.NET Web API and .NET Core. ✅ Debug and optimize SQL queries, stored procedures, and indexing strategies in SQL Server, PostgreSQL, or Oracle. ✅ Work with Entity Framework (EF), ADO.NET, and Dapper ORM for efficient data handling. ✅ Fix authentication and session management issues (OAuth2, JWT, Active Directory, LDAP). 3️ ⃣ Performance Optimization & Memory Management ✅ Identify and resolve performance bottlenecks in C/C# applications using profiling tools like PerfView, Visual Studio Profiler, and dotTrace. ✅ Optimize garbage collection, memory allocation, and CPU utilization in .NET and C applications. ✅ Improve application startup time, response latency, and thread execution efficiency. ✅ Tune database queries, caching mechanisms (Redis, Memcached), and data serialization (JSON, XML, Protobuf). 4️ ⃣ Windows & Linux Server Support ✅ Deploy, monitor, and troubleshoot C/C# applications running on Windows and Linux environments. ✅ Work with IIS, Apache, or Nginx for application hosting and configuration. ✅ Manage Windows Services, background jobs, and scheduled tasks for batch processing. ✅ Handle containerized applications (Docker, Kubernetes, OpenShift) in cloud environments. 5️ ⃣ CI/CD & DevOps Support ✅ Support CI/CD pipelines for C# applications using Jenkins, Azure DevOps, GitHub Actions, GitLab CI/CD. ✅ Assist in automated builds and deployments using MSBuild, NuGet, and Octopus Deploy. ✅ Work on Infrastructure as Code (Terraform, Ansible) for cloud-based deployments. ✅ Manage version control and branching strategies using Git, Bitbucket, or TFS. 6️ ⃣ Security & Compliance ✅ Ensure C/C# applications comply with security standards (GDPR, HIPAA, SOC 2, ISO 27001). ✅ Monitor and mitigate vulnerabilities using SonarQube, Fortify, and Veracode. ✅ Implement SSL/TLS security measures, secure API calls, and role-based authentication. ✅ Protect applications against buffer overflow, SQL injection, and OWASP Top 10 security threats. 7️ ⃣ Cloud & Monitoring Support ✅ Monitor application logs and errors using Splunk, ELK Stack, Application Insights, or Dynatrace. ✅ Support cloud-hosted applications on AWS, Azure, or GCP using Lambda, Azure Functions, or Cloud Run. ✅ Work with Azure App Services, AWS Elastic Beanstalk, or Kubernetes for hosting .NET applications. ✅ Ensure application scalability and availability using load balancing and auto-scaling strategies. 8️ ⃣ Collaboration & Documentation ✅ Work in Agile (Scrum/Kanban) environments for continuous improvement and support. ✅ Maintain technical documentation, runbooks, SOPs, and knowledge bases. Show more Show less

Company Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description Team Product Security is Shifting Everywhere and holistically improving the maturity of the security program. The Secure Software Development Lifecycle (SSDL) team helps the organization measure and improve security activities. The team leads product threat modeling, helps to improve security behaviors, and manages a highly visible security champions program. The team is both highly technical and strategic. Role As a Senior Product Security Engineer on the ServiceNow SSDL team, you will collaborate with developers and software architects on highly technical solutions and help the organization build secure and resilient software. You will be threat modeling software products and services to identify potential risk and participate in architectural reviews of products in development. A key part of this position is to ensure the continued success of a large and growing security champions program. You will help mentor security champions and assist them in secure software design. As a Senior Product Security Engineer, you will help security champions be successful. What You Get To Do In This Role Work on a wide range of technologies Work on complex architectural and technical challenges Participate in threat modeling activities Mentor and collaborate with development teams to adopt secure coding practices Work on strategic and highly visible security activities across the organization Be an advocate for security and participate in a security champions program Qualifications To be successful in this role you have: Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry. 4+ years of experience in software security (AppSec) 1+ years of experience in threat modeling software applications and services Proficient in threat modeling methodologies such as STRIDE or PASTA and their applied use in fast-moving, iterative development lifecycles In-depth knowledge of common web application vulnerabilities (OWASP Top 10) Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred Knowledge in authentication and authorization standards including OAuth, OIDC, SAML, JWT, and PASETO Knowledge of symmetric and asymmetric cryptography, digital signatures, PKI, TLS, and cryptographic hash functions Knowledge of cloud native technologies including containers, Kubernetes, and services provided by AWS, GCP, and Azure Knowledge of static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) security tools Knowledge of OWASP ASVS, SCVS, and related verification standards Ability to work collaboratively in a highly distributed team Ability to communicate technical concepts to business stakeholders A passion for security Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Show more Show less

