1535 Penetration Testing Jobs - Page 6

Educational Requirements Bachelor of Engineering Service Line Quality Responsibilities Skills: Good knowledge of CMMI Model, ISO 9001 standard, ITIL practices, Distributed Agile methodologies, DevSecOps models Hands-on experience in practicing and implementing Agile and DevOps practices in both Development and Service/Support projects Hands on experience in handling/supporting few accounts or programs Strong Analytical, Inter-Personal, Networking and Presentation Skills Ability to coordinate with Senior Stakeholders from Delivery and Quality Ability to extract process deficiencies based on factual data Strong Communication and Articulation Skills (Oral & Written) PreferredPMP, ITIL, CSPO, CSM, DevOps Certifications, Certified SAFe Agilist 5.0Roles & Responsibilities: Periodic strategizing and planning of audits, sampling of accounts Perform and manage end-to-end Account Level Audit execution alongwith conducting project level audits Seamless execution of audit alongwith Delivery and Quality teams Clear articulation of risks and business impact from conducted audits Key Risks presentation to Delivery and Quality Leadership Monitoring effective closure of audit findings in a timely manner Technical and Professional Requirements: Competencies: MandatoryISO Standards, CMMI – High Maturity Practices, Agile, DevOps, ISO 9001, ITSM CSM, DevOps and relevant Industry Certifications around these competencies PreferredCMMI ,ISO 13485, AS9100D, ISO 42001 in addition to above Mandatory Skills. PMP/ Prince 2, CSPO, Certified SAFe Agilist 5.0 Certifications can also apply. Preferred Skills: Foundational-Quality models/improvement frameworks-ISO 9001 Foundational-Quality models/improvement frameworks-CMMi for Development-CMMI Process Area wise process definitions

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experience in delivering VAPT in Web(Thin and Thick Client), Mobile and APIs Should have good and effective communication skills in English. (Oral and written) Technical and Professional Requirements: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting languages(e.g. Shell) Knowledge on DevSecOps Preferred Skills: Technology-Security Testing-Security Testing - ALL

As an Associate Developer at IBM, you'll work with clients to co-create solutions to major real-world challenges by using best practice technologies, tools, techniques, and products to translate system requirements into the design and development of customized systems. In your role, you will be responsible for Your primary responsibilities include: Working on the end-to-end feature development and solving challenges faced in the implementation. Collaborate with key stakeholders, internal and external, to understand the problems, issues with the product and features and solve the issues as per SLAs defined. Being eager to learn new technologies and implementing the same in feature development Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Hands on extensive experience on RPG language on AS/400 System I and have worked on Production system and Application Development. 3+ years of relevant experience working on mainframes. * Should have technical expertise/hands on - Assembler, COBOL, JCL, CICS, VSAM, Inter-test, Fault Analyser, File-Manager, Control-M/Any other Scheduler etc. Should have expertise working on JIRA/Confluence/SharePoint/Any Change management tool (Remedy/My service/Service now etc.) Message Types and Transaction flows Preferred technical and professional experience Processing between Acquirers, Issuer & Acquiring gateways etc. Interact with different stake holders, gather and articulate the Requirements. Good communications skills to deal with the clients directly and set up calls to bring the Business and Delivery inline

Support asset development, process establishment. Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. Mandatory: 5+ years of strong Application Security experience in S-SDLC Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing Hands on experience into Mobile application Security Android/iOS - reverse engineering/memory analysis etc. Security tool experience - HCLAppScan/CheckMarx/Fortify/Veracode/Burp Suite Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. Independent global client handling AppSec delivery exposure. >=2 years. Excellent interpersonal skill.

