239 Sast Jobs - Page 4

Dear Candidate, Greetings!! We are currently hiring for the Listing role, and the Job Description is provided below for your reference Processing and giving approval for preferential issue/Rights Issue/ Bonus/FCCBs/QIPs/Voluntary Delisting filed by listed entities while ensuring the following: Ensuring Compliance with SEBI Regulations and Exchange Checklist and guidelines Studying Valuation report in case same is applicable Meeting timelines specified by SEBI Regulations and Exchange Guidance Note Updating Exchange database post giving listing approval for shares etc. Responding to SEBI queries and providing Examination reports to SEBI Timely providing data to SEBI Preparing and presenting internal MIS Study existing systems and take initiatives for development including automation Leading Teams of different verticals. Preferred Skills: Working Experience in SEBI (ICDR) Regulations, SEBI (LODR) Regulations, SEBI (SAST) Regulations, SEBI(Delisting) Regulations, SEBI Master Circular on Schemes, Process for Preferential issue, Schemes, Stock Exchange Compliances, Study of Valuation Report.

Job Description: We are hiring a talented Software Engineer with deep expertise in static code analysis and SAST tools like Coverity for one of our prestigious clients. If you're enthusiastic about code quality, automation, and secure development practices, this is a fantastic opportunity to work on cutting-edge tech stacks. Responsibilities: Manage and integrate SAST tools (Coverity) into CI/CD pipelines. Analyze and interpret Coverity/Blackduck scan reports and defect types. Review and triage violations, offer remediation advice. Automate report generation and filtering using Python, Shell, or Groovy. Tune Coverity checkers, component mapping, suppression rules. Collaborate with dev teams to resolve issues and improve code quality. Optional: Deliver training on Coverity and SAST best practices. Required Skills: Proven experience with Coverity or similar tools (SonarQube, Helix QAC). Strong scripting skills: Python, Shell/Bash. Familiarity with CI/CD tools like Jenkins, Bitbucket. Solid understanding of Git workflows and SDLC. Proficient in reading/debugging C, C++ code (Embedded domain experience is a plus). Good communication and collaboration skills. Budget: As per market standards (Based on experience) Notice Period: Immediate to 30 days preferred

Job Tittle - Security Test Engineer Job Type: Full-time EXP 5+ Years Location - Gurgaon Roles & Responsibilities: Perform Security Assessments: Conduct various types of security testing, including: 1. Penetration Testing : Perform black-box, gray-box, and white-box penetration testing on web applications, APIs, mobile applications (iOS/Android), and network infrastructure. 2. Vulnerability Assessments : Utilize automated and manual techniques to identify security weaknesses. 3. Static Application Security Testing (SAST) : Analyze source code to identify potential vulnerabilities. 4. Dynamic Application Security Testing (DAST) : Test applications in a running state and vulnerabilities. 5. Interactive Application Security Testing (IAST) : Combine elements of SAST and DAST for comprehensive testing. 6. Configuration Reviews : Assess the security posture of various systems and applications. 7. Threat Modeling: Participate in threat modeling sessions to identify potential attack vectors and vulnerabilities early in the development lifecycle. 8. Vulnerability Management: Document identified vulnerabilities clearly and concisely, including steps to reproduce, impact, and severity. Communicate findings to development teams and stakeholders effectively. Track and manage vulnerabilities through their lifecycle, from discovery to remediation and retesting. Provide guidance and recommendations to development teams on remediation strategies. 9. Security Tooling & Automation : - Utilize and configure security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus, Acunetix, Fortify, Checkmarx, Metasploit). - Develop and implement automated security tests and scripts to improve efficiency. - Stay up-to-date with the latest security testing tools, techniques, and best practices. 10. Collaboration & Communication: - Collaborate closely with development, DevOps, QA, and product teams to integrate security into the SDLC (Secure SDLC). - Educate and mentor developers on secure coding practices and common vulnerabilities. - Participate in security code reviews. - Present security findings and recommendations to technical and non-technical audiences. 11. Research & Development: - Stay informed about emerging security threats, attack vectors, and industry trends. - Contribute to the improvement of security testing methodologies and processes. Participate in security community activities, conferences, and training. Required Skills & Qualifications : - Education : Bachelor's degree in computer science, Information Security, or a related field (or equivalent practical experience). - Experience : Mid-Level: 3-6 years of experience in security testing, penetration testing, or application security. Senior Level: 6+ years of experience in security testing, leading penetration testing engagements and architecting secure solutions. Technical Skills : - Strong understanding of web application security vulnerabilities (e.g., OWASP Top 10, SANS Top 25). o Proficiency with security testing tools (e.g., Burp Suite, OWASP ZAP, Nmap, Metasploit). - Experience with various operating systems (Linux, Windows). - Familiarity with scripting languages (e.g., Python, Ruby, PowerShell, Bash). Understanding of network protocols, firewalls, and intrusion detection/prevention systems. - Knowledge of secure coding principles and common programming languages (e.g., Java, Python, C#, JavaScript, Node.js). - Experience with cloud security (AWS, Azure, GCP) is a strong plus. Familiarity with CI/CD pipelines and integrating security into automated workflows. Soft Skills : - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences. - Ability to work independently and as part of a team. - High attention to detail and a methodical approach to testing. - Curiosity and a strong desire to learn and stay current with security trends. Desired Certifications (Plus, but not required): OSCP OSWE CEH (Certified Ethical Hacker) CompTIA Security+ SANS certifications (e.g., GWEB, GWAPT, GPEN) CSSLP (Certified Secure Software Lifecycle Professional)