Hyderabad, India, IND Description Candidates need to have 10 years experience, and 5 years in engineering software solutions using Java, Spring boot. Core Characteristics and Soft Skills: Beyond technical proficiency, the right mindset and interpersonal skills are crucial for success on our team. We’d prioritize candidates who demonstrate: Problem-Solving Acumen: The ability to analyze complex problems, break them down, evaluate different approaches, and implement robust, efficient solutions. This includes troubleshooting existing systems and designing new ones. Independence and Initiative: We value engineers who can take ownership of tasks, research potential solutions independently, make informed decisions, and drive work forward with minimal supervision once objectives are clear. Dependability and Accountability: Team members must be reliable, meet commitments, deliver high-quality work, and take responsibility for their contributions. Strong Communication Skills: Clear, concise communication (both written and verbal) is essential. This includes explaining technical concepts to varied audiences, actively listening, providing constructive feedback, and documenting work effectively. Collaboration and Teamwork: Ability to work effectively within a team structure, share knowledge, participate in code reviews, and contribute to a positive team dynamic. Adaptability and Eagerness to Learn: The technology landscape and business needs evolve. We seek individuals who are curious, adaptable, and willing to learn new technologies and methodologies. Core Technical Skillset: Our current technology stack forms the foundation of our work. Proficiency or strong experience in the following areas is highly desirable: Backend Development: Java: Deep understanding of Java (latest LTS versions preferred). Spring Boot: Extensive experience building applications and microservices using the Spring Boot framework and its ecosystem (e.g., Spring Data, Spring Security, Spring Cloud). Messaging Systems: Apache Kafka: Solid understanding of Kafka concepts (topics, producers, consumers, partitioning, brokers) and experience building event-driven systems. Containerization & Orchestration: Kubernetes: Practical experience deploying, managing, and troubleshooting applications on Kubernetes. OCP (OpenShift Container Platform): Experience specifically with OpenShift is a significant advantage. AKS (Azure Kubernetes Service): Experience with AKS is also highly relevant. (General Docker knowledge is expected) CI/CD & DevOps: GitHub Actions: Proven experience in creating, managing, and optimizing CI/CD pipelines using GitHub Actions for build, test, and deployment automation. Understanding of Git branching strategies and DevOps principles. Frontend Development: JavaScript: Strong proficiency in modern JavaScript (ES6+). React: Experience building user interfaces with the React library and its common patterns/ecosystem (e.g., state management, hooks). Database & Data Warehousing: Oracle: Experience with Oracle databases, including writing efficient SQL queries, understanding data modeling, and potentially PL/SQL. Snowflake: Experience with Snowflake cloud data warehouse, including data loading, querying (SQL), and understanding its architecture. Scripting: Python: Proficiency in Python for scripting, automation, data manipulation, or potentially backend API development (e.g., using Flask/Django, though Java/Spring is primary). Requirements Domain Understanding (Transportation & Logistics): While not strictly mandatory, candidates with experience or a demonstrated understanding of the transportation and logistics industry (e.g., supply chain management, freight operations, warehousing, fleet management, routing optimization, TMS systems) will be able to contribute more quickly and effectively. They can better grasp the business context and user needs. Additional Valuable Skills: We are also interested in candidates who may possess skills in related areas that complement our core activities: Data Science & Analytics: Experience with data analysis techniques. Knowledge of Machine Learning (ML) concepts and algorithms (particularly relevant for optimization, forecasting, anomaly detection in logistics). Proficiency with Python data science libraries (Pandas, NumPy, Scikit-learn). Experience with data visualization tools and techniques. Understanding of optimization algorithms (linear programming, vehicle routing problem algorithms, etc.). Cloud Platforms: Broader experience with cloud services (particularly Azure, but also AWS or GCP) beyond Kubernetes (e.g., managed databases, serverless functions, monitoring services). Testing: Strong experience with automated testing practices and tools (e.g., JUnit, Mockito, Cypress, Selenium, Postman/Newman). API Design & Management: Deep understanding of RESTful API design principles, API security (OAuth, JWT), and potentially experience with API gateways. Monitoring & Observability: Experience with tools like Prometheus, Grafana, ELK Stack (Elasticsearch, Logstash, Kibana), Datadog, Dynatrace, etc., for monitoring application health and performance. Security: Awareness and application of secure coding practices (e.g., OWASP Top 10).