Looking for an Application Security Analyst/Engineer with 5 to 7 years of hands-on experience in application security assessments, including architecture/design review, code analysis, penetration testing, and third-party/vendor risk reviews. The ideal candidate will possess strong expertise in secure coding, security testing tools, and key protocols. Key Responsibilities Conduct application security assessments: architecture/design reviews, code reviews, and penetration testing. Utilize SAST and DAST tools to uncover vulnerabilities in both code and running applications. Analyze and document penetration testing results, highlighting risk areas and recommending countermeasures. Perform vendor risk assessments to ensure compliance and third-party security practices. Collaborate with engineering and QA teams to implement security best practices throughout SDLC. Maintain expertise in HTTP, HTTPS, SSL/TLS, and SFTP protocols for secure communication and file transfer. Keep up with security trends, technologies, and emerging threats. Required Skills & Qualifications Bachelors in Computer Science, Information Security, or relevant field (or equivalent experience). 5-7 years of application security assessment experience. Hands-on with SAST (e.g., SonarQube, Fortify) and DAST (e.g., Burp Suite, OWASP ZAP) tools. Penetration testing skills with real-world scenario simulation. Understanding of security protocols: HTTP, HTTPS, SSL/TLS, SFTP. Familiarity with OWASP Top 10, vulnerability management, and security frameworks. Analytical and communication skills. Preferred Qualifications Security certifications (e.g., OSCP, CEH, CISSP, GIAC). Knowledge of cloud security (AWS, Azure, GCP). Exposure to DevSecOps and CI/CD integration for security.

Application Security Risk Classification Analyst Project description Do you have the know-how to apply business analysis techniques to deliver process and control execution in Application Security area? Are you a committed and collaborative team player with an analytical and logical mind-set? Are you motivated to work in a complex, diverse and global environment? ASCA (Application Security Risk Classification (ASCA) is part of a global organization within Technology Information Security Office (TISO). Our services focus on Cyber Hygiene for applications and infrastructure, detecting/remediating/governing measures for cyber threats. . You'll be working as part of our global Application Security team. As an ASCA Analyst, you'll play an important role in ensuring the on-going cyber-security of our client. We offer flexibility in the workplace and equal opportunities to all our team members. Our team is global, diverse and collaborative as we work across organizations to keep our technology, applications and the businesses they support secure. Responsibilities We're looking for a ASCA business analyst to: On-board applications to Application Security Framework (ASF) in cooperation with the Software Component Manager (SWCM) Management of applications in scope of control processes and execution Management of the pipeline of the applications to be onboarded Coordinating entries to Application Security Management System Compliance reporting to stakeholders, including risk and compliance teams. Production Tollgate verification for releasing applications into Production environment. Skills Must have Your expertise Ideally 2-3 years of experience in applying cyber security analysis or administration, preferably in IT Security or Risk Management projects (Application Security area preferred). Experience with data analysis proficiency with Excel is a must. Ability to work independently on assigned tasks and driving them from start to completion. Ability to challenge and propose possible improvements (in various areas, e.g. process, reporting) Ability to explain complex concepts in a clear and concise manner Use to work with stakeholders on different levels of the organization Use to work in a demanding and variable environment Excellent written and verbal communication skills Fluent in English Nice to have Experience within Application Security area preferred

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

As a highly experienced Principal, Application Security Engineer, you will play a crucial role in leading and evolving our global application security strategy. Your primary focus will be to ensure that our products and platforms are developed securely from the ground up and remain resilient in the face of an ever-changing threat landscape. Collaboration with engineering, product, DevOps, and Security teams will be key as you work to integrate security into our software development life cycle (SDLC), promote secure coding practices, and influence stakeholders and leaders throughout the organization. Your responsibilities will include developing application security strategies at a global level, designing and implementing secure applications, and consistently enhancing the SDLC process. You will conduct comprehensive security assessments, encompassing static and dynamic application security testing (SAST/DAST), threat modeling, web/mobile application and API penetration testing, and reviews of application architecture. Collaboration with various teams such as security operations, DevOps, development, networking, IT, and product teams will be essential to remediate issues and uphold a strong security posture. Additionally, you will contribute to the development and automation of security testing tools and processes, manage third-party penetration testing services, and deliver threat modeling training to development teams to bolster product security and mitigate risks. In the event of incident response (IR) activities related to application security, your assistance will be invaluable. To excel in this role, you should possess at least 7 years of experience in areas such as application security engineering, threat modeling, penetration testing, web application/API development (e.g., .NET/C#, Java, JavaScript), system administration, networking, and information security. Proficiency in web application/API testing, static code analysis, and web application vulnerability scanners is crucial. Industry certifications from reputable organizations like OffSec, SANS, or isc2 will be advantageous. Prior experience in a technical security engineering role involving mentorship or training is desirable. Effective communication skills, along with experience in presenting to both technical audiences and executive leadership, are important attributes for success in this position. This position is based in Mumbai/Bangalore and offers remote work flexibility. The ideal candidate should be able to join within 30 days. Join us in promoting United States Equal Opportunity Employment by being part of our dynamic team focused on enhancing application security and safeguarding our products and platforms.,

