744 Sast Jobs - Page 17

As an Azure Dev Sec Ops professional, you will be responsible for integrating security controls into the CI/CD pipelines to ensure automated, continuous security in application deployments. Your main tasks will involve collaborating with DevOps teams to create automated security checks using tools such as Bicep, Terraform, and Ansible. You will also be required to monitor and maintain infrastructure-as-code (IaC) security standards using Bicep and Terraform for both cloud platforms. Furthermore, your role will involve managing and maintaining infrastructure security and monitoring systems, developing and maintaining CI/CD pipelines across multiple environments, and implementing and managing ...

You are a skilled Senior Cybersecurity Engineer with a strong background in embedded systems and Linux-based environments. Your primary responsibility will be to lead the design, development, and maintenance of secure software solutions, focusing on automotive and embedded security. Your key responsibilities include designing, developing, and maintaining secure software solutions for Linux-based embedded and automotive systems. You will implement and manage security controls such as Secure Boot, secure unlock, secure reprogramming, and message authentication. Additionally, you will configure and manage AppArmor profiles to enforce security policies and reduce risks in Linux environments. You...

At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the world's most innovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as they provide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days are the same. Your Role Perform static application security testing on source code using Fortify. Perform software composition analysis using Sonatype IQ Assist with scan onboarding and troubleshooting Integr...

As a DevOps Engineer, you will be responsible for managing and maintaining cloud infrastructure, with a preference for AWS/Azure, which includes tasks such as networking (VPC, VPN, NAT, routing). Your role will involve administering and monitoring Kubernetes clusters like EKS/AKS to ensure high availability and security. You will implement infrastructure automation using tools like Terraform or equivalent Infrastructure as Code (IAC) tools. Additionally, configuring and managing system observability tools such as Prometheus, Grafana, Node Exporter, and Kafka Exporter will be part of your responsibilities. Integrating security and quality gates into CI/CD workflows, including Static Applicati...

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or you can apply in below post Mandatory roles: Perform Internal and External Red Teaming. Report Preparation with proof of concepts. Provide recommendations to remediate the findings. Excellent communication skill is important. Additional skills: Cyber Security Assessment & Consulting,Cyber Threat Hunting,Manual Penetratio...

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Responsibilities Direct Responsibilities Direct Responsibilities - To perform Penetration testing (Gray Box and/or Black Box) for Web applications; Thick Client, API, and mobile applications. - To understand the applications security requirements and identify & document the scope of the test - Ensure execution of the documented security scenarios for the application under test. - Document and report all findings - Collaborate with the developers to help them understand the vulnerabilities reported in application - Escalate issue...

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other...

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModellingAb...

Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. The ability to be a team player, Strong communication collaboration Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Application Securit...

T o ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in penetration testing, SAST, DAST, VAPT, Threat Modelling , OWASP. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience produc...

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Sum...

Responsibilities: Application Security Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to design secure software systems, resolve vulnerabilities and issues, and implement robust security measures. Additional responsibilities include security audits and penetration testing as required. Technical Skills: Proficient in multiple programming languages. Advanced understanding of the intricacies and potential security flaws inherent in different languages. Working experience in languages like Java, JavaScript, C++, Python, and Ruby. Experience in API development/testing and API security Established experience with Agile (including Sc...

Technical Skills, Experince & Qualification Required :- 5-8 yrs of Experience into Pentest, Pen tester / Pen testing Manual Pentesting of web application, infrastructure, mobile app Extensive knowledge in the areas of information system security Coding ability (at the very least Python) Recognized credential on a hacking platform: training (HTB, root-me, etc.) or bug bounty (synack, hackerone, etc.) Experience in relevant tools : Burp Suite or equivalent, network discovery, vulnerability scanner, OSINT, exploitation and post-exploitation on web app, OS, infra and mobile application, payload customization, virtualization. Deep knowledge in manual web application penetration testing and payloa...

Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best...