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. The Microsoft Security Response Center (MSRC) is responsible for detecting, protecting, and responding to threats that affect Microsoft’s products and services. We are looking for a motivated Leader to manage a team of highly skilled security researchers who also is adept at vulnerability research to join our team. As part of the MSRC, our team is responsible for analyzing vulnerabilities found in Microsoft’s products and services to determine their root cause, severity, and security impact. This analysis plays a critical role in shaping the security updates that are deployed to customers. The knowledge that we gain from analyzing vulnerabilities also informs the offensive and defensive security research performed by our team. As part of this research, our team works collaboratively with many teams across Microsoft to investigate, develop, and deploy security features that help discover and mitigate the biggest threats to customers. Our team is passionate about a range of topics including vulnerability discovery & automation, safer programming languages, exploit and vulnerability mitigations, software sandboxes, penetration testing & red teaming, exploit development, operating systems security (Windows and Linux), virtualization security, cloud services security, OWASP top 10, and hardware vulnerabilities and mitigations. This particular role is focused on the online services (OLS), e.g. cloud and web bugs. This is a unique opportunity to have a positive impact on improving safety for customers around the world and to work on challenging real-world security problems as part of a supportive and collaborative team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Lead and manage a team of security researchers to Analyzing vulnerabilities in software and services to determine their root cause, severity, and security impact Identifying variants of vulnerabilities and discovering new vulnerabilities. Lead the team while also collaborating with stakeholders in peer teams and organizations to build tools and invent new approaches to automate the discovery & analysis of vulnerabilities Influence and align org vision by collaborating with customers, partners, product management and engineering teams. Analyzing trends in vulnerabilities being discovered to spot patterns Researching, developing, and deploying mitigations for common patterns of vulnerabilities Performing penetration testing, offensive security research, and red teaming activities Engaging with and contributing knowledge back to the security research community Mentoring and contributing to the growth of individuals within the team and across Microsoft Supporting a healthy and inclusive culture within the team and across Microsoft Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Qualifications 10+ years of experience in vulnerability/exploits research and mitigation Bachelor's Degree in Statistics, Mathematics, Computer Science or related field and experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. In-depth experience in working as a security engineer Experience in identifying common vulnerability types (OWASP top 10, CWE top 25) in software and services written in C#, JavaScript/HTML, C++, C, etc Ability to debug and root cause vulnerabilities in software, services, and cloud platforms Excellent written and verbal communication skills Preferred Qualifications: Public track record of vulnerability research and discovery Familiarity with cloud service architectures (Azure etc), design, and implementations Familiarity with operating system internals for Windows and/or Linux Familiarity with exploitation techniques and mitigations Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

What you’ll do: This security analyst will be part of a team tasked with identifying, tracking and verifying the remediation of vulnerabilities in internal and external applications and systems. This role involves performing deep-dive analysis of vulnerabilities, operating vulnerability scanning tools, and building relationships with other groups within the IT organization. You will work closely with IT infrastructure, product teams, supply chain, and Cyber Security operations to reduce Eaton's attack surface. Stay up to date with the evolving technological and threat landscape and its potential impact on modern and legacy technologies, applications, and business processes. Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services. Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets. Advise employees responsible for remediation on the best reduction and remediation practices. Review and analyze vulnerability data to identify trends and patterns. Regularly report on the state of vulnerabilities, including their criticality, exploit probability, business impact, and remediation strategies. Serve as a point of contact for new and existing vulnerability-related issues. Collaborate with business teams and cyber security stakeholders to ensure appropriate governance structures are in place and that risks are documented. Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed. Maintain documentation related to vulnerability policies and procedures. Assist maintaining records for Eaton assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business. Identify areas of opportunity for improvement and automation within team processes. Perform other duties as assigned, including on-call rotations. Qualifications: Bachelor’s degree in a technical discipline Overall 5-8 years of experience 3+ years of experience in security operations or vulnerability management. Skills: Ability to analyze and understand vulnerabilities and exploits Proficiency with commercial and open source vulnerability management solutions. Understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques. Understanding of operating systems, applications, infrastructure, and cloud computing services. Understanding of OWASP, CVSS, MITRE ATT&CK framework. Capacity to comprehend technical infrastructure, managed services, and third-party dependencies. Preferably some experience with vulnerability management across AWS, Azure, or Google cloud Platform. Experience in Python or Powershell, with an emphasis on scripting, automation, and integrations. Experience in threat hunting or red teaming exercises is a plus. Strong communication skills: Ability to communicate effectively across all levels of the organization. Project management skills: Strong project management, multitasking, and organizational skills

Engineer Trainee – Cyber Security Career Opportunities at ReBIT (Pass Out Year 2025) Life at ReBIT: Serving since 2016, Reserve Bank Information Technology Pvt. Ltd. (ReBIT) is RBI’s subsidiary for Enterprise Technology and Allied Services. Home | Reserve Bank Information Technology Private Limited (ReBIT) Why Work at ReBIT : We are an ambitious, employee-first organisation that believes in empowering our employees to grow alongside the organization's goals and perform to their full potential. The hired professionals will be a part of our 1000+ workforce and will have opportunity to work in active RBI engagements in which ReBIT is currently involved. We’re set to build a world class team of skilled professionals motivated to make a nationwide impact. They will be a part of our centres of excellence focusing on multiple technologies and will gain exposure in various domains such as Forex, central banking, financial markets, risk monitoring, fintech, and so on. Role Objective: We are looking for candidates who have a zeal for technology and innovation. The Selected candidates will be a part of any of the below Business Units. 1. Cyber Security Operations 2. Cyber Security Engineering/ GRC Eligibility Criteria University degree in the field of engineering and technology stream such as BE/ BTech/MTech/MSc/MCA preferably specialisation in Cyber Security, Computer Engineering, IT or EXTC Job Location : Navi Mumbai Pass out: 2025 Batch ONLY 10th & 12th – 65 % & above Work Mode :Work From Office (5 Days) Experience/Knowledge: Fundamental knowledge in Information Technology Infra and Cyber Security Knowledge of Risk analysis , identification ,resolution and management Awareness on Data security/privacy analysis and related practices Knowledge of Computer hardware / software / programming Networking and System/Database Administration knowledge Network Security Control knowledge as Firewall, Proxy, LB ,WAF etc. New Infra security project deployment skills and excellent verbal and written communication skills Basic knowledge, VPN, VAPT,AD,SOC,DLP,Antivirus,Mail Gateway ,NAC etc Basic knowledge of Application & API Security best practices and standards including OWASP top 10, OSSTMM, SANS Top 25, Attacks, Malware etc Basic knowledge about Information Security, network security, Data security, risk assessment and governance requirements. Understanding of secure coding practices and application security Understanding of the IS and Cyber security Audit Framework Excellent analytical skills Excellent English written and verbal communication. Good at public speaking and stakeholder management Responsibilities Cyber Security Operations Monitoring and protecting IT infrastructure, edge devices, networks, and data. Responsible for preventing data breaches and monitoring and reacting to attacks. Supporting day-to-day support Tasks Cyber Security Engineering/GRC Basic documentation for Infra security services. Documentation of SOP, Product review. Perform Security configuration review & Hardening using CIS benchmarks. Define hardening documents for Firewalls, Load balancers, WAF, IPS/IDS, NTA etc Provide security compliance report to management on periodic basis for Infrastructure landscape. Analysis and evaluation of open vulnerability within IT Infrastructure Responsible for deploying, tuning, and maintaining security policies and enhancements on the web application firewall, Load balancer and infra devices. IT & Security governance, risk, and compliance frameworks and practices (e.g., COBIT, NIST-CSF, ISO). IT & Security risk & security controls (e.g., cyber security, network, infrastructure, applications, and projects). Application Security Testing including SCA, SAST and DAST. Internal control implementation, including the evaluation of the design and operating effectiveness of controls. Knowledge of controls testing techniques and data analysis principles, as well as the ability to interpret results. IT & Security audit, risk, and compliance. Proficiency with Cyber security GRC systems and compliance frameworks Certifications MCSE , CCNA, CEH ,CCSP, ITIL or any other Cyber Security Certification (Good to have)