As a Principal Security Testing Engineer at Atlassian, you will have the opportunity to work remotely or from the office, giving you the flexibility to balance your personal and professional life effectively. At Atlassian, we believe in providing our employees with the autonomy to choose where they work, and we hire talent from any country where we have a legal presence. Our interview and onboarding processes are conducted virtually, reflecting our commitment to being a distributed-first company. In this role, you will collaborate closely with the Security Testing Manager to establish and enhance the Security Testing team and capabilities. Your primary responsibilities will include conducting penetration testing, manual code reviews, and driving process improvements within the team. As the Technical Subject Matter Expert (SME), you will equip the team with the latest tools, techniques, and methodologies to identify vulnerabilities that standard off-the-shelf tools may overlook. The Security Testing team at Atlassian is dedicated to safeguarding the security of our products, platforms, and customers. As a Principal Security Testing Engineer, you will lead efforts to validate Atlassian's technical security posture and collaborate with various security and leadership groups. You will have the opportunity to contribute to the growth of a team of penetration testers based in our Bangalore office, providing world-class technical assurance through high-quality testing practices. To excel in this role, you should have a strong background in penetration testing, application security, and code review. Your day-to-day activities will involve providing expert guidance to the team, enhancing testing workflows, recruiting top-tier talent, and analyzing vulnerability data to identify trends and control gaps. Your success will be measured by your ability to identify significant vulnerabilities, build strong relationships across engineering and security teams, and establish effective testing processes that align with strategic objectives. Ideal candidates will have at least 6 years of penetration testing experience, with 2 years in a leadership role. Additionally, experience in white-box application security testing, full-stack application security, and mentoring junior testers will be beneficial. On your first day, you should be capable of conducting penetration tests and code reviews, demonstrating a deep understanding of security testing methodologies and effective collaboration with technical teams. At Atlassian, we offer a range of perks and benefits to support our employees and their families, including health and wellbeing resources and paid volunteer days. Our inclusive culture and collaborative hiring process aim to unleash the potential of every team member. If you are passionate about security testing, enjoy sharing knowledge, and thrive in a collaborative environment, we encourage you to join our growing team at Atlassian.,

The role of an Application (software) Security Engineer is an entry-level, hands-on, engineering-focused position with the responsibility of fostering a Secure SDLC and secure by design approach and practice across all software engineering teams. You must possess a good combination of problem-solving and communication skills to effectively support the Application Security, InfoSec, and Software engineering teams. Your main responsibilities will include configuring and fine-tuning Application Security tests and vulnerability scans, integrating security testing into CI/CD pipelines, and collaborating with Senior Application Security engineers on Penetration tests set up and validation. Additionally, you will be expected to document and update processes and procedures, conduct research and consultations with colleagues, deliver secure software development training such as OWASP Top10, and collaborate with Security Analysts on software vulnerabilities and security issues. This will involve determining scope, severity, and potential impact of security issues, recommending next steps, and following through with risk treatment and mitigation. You will also be required to appropriately escalate issues to various teams and levels of authority within the organization. To qualify for this role, you must have a Bachelor's degree in a relevant business or technical discipline, along with a minimum of 3 years of relevant work experience. Demonstrated knowledge of application security concepts, best practices, and methods is essential, as well as experience with various application security tools including SAST, SCA, and DAST. Experience with Web Application security testing like Web Pentesting, Fuzzing, and Automated tests is also required. Ideally, you will also have experience securing cloud infrastructure and cloud applications, working knowledge of various architectures and design patterns, ability to code in at least one programming language (such as python, javascript, or go), familiarity with AWS native security tools, and knowledge of current and emerging security technologies and threats. Experience with threat analysis methodologies and tools, developer tools, project management, bug tracking systems, and integrating security tools into CI/CD pipelines would be considered advantageous for this role. This is a challenging yet rewarding opportunity for an individual with a passion for application security and a drive to contribute to the implementation of secure software practices within a dynamic organization.,

