751 Sast Jobs - Page 21

Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE's as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. Primary / Mandatory skills: Overall 8+ years of IT experience 7+ years of application security Experience 5+ years of Application Security testing Experi...

Bachelor's degree required. Deep familiarity with the OWASP Top 10 and other security concerns for web applications Deep Understanding of OWASP Application Security Verification Standards (ASVS) Deep understanding of SAST, DAST, SCA Scanning practices Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools. Understanding of SAST, DAST tools and dependency scanning tools Experience working/integrating with secret management systems. Advanced knowledge of front-end and back-end web application development in at least one techn...

As a Head of Quality Assurance at Commcise located in Bangalore, you will play a crucial role in managing testing activities to ensure the best user product experience. With 13-15 years of relevant experience, you will need to have an Engineering or IT Degree. Your strong expertise in software testing concepts and methodologies, along with excellent communication skills and technical aptitude, especially in automation, will be essential for this role. Your responsibilities will include having a deep understanding of capital markets, trading platforms, wealth management, and regulatory frameworks such as MiFID, SEC, SEBI, FCA. Experience with financial instruments and post-trade processes wil...

The role of an Application (software) Security Engineer is an entry-level, hands-on, engineering-focused position with the responsibility of fostering a Secure SDLC and secure by design approach and practice across all software engineering teams. You must possess a good combination of problem-solving and communication skills to effectively support the Application Security, InfoSec, and Software engineering teams. Your main responsibilities will include configuring and fine-tuning Application Security tests and vulnerability scans, integrating security testing into CI/CD pipelines, and collaborating with Senior Application Security engineers on Penetration tests set up and validation. Additio...

You are seeking a skilled SDET with a solid background in automation testing and proficiency in application security tools such as SAST and DAST. The ideal candidate will possess hands-on experience with Azure DevOps (ADO), Azure Load Testing, as well as familiarity with Selenium and JMeter. Your responsibilities will include developing and managing automated test scripts utilizing Selenium, integrating SAST and DAST tools into CI/CD workflows, and engaging with Azure DevOps pipelines for performance testing using Azure Load Testing and JMeter. Furthermore, you will collaborate with diverse teams to ensure the delivery of high-quality and secure applications, while also analyzing and resolvi...

The DevSecOps Security engineer will be responsible for enabling security testing services throughout the lifecycle of an application with the required processes and technologies. This includes cultivating a mindset of "secure by design" within the developer community, supporting driving automation via the application's CI/CD Pipeline, and supporting vulnerability remediation. The ideal candidate should have experience in Security testing activities such as SAST, DAST, Container Image scanning, and associated tools. A deep understanding of modern web application architectures including Microservices, SPAs, and APIs is essential. Experience with writing automation scripts, DevOps platforms li...

As a Security Delivery Associate Manager at Accenture, you will be part of the Technology for Operations team, serving as a trusted advisor and partner to Accenture Operations. Your role will involve providing innovative and secure technologies to assist clients in building an intelligent operating model that drives exceptional results. Collaborating closely with the sales, offering, and delivery teams, you will identify and develop innovative solutions to meet client needs. Your responsibilities will include establishing and maintaining a security governance framework, supporting management structures and processes to ensure information security strategies align with business objectives and...

Role & responsibilities Perform vulnerability assessments using tools like SAST, DAST, SCA, and manual techniques. Should have hands-on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Check marx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux, etc. Conduct technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them. Manage and improve application security tools (e.g., Check marx, Veracode, Fortify, Burp Suite, OWASP ZAP). Participate in incident response and forensics in the event of a security breach involving application layer c...

Dear Candidate, We are hiring a Security Engineer to design and implement security measures that protect IT systems, data, and networks against threats and breaches. Key Responsibilities: Design and deploy security solutions such as firewalls, IDS/IPS, and endpoint protection. Conduct vulnerability assessments, penetration tests, and threat modeling. Monitor systems for security incidents and respond promptly. Ensure compliance with security standards (ISO 27001, NIST, etc.). Collaborate with DevOps and IT teams to embed security best practices. Required Skills & Qualifications: Proficiency in security tools (Nessus, Metasploit, Splunk, Wireshark). Strong understanding of network and applica...

Key Responsibilities 1. To be responsible for providing technical guidance to a team of developers, enhancing their technical capabilities and increasing productivity. 2. To conduct comprehensive code reviews, establish and oversee quality assurance processes, performance optimization , implementation of best practices and coding standards to ensure succeful delivery of complex projects. 3. To ensure process compliance in the assigned module| and participate in technical discussions/review as a technical consultant for feasibility study (technical alternatives, best packages, supporting architecture best practices, technical risks, breakdown into components, estimations). 4. To collaborate w...

You are a skilled Lead GitLab Engineer responsible for managing and optimizing CI/CD pipelines, repository management, and DevOps workflows. Your deep expertise in using GitLab end-to-end will be crucial for this role. This position is based in Hyderabad. Your main responsibilities will include designing, developing, and maintaining automated build, test, and deployment pipelines in GitLab for all product lines and environments. You will collaborate with development teams to ensure successful deployments and implement and maintain the Git source control system. Developing and maintaining infrastructure as code, implementing Azure monitoring and alerting systems, and creating SOPs, security p...