We are looking for a highly skilled and motivated Product & Solution Security Professiona l to join our team with 7 to 10 years of experience in cybersecurity, with a focus on application security and Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record with proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key collaborators and supporting security activities within software products The ideal candidate will be responsible for defining secure design principles and supporting multi-functional teams to ensure secure architecture, implementation, and testing of products and solutio...

Essential Services : Role & Location fungibility In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a DevSecOps Manager, you will be responsible for implementation of security tools in DevOps CI/CD (Continuous Integration/ Continuous Delivery) pipeline and publish security standards and best practices for developer team. You will be responsible for integ...

At least 7 year of experience as a penetration tester Proven abilities to approach a black box and white box testing. Proven hands on experience in manual pen testing as major part of work profile Hands-on experience with vulnerability scanners (static and/or dynamic) and frameworks, including but not limited to Burp Suite, Checkmark, OWASP ZAP, Burp, Nmap, Nessus, Metasploit Framework Good hands on experience with API penetration testing of Rest/SOAP based interfaces Perfect knowledge of OWASP methodology and web vulnerabilities – you can easily explain and show how it works Python or any other scripting language. Comfortable using and working linux/unix environments Desirable skills to hav...

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Sum...

Job Description for a Presales Engineer specializing in Application Security and Vulnerability Scanning/Testing Tools: Job Title: Presales Engineer Application Security & Vulnerability Management Location: Mumbai Job Type: Full-Time Role Summary As a Presales Engineer focused on Application Security and Vulnerability Testing tools, you will play a pivotal role in driving technical sales engagements. You will work closely with sales teams to understand customer requirements, demonstrate product capabilities, and design solutions that address security challenges across web, mobile, and cloud environments. Key Responsibilities Collaborate with sales teams to understand client needs and propose ...

Candidate should have experience in GCP from Cloud security(Pure GCP profiles not required). Use below info identifying correct profiles GCP Security Specialist: Skills: AppSec (SAST, DAST), Network Security, GPC Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like: Native GCP security services, Burp Suite, CheckMarx, Vracode, fortify, Qualys. Certification: Google cloud "Professional Cloud Security Engineer" + -MANDATORY 1.GCP Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to GCP Provide technical oversight and assistance for the execution of application and...

Candidate should have experience in GCP from Cloud security(Pure GCP profiles not required). Use below info identifying correct profiles GCP Security Specialist: Skills: AppSec (SAST, DAST), Network Security, GPC Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like: Native GCP security services, Burp Suite, CheckMarx, Vracode, fortify, Qualys. Certification: Google cloud "Professional Cloud Security Engineer" + -MANDATORY 1.GCP Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to GCP Provide technical oversight and assistance for the execution of application and...

Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best...

Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best...

Required Skills & Experience: * 7- 9 years of overall IT experience with minimum 3+ years in DevSecOps/Security engineering. * Strong knowledge of CI/CD tools: Jenkins, GitHub Actions, GitLab CI, Azure DevOps. * Hands-on with security tools: SonarQube, Checkmarx, Fortify, OWASP ZAP, Aqua, Prisma Cloud, Snyk, etc. * Expertise in cloud platforms: AWS, Azure, or GCP (with security focus). * Experience in containerization & orchestration security: Docker, Kubernetes. * Strong scripting knowledge: Python, Bash, Shell, Groovy, or PowerShell. * Proficient in infrastructure as code (IaC) and securing IaC templates. * Experience with SIEM and monitoring tools: Splunk, ELK, CloudWatch, Datadog. * Unde...

Key Responsibilities 1. To architect| design and develop (through Team) solution for product/project & sustenance delivery 2. To support as an SME 3. To ensure knowledge up-gradation and work with new technologies so that the solution is current and meets quality standards and the client requirements 4. To train and develop team so as to ensure that there is an adequate supply of trained manpower in the said technology and deliver risks are mitigated 5. To gather specifications and deliver solutions to the client organization based on understanding of a domain or technology 6. To review project deliverables. 7. To recommend client value creation initiatives and implement industry best practi...