As an AI Test Automation Developer in Bangalore hybrid, your responsibilities will include developing AI-driven test agents to automate routine testing tasks such as test case generation, documentation, and scripting. You will be responsible for implementing automation frameworks for testing AI models and software components, as well as integrating test automation solutions into existing frameworks. Additionally, you will design and develop automated test scripts using open-source tools and frameworks, and identify, analyze, and document defects in AI models and software applications. Collaboration with developers and data scientists to ensure AI algorithms meet quality standards is a key aspect of your role. Monitoring and troubleshooting AI system performance to improve accuracy and efficiency, integrating security testing into the automation framework to identify vulnerabilities, and conducting penetration testing to assess security risks in AI-powered applications are also part of your responsibilities. Ensuring compliance with security standards and best practices for AI models and software, as well as staying updated on industry trends and advancements in AI testing methodologies and cybersecurity, are essential for success in this role. To qualify for this position, you should have a Bachelor's degree in computer science or equivalent, along with a minimum of 10 years of experience in QA test automation development. Proficiency in programming languages such as C#, Java, or Python is required. Hands-on experience with test automation tools like Selenium, TestNG, Junit, Playwright, or equivalent is necessary. Strong knowledge of AI/ML concepts, particularly LLMS and Gen AI testing frameworks and techniques, is essential. Experience working with CI/CD pipelines and tools like Jenkins, GitHub Actions, or Azure DevOps is preferred. Understanding security testing methodologies, including penetration testing and vulnerability assessments, is a key requirement. Experience with web applications, mobile apps, and cloud platforms (AWS, Azure, or Google Cloud) for AI model deployment and testing is beneficial. Strong experience with testing the reliability and accuracy of synchronous APIs by verifying request-response interactions and asynchronous APIs is also important. Deep knowledge of user story to test case translation with methods like Gherkin/Cucumber or equivalent is required. The ability to quickly grasp and distill highly complex user design issues into clean, understandable solutions is a must. You must be able to flourish in a fast-paced, iterative, deadline-driven environment. Strong communication and organizational skills are critical to success among a company of talented individuals.,

As a Security leader with a background in AWS and cloud Security, you play a crucial role in defining and enforcing the security policies and procedures of the organization. With excellent written and verbal communication skills, exceptional organizational abilities, and expert-level proficiency in IT and Cloud Security, you will be responsible for architecting and implementing IT Security policies while reporting to the Director of Information Technology. In this full-time role, your essential duties and responsibilities include providing leadership and technology vision to the IT Security team, performing internal and external security audits, documenting, implementing, and monitoring adherence to IT security standards, as well as assessing and improving security metrics. You will work on enhancing security tools and operations, monitor and manage IDS, vulnerability scanning, and assessments, and serve as the Data Privacy Officer (DPO) for the company. Creating awareness within the company regarding Security, Privacy, and compliance requirements, ensuring security and privacy training for staff involved in data processing, conducting security and privacy audits, and serving as the point of contact between the company and clients for privacy controls are key aspects of your role. Additionally, you will be responsible for log aggregation and analysis, managing Anti-Virus software, addressing security and data breach-related incidents, and ensuring customer satisfaction while being accountable for individual product/project success and quality. To qualify for this position, you must hold certifications such as CISSP, Security+, or equivalent, along with having 10+ years of Cyber Security experience, 5+ years of IT management experience, 5+ years of AWS experience, and 3+ years of experience with Identity & Access Management tools. Your extensive experience with Linux & Windows Security administration, managing Cloud and Container Security, Network and Application penetration testing, vulnerability scanners, IDS, IPS deployment and monitoring, SIEM tools, security automation, incident response & management, vulnerability management, and patch management will be essential. Moreover, your role will involve ensuring organization efficiencies through continual improvement programs, representing the organization in inspections and audits, driving action plans to closure, conducting deep dive RCAs and ensuring CAPAs are closed, and maintaining a metrics-driven approach. Additional qualifications such as experience with monitoring tools like Datadog, Change Management, Configuration Management, Infrastructure as Code tools, hardening Operating Systems and Applications, endpoint security management, working in GxP environments, and familiarity with various practices will be beneficial. With no travel expectations, this role requires a dedicated and experienced professional who can effectively lead security operations and teams, prioritize security and privacy, and drive continuous improvement initiatives to enhance organizational security posture.,