Conduct and participate in the regular governance calls with different stakeholders to enhance the public cloud security operations Management of security validations and exceptions raised on the public cloud infrastructure Drive the process implementation, enhancements and improvements on the Conduct regular governance with vulnerability and SOC teams to enhance the detection security posture on cloud Conduct risk assessments and security evaluations of public cloud applications/infrastructure in line with SGs framework/standards/guidelines Drive the pentest governance strategy, roll-out and remediations within its public cloud scope Drive the cloud native services non-compliance alert esca...

The Job in short No day at Backbase is the same, and even more so for our security engineers. We all know that security and banking need to go hand in hand and with hackers and tech evolving by the day, youll need to stay on your toes and ahead of the game. Your core responsibility is to ensure the delivery of secure software. You are the go-to person for security, internally as well as for our clients. Leveraging your technical expertise and leadership, you drive the secure SDLC with its tools and processes. You ensure application security requirements are part of product development. You have expert understanding of application security and application security vulnerabilities and provide ...

We are hiring for Senior Security Engineer- Navi Mumbai Location (Belapur) for one of our project. Interested candidate can share resume to ankita.patari@happiestminds.com Experience: 4.8 to 8 Years Location: Navi Mumbai Location (Belapur) Office Timings: Monday to Friday (First Saturday and Third Saturday working) Looking for max 15 Days Joiners only Immediate Joiners please mentioned in Subject Line(Immediate Joiner_AppSec) General Shift Exp Range-2-4 Years Primary Skills : Web App, API, Mobile App ,API Responsibility: API functional testing, Mobile functional testing ,API integration Thanks and Regards, Ankita Ghosh

Greetings, Hope you are doing well. We have an Opportunity for QA - Security Testing with our Reputed MNC company. So If you interested so kindly revert with your updated cv & below required details Experience- 3- 8 yrs Mode- Hybrid Location - Pune

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software...

Design, implement, and manage application security controls, leveraging security recommendations. Requirement of Web Application Security, Mobile Application Security and Api Having deep Knowledge Application Security

Dear Candidate, We are seeking a skilled DevOps Engineer to join our team. The ideal candidate will be responsible for streamlining the software development and deployment process, automating workflows, and ensuring that our systems are scalable, secure, and reliable. You will collaborate closely with development, operations, and product teams to build and maintain infrastructure and ensure continuous integration and delivery. Role & Responsibilities: Automation & Scripting : Design and implement automated systems for deployment, monitoring, and infrastructure management using tools like Terraform , Ansible , or Chef . Continuous Integration/Continuous Deployment (CI/CD) : Develop and manage...

Job Responsibilities: Conduct manual exploitation penetration testing , identifying vulnerabilities across various application types. Perform DAST (Dynamic Application Security Testing) for Web, API, and Thick Client applications. Execute SAST (Static Application Security Testing) , including secure code analysis and Software Composition Analysis (SCA). Apply strong Java coding skills to understand, analyze, and potentially exploit vulnerabilities, as well as assist with secure code development. Utilize security testing tools such as Fortify, BurpSuite Pro, Postman, and SOAP UI effectively in testing efforts. Work with Linux environments for security testing tasks. Engage in DevSecOps practi...

As a C#.NET Developer, you will collaborate closely with engineering teams and the Information Security group to ensure that client applications are developed with a strong focus on security. Your deep understanding of the OWASP Top 10 project and best practices for preventing vulnerabilities across various tech stacks will be crucial for success. You will play a key role in overseeing Static Application Security Testing (SAST) during the development lifecycle, ensuring proper remediation of reported vulnerabilities, and providing training to developers on vulnerability remediation. Implementing OWASP Application Security Verification Standards (ASVS) will also be part of your responsibiliti...

Harness is a high-growth company that is disrupting the software delivery market. The mission at Harness is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely, and quickly. This not only increases customers" pace of innovation but also improves the developer experience. Harness offers solutions for every step of the software delivery lifecycle, including building, testing, securing, deploying, and managing reliability, feature flags, and cloud costs. The Harness Software Delivery Platform encompasses modules for CI, CD, Cloud Cost Management, Feature Flags, Service Reliability Management, Security Testing Orchestration, Ch...

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. The opportunity EY is looking for a Manager Technology Consulting/Software Architect. We are looking for a seasoned Software Architect with over 10+ years of hands-on experience in Full stack Application development, DevOps Platform tooling, and database development. The ideal candidate thrives in dynamic environments with aggressive project...

Job Tittle - Security Test Engineer Job Type: Full-time EXP 4+ Years Location - Gurgaon Role & responsibilities Responsibilities: Perform Security Assessments: Conduct various types of security testing, including: Penetration Testing: Perform black-box, gray-box, and white-box penetration testing on web applications, APIs, mobile applications (iOS/Android), and network infrastructure. Vulnerability Assessments: Utilize automated and manual techniques to identify security weaknesses. Static Application Security Testing (SAST): Analyze source code to identify potential vulnerabilities. Dynamic Application Security Testing (DAST): Test applications in a running state to find vulnerabilities. In...

Overview Skills :- Product Security, Devops, SCA, SAAS Platforms, SecDevops, SAST Location :- Hyderabad Shift Timing :- 2.00 pm -11.00 pm (IST) About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar produc...

At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether its medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable. Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity. We are seeking an experienced DevSecOps Engineer with a strong background in cloud security, infrastructure management, and secure software development. The ideal candidate will have extensive hands-on expertise across major cloud platforms, containerization technologies, and security frameworks. You will be r...