Key Responsibilities: Approx 5 years experience as a Security Architect Bachelor s degree in information technology security or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP CISSP or similar Well versed in cloud security on a generic level as well as AWS Secondary Skills SAST and DAST Solid diplomatic and communication skills in English The candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of shift left for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment factory with a streamlined process for approaching assessments Preferred Skills: Technology->Enterprise Architecture->Data / Information Architecture

Skill required: Tech for Operations - Microsoft ASP.NET Designation: SW/App/Cloud Tech Support Sr Analyst Qualifications: Any Graduation Years of Experience: 5 to 8 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationA platform to create dynamic and interactive Web applications using server-side scripting technology. What are we looking for Job SpecificationOverall Skills to manage & work on SQL & .Net technologies while working in collaborative and high-performance team environment.ResponsibilitiesFull Stack .net, MS SQL, LinQ, SQL Stored procedures, SSRSDev experience around 5+ yearsexperience with DAST/SAST vulnerabilities, scans, APIs etc. QualificationsExpertise & understanding in Full stack technologies with 5+years experience.Analytical, problem-solving skills.Strong empathy in understanding client needs/requirements.Communication and presentation skills.Representative behavior, client-facing experience.Strong team player with drive. Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Job Role : DevOps Engineer Year Of Experience- 2–3 Years Location: Ghansoli Education: BE/ B.Tech Overview : Looking for a motivated and skilled DevSecOps Engineer with 2–3 years of hands-on experience in implementing DevSecOps practices, CI/CD pipelines, and integrating security into the development lifecycle. The ideal candidate will have working knowledge of Kubernetes (K8S), cloud platforms like GKE and AKS, and build/deployment automation tools including Azure DevOps and Jenkins. Experience with security scanning tools (SAST, DAST, Fortify, SonarQube) and scripting knowledge in Groovy, ANT, and JavaScript is essential. Job Role: • Design, implement, and maintain secure and scalable CI/CD pipelines. • Integrate security tools and processes into DevOps workflows (DevSecOps). • Automate infrastructure and deployments using Azure DevOps and Jenkins. • Deployment using On-Premises K8S clusters and Manage Kubernetes clusters - GKE and AKS. • Deployment using Windows based servers - IIS • Implement and maintain Static and Dynamic Application Security Testing (SAST/DAST) tools. • Integrate and configure Fortify, SonarQube, and other security tools into pipelines. • Write and maintain automation scripts using Groovy, ANT, and JavaScript. • Collaborate with development, QA, and security teams to ensure secure software delivery. • Conduct security assessments and remediations as part of the SDLC. Required Skills & Qualifications : • Bachelor degree in Engineering or Equivalent. • 2–3 years of hands-on experience in DevSecOps / DevOps. • Strong knowledge and hands-on experience with: - Azure DevOps Pipelines and Jenkins for CI/CD. - Security tools: Fortify, SonarQube, Blackduck, DAST/SAST tools (e.g., OWASP ZAP, Burp Suite, etc.). - Kubernetes (K8s) – with GKE and AKS. • Proficiency in scripting languages such as Groovy, ANT, and JavaScript. • Basic programming / scripting capabilities to automate security checks & workflows. • Understanding of application security principles and best practices. • Experience working in Agile and collaborative team environments. • Excellent troubleshooting, documentation, and communication skills.