The Cybersecurity Intern will be responsible for supporting various aspects of cybersecurity operations including governance, risk, compliance, assessments, and Security Operations Center (SOC) activities. The Intern will have the opportunity to work on different projects across multiple locations such as Thane, Pune, Bengaluru, and Mumbai. This internship will provide hands-on experience in the field of cybersecurity and offers a potential full-time position upon successful completion. In the role of CyberSecurity Intern - GRC, you will assist in developing and implementing information security policies, standards, and procedures. Your responsibilities will include educating employees on best practices, collaborating on security awareness programs, and supporting clients in establishing effective security governance frameworks. Additionally, you will help in compliance programs, conduct security audits, and identify vulnerabilities in clients" IT infrastructure. As a CyberSecurity Intern - Assessment, your key responsibilities will involve conducting Vulnerability Assessment and Penetration Testing (VAPT) for various applications, performing source code and configuration reviews, and preparing detailed security findings and recommendations. You will also guide clients in patching vulnerabilities, stay updated on cybersecurity trends, and contribute to continuous learning and adaptation in the field. In the role of CyberSecurity Intern - SOC, you will monitor security events and alerts, assist in analyzing potential threats, and participate in the investigation and documentation of security incidents. You will research emerging cyber threats, work on improving detection use cases, apply threat intelligence to monitoring activities, and support in creating reports and dashboards. Requirements for this internship include pursuing a degree in Computer Science, Information Security, or a related field, basic understanding of cybersecurity principles and tools, familiarity with Linux/Windows systems and networking concepts, eagerness to learn in a SOC/MDR environment, excellent communication and analytical skills. Certifications like CompTIA Security+ and CEH are preferred but not mandatory.,

As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will play a crucial role in identifying and addressing security vulnerabilities within IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your primary responsibilities will involve conducting thorough security assessments on critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. By simulating advanced adversary tactics, you will uncover vulnerabilities and offer strategic guidance for remediation. This position requires individuals with a comprehensive understanding of enterprise IT security and industrial/embedded system ecosystems. Your duties will encompass various key areas: 1. Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): - Conduct black-box, grey-box, and white-box VAPT on a range of assets including enterprise IT assets, OT/ICS assets, and IIoT platforms. - Simulate APT-level attacks across different IT-OT architectures and execute Red Team scenarios to replicate insider threats or supply chain compromise. 2. ICS Protocol & Field Device Security Testing: - Analyze and exploit vulnerabilities in various ICS protocols. - Perform live traffic analysis, packet manipulation, and protocol fuzzing to evaluate resilience. - Assess control logic vulnerabilities in ladder logic, structured text, and function blocks. 3. Firmware & Hardware Exploitation (IIoT/ICS Devices): - Extract and analyze firmware from industrial devices using specific interfaces. - Conduct static and dynamic analysis utilizing various tools. - Reverse engineer file systems and analyze web interfaces or CLI backdoors. - Exploit misconfigured bootloaders, firmware upgrade mechanisms, or exposed debug ports. 4. Network Architecture & Segmentation Testing: - Review and test IT-OT segmentation via different configurations. - Evaluate trust relationships, weak credential policies, and insecure remote access. - Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5. Cloud & IIoT Platform Security: - Evaluate MQTT brokers, telemetry, and analytics pipelines. - Test REST APIs, mobile app integrations, and cloud misconfigurations. - Identify insecure certificate handling, default API tokens, and encryption issues. You will also be responsible for developing detailed technical and executive-level reports, recommending hardening measures for IT and OT systems, ensuring compliance with industry frameworks, and aligning assessments with regulatory standards. Additionally, you should have a Bachelor's or Master's degree in a relevant field and possess deep knowledge of ICS/SCADA systems, embedded architectures, and real-time operating systems. Hands-on experience with various security tools and certifications such as OSCP, GRID, GICSP, or CISSP are preferred. This role may involve travel across the country for project execution, coordination with distributed teams, and effective communication skills are essential. If you meet the requirements and are passionate about cybersecurity and industrial systems, we encourage you to submit a cover letter summarizing your experience along with a resume and a recent passport-size photograph.,

