5 Rasp Jobs

As a highly skilled professional in the field of Information Security, you will play a crucial role in ensuring the secure development of software applications. With your University degree in computer science or IT and a minimum of 6 years of experience in Information Security, you will possess the necessary qualifications to excel in this role. Your expertise in Software Development Lifecycle (SDLC) security reviews, control environment evaluation, and design flaw assessments will be key in upholding the highest standards of security. Your responsibilities will include conducting internal and third-party Security Risk Assessments on critical assets, coordinating with project teams to enforce security frameworks throughout the SDLC, and preparing detailed security effectiveness reports for management review. Your hands-on experience in Static and Dynamic Application Security Testing, along with your familiarity with industry best practices such as OWASP, SANS Institute, and NIST, will be invaluable in developing a comprehensive security framework for developers to follow. In this role, you will also be responsible for testing applications/systems against SSDLC frameworks, ensuring compliance with RBI/ReBIT Information Security practices, and facilitating the integration of new applications into the data center post-assessment. Your expertise in application security tools and methodologies, along with your ability to define and enhance security requirements for agile development methods, will be essential in driving continuous improvement in application security standards. Additionally, you will collaborate with the DevSecOps team to establish secure CI/CD pipeline processes and enable application teams to develop new capabilities securely. Your certifications in CISSP, CSSLP, cloud security, or DevSecOps automation will further validate your expertise and commitment to upholding the highest standards of information security in the industry.,

As a Technical Specialist/Presales Specialist Cyber Security at Techjockey, you will play a crucial role in ensuring the technical accuracy of proposed solutions for specific opportunities or projects. Engaging closely with clients, you will establish yourself as their trusted advisor by collaborating to define, design, and detail the technical aspects and feasibility of the solutions. You will be involved in presenting the latest cybersecurity trends to customers and demonstrating how they can secure their data, network, applications, endpoints, and cloud infrastructure. Your responsibilities will also include engaging with clients at various levels of their organization, collaborating with OEMs for business opportunities, conducting technical sessions on cybersecurity with customers and the in-house team, writing responses to client RFPs, and defining and delivering Proof of Concepts. Your success in this role will be supported by your experience in technical sales, delivery, and demonstrating Proof of Concepts in cybersecurity solutions and methodologies such as ZTNA, PAM, DC, SIEM, SOAR, XDR, EDR, WAF, RASP, SSO, Data Protection, Fraud Prevention, Identity & Access Management, or Cloud Security. At Techjockey, you will thrive in a flat, collegial work environment that values a work hard, play hard attitude. You will have the opportunity for rapid growth by embracing continuous learning and working with a dynamic team of recruitment enthusiasts. You can expect 360-degree exposure to recruitment strategies, high ownership of your work, and a range of perks including health insurance benefits, career development plans, a friendly work environment, fun-filled employee engagement activities, and flexible work timings. Join us at Techjockey for a rewarding career where you can make a difference in the cybersecurity domain and enjoy a vibrant work culture that fosters personal and professional growth.,

Join us as an Application Security Consultant at Barclays, where you will play a key role in supporting the successful delivery of Location Strategy projects while adhering to plan, budget, agreed quality, and governance standards. You will be at the forefront of evolving our digital landscape, driving innovation, and ensuring excellence in our digital offerings to provide unparalleled customer experiences. To excel in this role, you should possess a strong understanding of CVEs, CWEs, and their impact on applications. Additionally, you must have in-depth knowledge of various AppSec technologies such as SAST, DAST, SCA, IAST, and RASP. Proficiency in at least one programming language and framework, as well as experience in writing scripts in languages like Python and JavaScript, are essential skills for this position. Desirable skill sets to have include the ability to showcase expertise in low-level technical topics, such as native development on any platform, and experience with languages used in modern mobile development like Java+JNI, Objective C, and Swift. Familiarity with concepts like reverse engineering, assembly, and mobile code hardening techniques will be beneficial. Furthermore, the ability to replicate vulnerabilities in a lab environment is a plus. As an Application Security Consultant, you will be based in Pune and will be responsible for supporting various business areas with day-to-day tasks, including processing, reviewing, reporting, trading, and issue resolution. You will collaborate with teams across the bank to align operational processes, identify areas for improvement, and implement operational procedures and controls to mitigate risks while maintaining efficiency. In this role, you will also develop reports and presentations on operational performance, identify industry trends, and participate in projects to enhance operational efficiency. As an Assistant Vice President, you will consult on complex issues, advise People Leaders on escalated matters, and contribute to risk mitigation and policy development. You will take ownership of managing risk, collaborate with other business areas, and engage in data analysis to creatively solve problems and communicate complex information effectively. Your role will also involve influencing stakeholders to achieve desired outcomes. All colleagues at Barclays are expected to embody the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset of Empower, Challenge, and Drive. Your commitment to these values and mindset will serve as our moral compass and guide our behavior within the organization.,

