79 Owasp Top Jobs - Page 4

JOB DESCRIPTION Job Purpose This position is open with Bajaj finserv ltd. Duties and Responsibilities Discover and Mitigate Cyber Risks and exploitable vulnerabilities on the internet facing apps/assets Conduct Regular Vulnerability Assessment and Penetration Testing of the applications Experience with latest technologies and security standards such as OWASP, CVSS, Mitre etc. Mobile App Reversing and pen testing as Android and iOS applications security standards Familiarity with malicious code identification and common hacker attack techniques Conduct regular Secure Code and Architecture Review, SAST and DAST Latest technology security – API, Microservices, RPA, IOT etc. Ethical Hacking and Red Teaming Activity (Addon preferred) Assess Third Party Partner vulnerabilities and security risk Remediations, Closures Tracking, Reporting and Management of all Cyber Risks Engage with technology Teams and partners and business units to resolve identified vulnerabilities within acceptable timelines Design and deliver actionable Information Security dashboards and scorecards Work with partners in carrying out comprehensive VAPT assessment Advanced understanding with working experience collecting and tracking threat intelligence Experience working with tracking, communicating, and prioritizing vulnerabilities and cyber threats to an enterprise-wide organization Required Qualifications and Experience Engineering / Computer Graduate with 3-5 years of Information / Cyber Security Experience Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, OSCP etc. preferred Prior experience of Security Testing, OWASP Top 10 and application security Prior experience of Penetration Testing Web Application, Mobile Applications and API Security testing Sound in latest application technologies and network attacks execution Good Written and Verbal Communication with Presentation Skills Good Team Player and sound in stakeholder management Threat Modelling, Cloud Security and WAF basics clarity DevOps / DevSecOps and Source Code security review experience is added boon Well versed with related tools and techniques of all the above Skills SKILL Skills as per JD Minimum Qualification Others

Education Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 3 years of relevant experience. Your future duties and responsibilities: 3+ years of penetration testing experience, preferably in highly regulated industries and for global clients Proficiency with scripting and programming languages, mainly Python Perform Penetration Testing for networks (internal & external), applications, APIs & cloud assessments Vulnerability identification and analysis Collaborate with team members and stakeholders to define project scopes, review test results, and determine remediation steps Advanced problem-solving skills Any security certifications are a plus Strong written and verbal communication skills Ability to work autonomously with little directional oversight Ability to lead a project and multiple testers Commitment to quality and on-schedule delivery; and a proven ability to establish and meet milestones and deadlines Customer-focused mentality to understand and appropriately respond to customers business needs Draft reports and communicate complex security concepts and test findings to clients and stakeholders Make expert recommendations to help clients improve their information security program Work on researching & developing utilities, toolkits, processes, tactics, and techniques Required qualifications to be successful in this role: Must to have skills-Penetration testing, DAST Testing, SAST Testing, OWASP top 10 The candidate should be having experience on various industry based security standards and the relevant tests. The candidate should possess comprehensive experience with various industry-recognized security standards (apart from OWASP, NIST, ISO 27001, and PCI-DSS) and demonstrate proficiency in conducting relevant security assessments and compliance-driven testing based on these frameworks. Good to have Skills- Python Skills: Vulnerability Assessment(IAVA) Vulnerability Testing (IAVT) Artificial Intelligence Python

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary Looking for a detail-oriented and experienced Network Security Analyst to manage, monitor, and optimize the security of our network perimeter. You will be responsible for implementing and maintaining firewall rules, ensuring compliance with security policies, and helping to defend against unauthorized access and threats. The role requires strong analytical skills, hands-on experience with Palo Alto, Cisco ASA, Global Protect VPN and Akamai WAF, and a solid understanding of networking and security principles. Roles & Responsibilities:- Configure, manage, and troubleshoot enterprise firewalls (e.g., Palo Alto, Cisco ASA/Firepower).- Create and maintain firewall policies/rules based on business and security requirements.- Work with stakeholders to review, approve, and implement firewall change requests.- Manage and configure Akamai Kona Site Defender and Web Application Firewall policies- Tune and optimize WAF rules to minimize false positives and maximize threat detection.- Monitor and respond to bot activity using Akamai Bot Manager- Implement and maintain rate-limiting, geo-blocking, and IP reputation settings in Akamai WAF as needed.- Support incident response and forensic investigations related to web application attacks.- Conduct regular audits and rule base reviews to ensure optimal performance and policy compliance.- Participate in incident response activities related to network security.- Collaborate with network engineers and SOC teams to ensure seamless and secure connectivity.- Provide support during network migrations, segmentation projects, or security enhancements.- Document all firewall changes, configurations, and security exceptions. Professional & Technical Skills: - Bachelors degree in Computer Science, Information Security, or related field.- 2 years of hands-on experience managing enterprise firewalls.- Solid understanding of TCP/IP, routing, NAT, VPNs, and access control mechanisms.- Hands-on experience with Akamai WAF (Kona Site Defender) and Akamai Control Center.- Solid understanding of HTTP/HTTPS, DNS, CDN behavior, and OWASP Top 10 threats.- Experience with firewall rule creation, optimization, and troubleshooting.- Familiarity with change management processes and ITIL practices.- Strong problem-solving and analytical skills. Additional Information:- Need to work in rotational shifts 24X7 model - Good verbal and written communication skill- Experience working in a diversified, virtual environment- A 15 years full time education is required.- This position is based at our Bengaluru office. Qualification 15 years full time education

Understand product vision and business needs to define product requirements and product architectural solutions. Use tools and methodologies to create representations for functions and user interface of desired product Develop high-level product specifications with attention to system integration and feasibility Define all aspects of development from appropriate technology and workflow to coding standards Communicate successfully all concepts and guidelines to development team Ensure software meets all requirements of quality, security, modifiability, extensibility etc. Collaborate with other professionals to determine functional and non-functional requirements for new software or applications Provide support for production escalations and problem resolution for customers. Analyse requirements, design develop & maintain software products in alignment with the technology strategy of the organization Participate in technical reviews of requirements, specifications, designs, code and other artifacts. Ensure commitments are agreed, reviewed and met. Learn new skills and adopt new practices readily in order to develop innovative and cutting-edge software products that maintain Company's technical leadership position. Plan, develop and manage the infrastructure to enable strategic and effective use of tools. Lead the evaluation/evolution of tools/technologies/programs with input from internal teams, external developers. Proactively identifying issues and improvement opportunities. Directing resources to diagnose and resolve complex system, application software, security and related problems that impact system and availability. Required education Bachelor's Degree Required technical and professional expertise 15+ years of experience in network protocol development, with a strong focus on security. Deep knowledge of networking layers (OSI model), TCP/IP stack, and common transport/application protocols. Proficiency in C/C++ or Go for low-level development. Hands-on experience with Web Application Firewall (WAF) , OWASP Strong experience managing WAF technologies (any ofAWS WAF, Cloudflare, Akamai). Solid understanding of HTTP/HTTPS, DNS, web servers, load balancers, and CDN integrations. In-depth knowledge of OWASP Top 10 vulnerabilities and mitigation techniques. DDoS mitigation, bot management, or CDN security features. Preferred technical and professional experience Strong problem-solving and debugging skills Excellent written and verbal communication and ability to work in cross-functional and global teams