The Senior Cyber Security Engineer / Cyber Security Engineer position in Bangalore requires 3 to 6 years of experience in the security domain. As a part of your role, you will be responsible for performing Application, API, and Microservices Pentest, Network Pentest (Internal and External), Mobile App Pentest, Mobile Assessments, Threat Modeling, Legal Reviews, Reporting, Proof of Concepts (PoCs) of vulnerabilities, Documentation, coordinating with various stakeholders, conducting R&Ds, and other security analysis. The mandatory requirements for this role include at least 3 years of relevant experience in the security domain, proven expertise in Web Application Penetration testing (Web, Mobile, API/Web Services on JAVA & .Net) through DAST Manual approach, hands-on experience in DAST tools, API (SOAPUI, PostMan), DAST Manual Assessments, Threat Modeling, and Penetration Testing. You should also possess good Network Pentest skills for external and internal networks, and excellent written and verbal communication skills. Preferred skillsets for this position include hands-on experience of DevSecOps, good knowledge of Java, .NET, SQL queries (Oracle, PostgreSQL, etc.), experience in automating security tasks using Python or Java Frameworks, System/Network Exploitation, Red Teaming, understanding of Security Frameworks, and hands-on experience with MS Tools. If you meet the above requirements and have the necessary skillsets, you will be a valuable addition to our team as a Senior Cyber Security Engineer / Cyber Security Engineer.,

As a Security Delivery Associate Manager at Accenture, you will be part of the Technology for Operations team, serving as a trusted advisor and partner to Accenture Operations. Your role will involve providing innovative and secure technologies to assist clients in building an intelligent operating model that drives exceptional results. Collaborating closely with the sales, offering, and delivery teams, you will identify and develop innovative solutions to meet client needs. Your responsibilities will include establishing and maintaining a security governance framework, supporting management structures and processes to ensure information security strategies align with business objectives and comply with relevant laws and regulations. By adhering to policies and internal controls, assigning responsibilities, defining metrics, and reporting, you will help manage risk and compliance requirements effectively. We are seeking a candidate with a commitment to quality, experience in research and development, strong negotiation skills, effective problem-solving abilities, and proficiency in risk management. The ideal candidate will possess in-depth knowledge in application security, hands-on experience in SAST, DAST, and penetration testing, as well as familiarity with DevSecOps and Software Composition Analysis. Additionally, expertise in scripting using Python, database knowledge, networking skills, and certifications such as CISSP, CCSP, CISM, CEH, and ECSA would be advantageous. In this role, you will analyze and resolve moderately complex problems, create new solutions by adapting existing methods and procedures, and align your work with the strategic direction set by senior management. Your primary interactions will be with your direct supervisor or team leads, as well as peers and management levels within Accenture and client organizations. You should be able to work independently on new assignments with minimal guidance, making decisions that impact your team and occasionally other teams. If in a leadership role, you may manage medium-sized teams or work efforts at a client or within Accenture. Please be aware that this position may involve working in rotational shifts.,