Application Security — Solution Delivery Lead Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Work you will do As a Senior Consultant in the hybrid operate business, you are responsible for adhering to the defined operating procedures and guidelines in operating the application security services in the Managed Services model, which includes the following: o Understand and be compliant with the Service Level Agreements defined for the DevSecOps services; o Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoring and performing the security design review, architecture review, threat modeling, security testing, secure code review, secure build processes; o Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled during operations; o Facilitate use of technology-based tools or methodologies to continuously improve the monitoring, management and reliability of the service; o Perform manual and automated security assessment of the applications; o Involved in triaging and defect tracking process with the development team and helping the team to fix issues at the code level based on the priority of the tickets; o Be a liaison between the Application development and infrastructure team, and integrate the processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; o Identifying, researching and analyzing application security events which may include emerging and existing persistent threats to the client's environment; and o Performing active monitoring and tracking of application related threat actors and tactics, techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependencies for their day-to-day operations. The process enables the client to address key vulnerabilities and risks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threat to an organization. This detection of application threats/vulnerabilities is carried out using a unique blend of our application security testing and monitoring tools and intelligence data collected through our vast experience within the Advice and Implement business. Required: Minimum of 5-7 years’ experience in application security development, security testing, deployment and security management phases; Deep interest in application specific vulnerabilities, code development and infrastructure knowledge; Investigative and analytical problem-solving skills; Experience in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.) Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles; Hands-on experience in performing code review of dot Net, Java and Swift and objective C code; Hands-on experience in running, installing and managing SAST, DAST , SCA and IAST solutions, such as Checkmarx, Fortify and Contrast in large enterprise Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk; Hands-on experience on at least one CI/CD tool set and building pipelines using Team city, Bamboo, Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; Hands on experience on container technology such as Kubernetes, Dockers, AKS, EKS. Knowledge of cloud environments and deployment solutions such as server less computing; Hands on experience in penetration testing of mobile, desktop and web applications; Must have experience in writing custom exploitation scripts and utilities; Possession of excellent oral and written communication skill; Knowledge of one or more scripting languages for automation and complex searches; Must have cloud security specialization in Security; and Certification such as EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc. are preferred. Preferred: Bachelor’s in computer science or other technical fields; Experience in cloud service providers such as AWS, GCP, Azure, Oracle are preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. Solid and demonstrable comprehension of Information Security including OWASP/SANS, Security Test Case development (or mis-use case). Understanding of security essentials including; networking concepts, defense strategies, and current security technologies Ability to research and characterize security threats to include identification and classification of application related threat indicators How you will grow At Deloitte, we have invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning, and eLearning. Deloitte University (DU): The Leadership Center in India, our state-of-the-art, world-class learning center in the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301449

JOB DESCRIPTION KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. QUALIFICATIONS • IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Location Gurugram, Jaipur Employment Type Full time Location Type Hybrid Department Engineering For over four decades, PAR Technology Corporation (NYSE: PAR) has been a leader in restaurant technology, empowering brands worldwide to create lasting connections with their guests. Our innovative solutions and commitment to excellence provide comprehensive software and hardware that enable seamless experiences and drive growth for over 100,000 restaurants in more than 110 countries. Embracing our "Better Together" ethos, we offer Unified Customer Experience solutions, combining point-of-sale, digital ordering, loyalty and back-office software solutions as well as industry-leading hardware and drive-thru offerings. To learn more, visit partech.com or connect with us on LinkedIn, X (formerly Twitter), Facebook, and Instagram. Position Description: ParTech, Inc. is seeking a Quality Assurance Automation Engineer to join our ParPay-Payments software development team. The QA Automation Engineer will, under general supervision and adhering to established procedures for quality assurance design and implement test strategies related to POS software. The QA Automation Engineer will coordinate, create, execute and maintain test cases to ensure quality control standards are achieved. The QA Automation Engineer will be involved in system, regression, and performance and scalability testing to meet quality objectives. Position Location: Jaipur / Gurugram Reports To: Engineering Manager What We’re Looking For: Bachelor’s in computer science/Engineering or related field required. Minimum of 5 years of functional testing background, including defining test strategy, test planning, test case design, and execution 4+ years of professional coding experience in C#, JavaScript, Powershell Project experience using an Agile methodology (e.g. Scrum) Expertise in automated testing frameworks and scripting. Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines. Knowledge of testing strategies around microservices architecture and modern monolith architecture. Experience with API testing and tools (e.g., Postman, REST-assured, Swagger). Proficiency with and/or familiarity with a variety of software testing tools such as: Selenium Test Complete JMeter Ready API Additional technical experience Performance / load testing SQL proficiency Proficiency in version control systems (e.g., Git) Good understanding with AWS, Azure, or any other related Cloud Infrastructure. Good understanding of security testing practices and tools (e.g., OWASP, SAST, DAST). Unleash your potential: What you will be doing and owning: Collaborates closely with Scrum team to monitor and provide constant feedback, to ensure the quality of the final product Designs test strategies and test cases for complex systems and execute various types of testing (e.g. functional, integration, end-to-end) on a variety of platforms (e.g. desktop, web) Create and execute automated test cases and report test results Interview Process: Interview #1: Phone Screen with Talent Acquisition Team Interview #2: Video interview with the Technical Teams (via MS Teams/F2F) Interview #3: Video interview with the Hiring Manager (via MS Teams/F2F) PAR is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. We also provide reasonable accommodations to individuals with disabilities in accordance with applicable laws. If you require reasonable accommodation to complete a job application, pre-employment testing, a job interview or to otherwise participate in the hiring process, or for your role at PAR, please contact accommodations@partech.com. If you’d like more information about your EEO rights as an applicant, please visit the US Department of Labor's website.

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab. Thanks to products like Duo Enterprise, and Duo Workflow, customers get the benefit of AI at every stage of the SDLC. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier. All team members are encouraged and expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact across our global organisation. The Engineering Manager for Composition Analysis and Dynamic Analysis specializes in leading teams focused on application security scanning technologies. This role oversees multiple security-focused engineering groups and is responsible for balancing priorities across these specialized teams. This role is an extension of the Engineering Manager position. Groups Overview Composition Analysis -The Composition Analysis group is responsible for: Software Composition Analysis Container Scanning Dynamic Analysis - The Dynamic Analysis group is responsible for: API Security Dynamic Analysis Security Testing (DAST) Fuzz Testing What You’ll Do Manage engineers across both the Composition Analysis and Dynamic Analysis groups Drive key initiatives including: Auto-remediation of vulnerable software packages Scanning of unmanaged dependencies in C/C++ Static reachability analysis with function-level granularity Snippet detection for open source dependencies Improve the DAST crawler for efficiency, stability, and consistent web application traversal Balance priorities across multiple security-focused engineering teams Author project plans for epics across both groups, ensuring alignment and avoiding duplication of effort Run agile project management processes for multiple teams Provide guidance on security product architecture Coordinate between Composition Analysis and Dynamic Analysis teams to ensure consistent and complementary approaches to application security What You’ll Bring In-depth understanding of application security concepts, particularly in software composition analysis techniques to evaluate the security risks associated with application dependencies and dynamic analysis security testing (DAST) tools. Understanding of the challenges in developing and maintaining security scanning tools Experience managing multiple technical teams simultaneously Familiarity with containerization technologies and dependency management systems Knowledge of web application security testing techniques and tools Experience with open source security tooling (such as OWASP ZAP, Trivy, or similar) Experience in DevSecOps practices and implementation Experience in vulnerability management and remediation How GitLab Will Support You Benefits to support your health, finances, and well-being All remote, asynchronous work environment Flexible Paid Time Off Team Member Resource Groups Equity Compensation & Employee Stock Purchase Plan Growth and Development Fund Parental leave Home office support Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary. California/Colorado/Hawaii/New Jersey/New York/Washington/DC/Illinois/Minnesota pay range $131,600—$282,000 USD Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process. Show more Show less