Position Summary: We are seeking a highly skilled and experienced Product Security Strategy Senior Advisor, who will also act as a mentor to our team in HIH, to lead and mature our application and product security team. This role is pivotal in driving the overall maturity of our product security program, ensuring robust security measures are integrated into our development processes, and providing direct line management for team members in the HIH region. This individual will work on several of the largest technology initiatives for Evernorth, aimed at revolutionizing health services and the healthcare delivery system in the United States, utilizing the latest technologies and development techniques. Job Description & Responsibilities: Lead and manage the product security strategy team, focusing on the overall maturity and effectiveness of the application and product security program. Act as the direct line manager for security team members in the HIH region, providing guidance, support, and career development. Develop and implement long-term strategic security initiatives to continuously improve our security posture and innovate within the product security space. Oversee and guide the development and implementation of secure software and systems architectures. Collaborate with cross-functional teams to identify security requirements and develop comprehensive security strategies. Conduct security assessments, threat modeling, and vulnerability analysis to ensure robust security measures are in place. Oversee product security incident response activities, ensuring timely and effective resolution of security incidents and incorporating lessons learned into future strategies. Foster strong communication and relationship-building skills to negotiate and influence across various levels of the organization. Ensure compliance with industry standards and regulatory requirements. Mentor and develop team members, promoting a culture of continuous learning and improvement. Drive the integration of security practices into all stages of the product development lifecycle. Maximize the security efficiency (operational, performance, and cost) of the application assets. Advocate for and implement innovative security solutions to address emerging threats and vulnerabilities. Lead efforts to standardize security practices across the organization, promoting consistency and best practices. Collaborate with external partners and industry groups to stay abreast of the latest security trends, threats, and technologies. Experience Required: Bachelor s or Master s degree in Computer Science, Information Security, or a related field. 13 years of experience in cybersecurity, with a focus on application and product security. Proven expertise in automating security solutions within development pipelines (CI/CD). Extensive experience in threat modeling, architecture reviews, and vulnerability management. Strong understanding of various pipeline touchpoints and integration methods. Cloud experience (AWS, Azure, Google Cloud, OCI) is highly desirable. Familiarity with modern security technologies, practices, and standards. Strong knowledge of secure software development practices and principles. Industry certifications such as CISSP, CISM, CEH, or similar are preferred. Excellent leadership and team management skills. Strong communication, relationship-building, and negotiation skills. Ability to work effectively in an Agile environment. Experience Desired: Experience with security tools and platforms such as static analysis (SAST), dynamic analysis (DAST), and runtime application self-protection (RASP). Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS). Hands-on experience with security automation and orchestration. Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Shell scripting). Ability to manage and prioritize multiple projects in a fast-paced environment. Education and Training Required: Advanced degree (Master s or higher) in Computer Science, Information Security, or a related field. Relevant industry certifications. Additional training in secure software development, application security, and risk management is highly desirable. Primary Skills: Advanced expertise in secure software development practices, application security, and security tool integration. Proficiency in Angular and Java for security-related software development and integration. Additional Skills: Extensive experience with AWS and other cloud platforms, with a focus on securing cloud-based applications and services. Hands-on experience with application security frameworks and tools, including security automation and orchestration.

The Senior Manager of Information Security (External Role Description Application / Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing and executing strategic product/application security roadmap that is based on industry standard software security frameworks. You will plan, implement and track key initiatives focused on product / application security strategy, metrics, compliance, policy, developer awareness, training and stakeholder engagement. You will work closely with multiple teams that make up Information Security, Product Management, Engineering, Legal, Risk and Compliance to improve product / application security controls and drive impactful change to the team and its members. Responsibilities: Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. Lead a team of high performing individuals who create remediation plans, perform security reviews, and recommend security solutions to meet current and future needs for HMH products and applications. Drive the development and implementation of product and application standard security review processes that result in effective methods for reducing security risks before product releases. Demonstrate an ability to influence all project and portfolio stakeholders; communicate relevant security information to both executive leaders and individual contributors in an effective manner. Accountable for all aspects of staff management, hiring, coaching, training, performance reviews and recommending pay actions and promotions for the Security Engineering team Provide input into the Information Security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite of HMH. Collaborate closely with the Architecture teams Demonstrated experience handling the demand/supply of project and program resources and tracking allocation. Track policy exceptions and remediation dates through active engagement with development teams and operations teams. Partner with Audit teams to periodically audit controls and secure coding practices being followed by development teams. Staying abreast of latest cyber security threats both internal and external Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support Drive operational efficiency and excellence leveraging tools, process and automation with appropriate and transparency visibility and metrics that can meet SLAs/SLOs Support and implement controls and visibility to meet third party attestations (SOC2, ISO27001, GDPR, SOX) Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise What you should have: 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP and WAF. 5+ years of application engineering, architecture or development management experience Proficient analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information, translating security risk to business risk to driving actionable decisions across multiple levels and departments Experience in leading application security remediation work, leading the mitigation initiative to accommodate the developer community priority. Proficient experience with common web application attack vectors and related mitigation strategies that translate to controls within the organization You are highly organized. With many people doing many things in a fast-moving company, strong organizational skillsboth for yourself and for the teamwill be required