You will be required to work onsite, 5 days per week at our Bengaluru office on a long-term freelance basis. As an experienced Software Testing Architect, you will play a crucial role in defining and leading comprehensive test strategies and quality frameworks for complex software product lines. Your responsibilities will include architecting end-to-end testing solutions covering manual and automated testing across various levels such as system, functional, integration, soak, black-box, and load testing. Your main focus will be on driving Test-Driven Development (TDD) adoption, selecting and customizing multiple automation frameworks, and ensuring security adherence through penetration testing strategies. Collaborating with cross-functional teams will be essential to embed quality assurance throughout the Software Development Life Cycle (SDLC), while also mentoring QA teams and establishing best practices for test design and implementation. Key Responsibilities: - Define and drive the overall test architecture and quality strategy for complex software products, ensuring optimal test coverage and identifying high-risk areas requiring focused testing efforts. - Lead manual and automation testing efforts across different levels (functional, system, integration, black-box, soak, and load testing) to validate software products under various conditions. - Select, customize, and manage multiple test automation tools and frameworks based on project requirements, continuously improving test coverage, automation efficiency, and test reliability. - Lead the adoption of Test-Driven Development (TDD) methodologies, integrating test cases early in the development cycle, and collaborating with developers, product owners, and DevOps teams to embed quality assurance at every SDLC stage. - Design and monitor performance and load testing scenarios using appropriate tools to validate system reliability under stress, while mentoring QA teams and establishing best practices for test design, implementation, and reporting. Engagement Highlights: - Onsite position, requiring 5 days per week presence at the Bengaluru office. - Long-term role with the potential opportunity to lead a team and work on a significant set of analytics applications.,

Apply on company website- https://zrec.in/hIRJh?source=CareerSite

Senior Test Engineer-Security Testing Position Description Position: Security Testing -Senior Test Engineer/Lead Analyst Experience: 4 to 10 years Category: Software Development/ Engineering Location: Bangalore/Hyderabad/Chennai/Pune/Mumbai Employment Type: Full Time Education Qualification: Bachelors degree in computer science or related field or higher with minimum 4 years of relevant experience. We are seeking a highly skilled and experienced Penetration Tester to join our cybersecurity team. The ideal candidate will have a strong background in ethical hacking and vulnerability assessment, with a proven track record of delivering high-quality security testing in regulated industries and global environments. Your future duties and responsibilities Your future duties and responsibilities 4+ years of penetration testing experience, preferably in highly regulated industries and for global clients • Proficiency with scripting and programming languages, mainly Python • Perform Penetration Testing for networks (internal & external), applications, APIs & cloud assessments • Vulnerability identification and analysis • Collaborate with team members and stakeholders to define project scopes, review test results, and determine remediation steps • Advanced problem-solving skills • Any security certifications are a plus • Strong written and verbal communication skills • Ability to work autonomously with little directional oversight • Ability to lead a project and multiple testers • Commitment to quality and on-schedule delivery; and a proven ability to establish and meet milestones and deadlines • Customer-focused mentality to understand and appropriately respond to customers business needs • Draft reports and communicate complex security concepts and test findings to clients and stakeholders • Make expert recommendations to help clients improve their information security program • Work on researching & developing utilities, toolkits, processes, tactics, and techniques Required qualifications to be successful in this role Required qualifications to be successful in this role Must to have skills-Penetration testing, DAST Testing, SAST Testing, OWASP top 10 The candidate should be having experience on various industry based security standards and the relevant tests" The candidate should possess comprehensive experience with various industry-recognized security standards (apart from OWASP, NIST, ISO 27001, and PCI-DSS) and demonstrate proficiency in conducting relevant security assessments and compliance-driven testing based on these frameworks. Good to have Skills- Python

