1040 Sast Jobs - Page 3

You will be joining Zscaler as a Manager, App Security within the Cyber and Data Security team. In this role, you will report to the VP, Cyber Risk & Governance and be responsible for the following key responsibilities: - Building and leading a high-performing application security team, setting priorities, and providing oversight for SAST, SCA, secrets scanning, and IaC scanning initiatives - Designing, implementing, and managing application security tools and processes to ensure code security throughout the development lifecycle - Partnering with software engineering and DevOps teams to integrate security into CI/CD pipelines and optimize developer workflows - Providing detailed risk assess...

As an ICE IS Application Security Analyst, your role involves ensuring that ICE produces and maintains secure applications. You will influence secure design, perform code analysis, identify vulnerabilities through hands-on penetration testing, assist developers in remediation efforts, and communicate findings to developers, QA teams, and management. **Key Responsibilities:** - **Application Identification and Review:** Operate the Application Development Security Lifecycle from design review through automated and hands-on testing. - **Standards and Policies:** Maintain and contribute to Application Development Security Policies and standards by keeping up with industry trends and publication...

As an OpenShift Admin with Kubernetes, your role will involve the following responsibilities: - Performing administration and operations of overall Red Hat OpenShift solutions for customers, including developing solution designs, implementation plans, and documentation. - Demonstrating strong hands-on knowledge in Jenkins, OpenShift, Kubernetes, GitHub, and Nexus. - Experience and good knowledge of Jenkins GitHub Actions, with demonstrated skills in creating CI/CD pipelines. - Familiarity with Docker containerization and clustering, Kubernetes, Docker, Helm, OpenShift, and EKS, including knowledge of YAML to create Docker Files for different environments and resources. - Administering source...

As an SRE DevOps Architect at ValueLabs, you will play a critical role in architecting, implementing, and managing infrastructure in multi-cloud (AWS, GCP) and hybrid environments. Your responsibilities will include: - Deploying, managing, optimizing, and troubleshooting large-scale Kubernetes clusters in multi-cloud (AWS, GCP) and hybrid environments - Implementing GitOps workflows using ArgoCD for declarative Kubernetes deployments and continuous synchronization - Securing container runtime with pod security admission controls, network policies, and CIS benchmark enforcement - Implementing cluster autoscaling and resource management strategies with tools such as Karpenter Your skills in Cl...

Foxit is a global software company reshaping how the world interacts with documents. With over 700 million users worldwide, we deliver cutting-edge PDF, collaboration, and e-signature solutions across desktop, mobile, and cloud platforms. As we expand our SaaS and cloud-native capabilities, we are seeking a DevOps leader who thrives in distributed environments and can enable secure, scalable, and automated global operations. Role Overview: We're looking for a DevSecOps Engineer to automate and secure Foxit's multi-cloud infrastructure, enabling rapid, reliable, and compliant delivery of our applications worldwide. This role blends infrastructure automation, CI/CD optimization, cloud security...

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModellingAb...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Application Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various team...

•Security Engineer with a strong background in Java based Software Developer , Spring MVC, Spring Boot, Spring Security, including secure software development practices •5+ Years in development experience •Minimum 3+ years of experience in designing

this role, you need to go beyond traditional testing services to help our clients identify, remediate, and prevent vulnerabilities in the applications that power their business. You need to have a holistic approach to application security offers a balance of managed and professional services and products tailored to fit clients specific needs. As a security professional you should have the ability to provide remediation guidance, program design services, and training that empower build and maintain secure applications. Responsibilities: Ability to collaborate with project team members, take direction from the project lead and execute tasks consistently Can Conduct Source Code Analysis Cam Co...

As a C#.NET Developer, you will collaborate closely with engineering teams and the Information Security group to ensure that client applications are developed with a strong focus on security. Your deep understanding of the OWASP Top 10 project and best practices for preventing vulnerabilities across various tech stacks will be crucial for success. You will play a key role in overseeing Static Application Security Testing (SAST) during the development lifecycle, ensuring proper remediation of reported vulnerabilities, and providing training to developers on vulnerability remediation. Implementing OWASP Application Security Verification Standards (ASVS) will also be part of your responsibiliti...

As an Application Security Specialist, you will play a crucial role in ensuring the security of applications by conducting SSDLC security assessments, integrating security throughout the software development lifecycle, and ensuring applications meet the highest security standards before deployment. Key Responsibilities: - Conduct internal and third-party SSDLC risk assessments on critical assets and processes - Coordinate with project teams to enforce security frameworks in all phases of the SSDLC - Prepare security effectiveness reports for management - Perform SSDLC assessments aligning with security practices - Ensure new applications undergo SSDLC assessments before induction into data c...

About the Role: As a Deputy Manager in our Financial Crime Compliance Team, youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Work youll do: As a Deputy Manager in our Forensic & Disputes team you’ll have experience in web/mobile apps, APIs, WAF, and container platforms (e.g., OpenShift OCP). Perform vulnerability assessments, SAST/DAST testing, and penetration tests using various tools In order be considered for the role, you must clearly be able to demonstrate the following but not limited to: Conduct offensive security testing across web/mobile apps, APIs, WAF, and container platforms (e.g., OpenShift OCP). Pe...

About Fam (previously FamPay) Fam is India's first payments app for everyone above 11. FamApp helps make online and offline payments through UPI and FamCard. We are on a mission to raise a new, financially aware generation, and drive 250 million+ youngest users in India to kickstart their financial journey super early in their life. About the Role We are looking for a Security Enthusiast who thinks like a hacker but works for the good guys. You shouldn't just find bugs you should be obsessed with understanding they exist and to fix them for good. As an Application Security Engineer Intern , you will be the first line of defense for the Fam. You will break things before the bad guys do, autom...