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Product Security Analyst Location: Pune Position Summary HackerOne is seeking a dynamic individual with a passion for Information Security to join our Technical Services team. As a Security Analyst, you will gain hands-on technical experience and exposure to some of the world’s best hackers while delivering high-impact vulnerabilities to the top bug bounty programs in the industry. This role requires excellent communication skills, intellectual curiosity and drive to acquire the technical skills you’ll need to ensure every valid bug report is reproducible and provides value to HackerOne customers. What You Will Do Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice Ensure clear and efficient communication between hackers and customers Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact. Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings. Minimum Qualifications Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required) Hands-on experience doing security testing or ethical hacking on web and mobile applications Strong technical knowledge of OWASP top 10 Comfortable using security testing tools including Burpsuite Excellent written and verbal communication skills Experience using frameworks such as CVSS Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm This role is based in our Pune office and you must be able to work 4-5 days a week in office. English fluency Compensation ₹2.5M – ₹2.8M Offers Equity # LI-MH1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend Eligibility may differ by country We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position. Show more Show less

We are looking for a (senior) Fullstack/Java Software Developer to join the team. You will analyze, design, document and implement features for the EARTech Team. You will also create technical documentation for the software modules and/or system and support the team by bringing added value in every aspect of the development cycle. This position offers a unique opportunity to transform the transport and logistics industry by spearheading a push for automation and mechatronic systems; allowing you to apply your cutting-edge knowledge and passion of technology to develop robust engineering solutions. As a (Senior) Fullstack/Java Developer, you will be part of a community of engineering practitioners across the company, where we develop the foundations of our future business towards terminal automation. Below is a list of responsibilities and required experience. Items marked with [SR] only apply for senior profiles, [SR/JR] applies to junior and senior profiles. Non-marked items are optional Project roles and responsibilities Capture and analyze the business and technical requirements [SR/JR] Implement the business requirements into a sound technical solution [SR/JR] Maintain and evolve the software architecture [SR] Produce secure and clean code that is stable, operational, consistent, well-performing, and maintainable for a mission critical system [SR/JR] Ensure code quality: define and participate to technical architecture and code review processes [SR] Prepare software developments & deployments: estimation, integration, surface and automated testing,code reviews... [SR/JR] Testing and bug fixing [SR/JR] Collaborate with the customer and teams in other locations on a daily basis[SR/JR] Work closely with senior engineers, PMs, BAs and business users (clients) in order to find best possible technical solution for the project [SR/JR] Taking full responsibility of the delegated tasks. [SR/JR] Contribute to the technical implementation of quotations[SR/JR] Thisrole reportsto the Development team lead [SR/JR] Documentation Perform modifications to source code, documentation and test suite [SR/JR] Analyze modifications required to source code, documentation and test suite, and define test scope, to implement problem fixes and changes [SR/JR] Perform and document tests in line with testscope defined before [SR/JR] Execute tasks in accordance with governing quality, safety and security management procedures [SR/JR] You have a proven experience as Java developer [SR/JR] You hold a Bachelor or Master Degree [SR/JR] You have a good understanding of GIT and continuous integration tools and you have experience with MSSQL or Oracle or DB2 LUW [SR/JR] Strong knowledge with back-end technology (API, Java, IMDG (Hazelcast), message oriented middleware (ActiveMQ)) [SR] Strong knowledge of Typescript, Angular and Node.js, Python, Jenkins, Docker is appreciated. [SR] Understanding of API design (REST, RPC) is also an added value such as interest in LEX, YACC, and/or AWK. [SR] Familiar with Agile / Scrum [SR/JR] Strong knowledge of React, Typescript, Node.js, Azure, Docker, Kubernetes is appreciated. Knowledge in Gradle and/or Linux are a plus. Knowledge in Software quality checker tools (e.g. SonarQube, OWASP dependency-check) is a plus as well. Your profile Analytical mind, well organized and result driven Self-motivated, innovation minded and proactive Very meticulous and precise, focused on quality and detail oriented Comfortable in an agile context Working knowledge of distributed application development Great communication skills, sharing and exchange information within the team Organizational and presentation skills Interpersonal and teamwork skills Goals and deliverables . Expected skills Computer science Skill level Azure DevOps Expert Rest/SOAP Expert Java Expert Spring boot Expert active MQ Expert Angular/React JS Expert Agile context and principles Expert SQL Expert Location Project location B-9, ITPL Main Rd, Brigade Metropolis, Garudachar Palya, Mahadevapura, Bengaluru, Karnataka 560048, India Possible travel Bengaluru, Karnataka, India 1 wfh Execution modality Occasional remote Job Type: Full-time Pay: ₹2,500,000.00 - ₹3,600,000.00 per year Benefits: Health insurance Provident Fund Location Type: In-person Schedule: Monday to Friday Work Location: In person Speak with the employer +91 7695888255 Expected Start Date: 01/07/2025