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and experienced Senior SailPoint Identity Security Cloud (ISC) professional to lead the development and support of our identity governance solutions. This role requires deep hands-on experience with SailPoint ISC, advanced troubleshooting capabilities, performing root cause analysis, and developing custom connectors or workflows to meet complex business requirements Roles & Responsibilities:-Customize identity workflows to meet business needs--Provide advanced troubleshooting of SailPoint ISC issues-Track and close defects through to permanent fix-Act as L3 SME support for SailPoint ISC issues-Integrate SailPoint ISC with target systems (AD, Azure AD, SAP, cloud SaaS apps)-Build or modify custom connectors where OOTB does not fit-Advise on SailPoint best practices and standards-Contribute to process improvements and automation within the identity team-Hands-on with SailPoint Identity Security Cloud (or IdentityNow with migration to ISC)-Familiarity with REST APIs, JSON, SCIM, and modern identity protocols (OAuth, SAML, OIDC) Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to analyze and mitigate security risks in cloud environments.-Hands-on Exp with SailPoint Identity Security Cloud (or IdentityNow with migration to ISC)-Familiarity with REST APIs, JSON, SCIM, and modern identity protocols (OAuth, SAML, OIDC) Additional Information:- The candidate should have minimum 7.5 years of experience in SailPoint IdentityNow.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Looking for an experienced Senior CyberArk Cloud Engineer to lead the design, implementation, and support of our privileged access management (PAM) program leveraging CyberArk Privilege Cloud. The ideal candidate will have a deep understanding of privileged access controls in cloud and hybrid environments, hands-on CyberArk experience, and the ability to drive security best practices across the organization. Roles & Responsibilities:-Define secure vaulting, session isolation, credential rotation, and privileged task automation-Develop architecture diagrams and documentation for hybrid and multi-cloud PAM solutions-Integrate CyberArk Privilege Cloud with cloud platforms (AWS, Azure, GCP) and on-prem systems-Lead CyberArk Privilege Cloud onboarding and migration initiatives-Configure privileged account onboarding, safe structures, access controls, and policies-Set up session recording, monitoring, and auditing-Integrate with directories (AD/Azure AD) and identity providers (SSO)-Act as senior escalation point for CyberArk issues-Support upgrades, patching, and ongoing maintenance of the CyberArk SaaS environment-Monitor vault performance, logs, and incident trends-Perform troubleshooting and root cause analysis of PAM issues Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with compliance standards such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Identity Management Good to have skills : Test Data Management ImplementationMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in strategic discussions to align security initiatives with organizational objectives, providing guidance and expertise to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate workshops and training sessions to enhance team understanding of security protocols.- Continuously evaluate and improve security processes and frameworks to adapt to evolving threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Identity Management.- Good To Have Skills: Experience with Test Data Management Implementation.- Strong understanding of cloud security principles and practices.- Experience in designing and implementing security architectures.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 15 years of experience in ForgeRock Identity Management.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

RESPONSIBILITIES Perform penetration testing and vulnerability assessments on web, API, and mobile applications to identify security weaknesses Create new testing methods to identify vulnerabilities. Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses. Search for weaknesses in common software, web applications, and proprietary systems. Document and communicate findings as per ASVS checklist, risks, and recommendations in detailed reports for technical and non-technical stakeholders Review and provide feedback for information security fixes. Establish improvements for existing security services, including hardware, software, policies, and procedures. Identify areas where improvement is needed in security education and awareness for users. Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity). Stay updated on emerging threats, security trends, and best practices in cybersecurity to improve testing methodologies REQUIRED 3-6 years of Security Vulnerable, Exploitation, and Penetration testing experience. Experience with OWASP testing Guide / Open-Source Security Testing Methodology Manual Experience deploying enterprise security testing solutions. Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration. Advanced understanding of security concepts and security best practices Understanding and familiarity with common code review methods and standards Experience with performing penetration testing and risk assessments against computer networks Background with Qualys, Tenable, and OpenVAS Vulnerability Scanners Ability to think analytically. Knowledge of technical systems and terminology. Proficiency in scripting languages. Ability to identify and exploit vulnerabilities. GOOD TO HAVE Relevant industry certifications like CEH, GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience working with frameworks like MITRE ATT&CK/D3FEND) and security-related legal and regulatory requirements (ISO 27001, NIST, PCIDSS etc.). Strong problem-solving skills and leadership abilities, with good interpersonal skills to build relationships and communicate findings professionally, with fluency in written and spoken English.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : Identity Access Management (IAM)Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security best practices into cloud operations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Good To Have Skills: Experience with Identity Access Management (IAM).- Strong understanding of cloud security principles and frameworks.- Experience in designing and implementing security controls in cloud environments.- Familiarity with regulatory requirements and compliance standards related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Saviynt Identity Platform.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the cloud security framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to assess and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 10 years full time education is required. Qualification 15 years full time education