We're looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you're a high performer who's an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together. As Staff Application Security Engineer, you will play a pivotal role in the integration of security into our Software Development Lifecycle. This is a critical role within the Information Security organization to safe...

The Senior IT Cybersecurity Engineer is responsible for the technical design of IT cybersecurity architectural guidelines and standards, as well as the secure implementation of IT digital technologies across platforms and product lines in Chevron. The primary responsibility is to assure IT solutions are secure by design, and continuously improving our defenses as threats and technologies change. The expectation for this role is 5-10 years of relevant experience. Key Responsibilities Responsibilities include but are not limited to: Enable digital transformation by ensuring secure-by-design principles are incorporated in the IT digital capabilities across the enterprise. Establish cybersecurit...

Company Overview Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign's Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM). What you'll do As a core me...

About The Role Grade Level (for internal use): 12 Job Title: Associate Director, Lead Application Security We are seeking an Associate Director, Lead Application Security with 10+ years of deep technical experience to own and elevate application security across a high-velocity, AI-first organization. You will be the authoritative voice and technical leader for all things application security bridging strategy with hands-on execution, partnering deeply with Engineering, Product, Platform, and Data Science teams to embed secure-by-design principles into every layer of our products without compromising speed or innovation. This is a player-coach role: you will set the vision, drive the strategy...

Dear Professional, We are excited to present a unique opportunity at Cognizant, a leading IT firm renowned for fostering growth and innovation. We are seeking talented professionals with 6 to 8 years of experience in Azure DevOps,CI/CD Pipelines,GitOps,SECOPS, AKS,Azure Resource Deployment,Repositories Security,Pipelines Security, Azure Container Registry,Azure Defender,Azure Monitoring & Alerts,Azure Policy,Quality Gates,SAST ,SCA , DAST ,Container Security,Security Scanning Tools,SonarQube,Burp Suite,IAM ,CASB, to join our dynamic team. Your expertise in these areas is highly sought after, and we believe your contributions will be instrumental in driving our projects to new heights. We off...

Key Responsibilities Implement and maintain SAST and SCA tools within the CI/CD pipeline for continuous code scanning Analyze scan results, validate and triage false positives, and ensure accuracy of reported vulnerabilities Collaborate with development teams to guide and support remediation of securityvulnerabilities Work with DevOps teams to automate security checks and streamline secure build and deployment processes Perform tool integrations (Snyk, SonarQube, Checkmarx, or similar) to improve visibility of the organizations security posture Provide technical guidance and training to developers on secure coding practices Participate in threat modeling, secure design discussions, and appli...

Role & responsibilities: As a technical leader, drive the future strategy for threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps, and application security. Conduct both manual and automated internal and external vulnerability assessments across IT, cloud, and OT environments. Perform security control and vulnerability assessments specifically within OT environments. Execute Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for...

AZURE Devops JD Position Overview: We are looking for an experienced DevOps Candidate who specializes in Azure DevOps CI/CD Pipeline and possesses knowledge of Azure data services such as Azure Data Factory (ADF), Azure Data Lake (ADL), and Azure Databricks (ADB). The ideal candidate will have a proven track record of designing, implementing, and managing CI/CD pipelines for different technologies like java .NET applications. In this role, you will play a key role in optimizing our development and deployment processes, ensuring scalability, reliability, and performance of our Azure-based platforms. Key Responsibilities: Design, implement, and manage CI/CD pipelines using Azure DevOps. Experi...

About the Role: 12 Job Title: Associate Director, Lead Application Security We are seeking an Associate Director, Lead Application Security with 10+ years of deep technical experience to own and elevate application security across a high-velocity, AI-first organization. You will be the authoritative voice and technical leader for all things application security - bridging strategy with hands-on execution, partnering deeply with Engineering, Product, Platform, and Data Science teams to embed secure-by-design principles into every layer of our products without compromising speed or innovation. This is a player-coach role: you will set the vision, drive the strategy, build and lead a lean team ...

Job Purpose Information security team member (with skip level reporting to CISO) who is proficient in maintaining & managing Source Code Security and SBoM (Software Bill of Material). Information Security tool management & governance. Understanding of regulatory requirements. Driving information Security projects & Monitoring Key Risk Indicators (KRIs) for Software Security. Duties and Responsibilities Minimum required Accountabilities for this role 1. Secure Code Review and Vulnerability Remediation Perform and drive regular secure code reviews for web, Android, and iOS applications to proactively identify security weaknesses. Provide actionable remediation guidance and ensure timely tracki...

Location : Hyderabad Experience : 5 to 8years Drive : Face to Face - Hyderabad Job Description: CheckMarx, Zafran, threat Modeler

You will be joining our internal security group as an Information Security Engineer (Consultant) at thoughtworks. Your primary focus will be on building secure products and embedding security practices within fast-paced delivery teams. As an Information Security Engineer, you will have the opportunity to shape secure engineering practices across the organization. **Key Responsibilities:** - Act as a Security Advisor for delivery teams throughout the Software Development Life Cycle (SDLC) - Drive Threat Modeling and conduct architectural security reviews - Ensure a strong Cloud Security posture with a preference for GCP - Integrate DevSecOps practices including SAST, DAST, and automation - Co...