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Bachelor's degree in Computer Science, Information Security, or a related field. 4+ years of experience in software development, with at least 3+ years specifically focused on application security or a security-centric development role. Strong proficiency in at least one major programming language Java J2EE preferred. In-depth understanding of web application security vulnerabilities and mitigation techniques. Experience with secure coding principles and practices. Familiarity with various security testing tools (SAST, DAST, SCA, penetration testing tools). Understanding of cryptographic principles and their appropriate application. Experience with cloud platforms (e.g., IBM Cloud, AWS, Azure, GCP) and cloud security best practices (e.g., IAM, network security, data encryption in cloud environments). Experience in a multi-tenant SaaS environment. Solid understanding of authentication and authorization mechanisms (e.g., OAuth, OpenID Connect, SAML, RBAC). Experience with Agile development methodologies. Excellent problem-solving skills and a proactive approach to identifying and addressing security risks. Required education Bachelor's Degree Required technical and professional expertise Bachelor's degree in Computer Science, Information Security, or a related field. 4+ years of experience in software development, with at least 3+ years specifically focused on application security or a security-centric development role. Strong proficiency in at least one major programming language Java J2EE preferred. In-depth understanding of web application security vulnerabilities and mitigation techniques. Experience with secure coding principles and practices. Familiarity with various security testing tools (SAST, DAST, SCA, penetration testing tools). Understanding of cryptographic principles and their appropriate application. Experience with cloud platforms (e.g., IBM Cloud, AWS, Azure, GCP) and cloud security best practices (e.g., IAM, network security, data encryption in cloud environments). Experience in a multi-tenant SaaS environment. Solid understanding of authentication and authorization mechanisms (e.g., OAuth, OpenID Connect, SAML, RBAC). Experience with Agile development methodologies. Excellent problem-solving skills and a proactive approach to identifying and addressing security risks. Preferred technical and professional experience Degree in Computer Science, , Engineering, or equivalent professional experience. An authority on Cloud Native Application architecture, Docker's and Microservices Working experience on Docker/Kubernetes, the DevOps, Micro services, RedHat OpenShift, Java J2EE Willing to lead and work on quick proof of concepts.

Work within the cybersecurity domain, focusing on automated security testing and enhancing the overall security posture Support the IKEA engineering community in building secure cloud infrastructure at scale Perform threat modeling and security risk assessments Ensure compliance with security standards such as GDPR, NIS2, ISO27000 Build and operate tools to monitor cloud environments and fix misconfigurations Provide expertise on infrastructure security and secure software development Use CI/CD practices to automate security testing tools such as SAST, SCA, IaC scanning, and container scanning Work in cloud-native environments, preferably on Google Cloud Platform or Azure Implement and secure REST APIs and manage API security Participate in security architecture and design reviews Collaborate with agile teams and contribute to continuous security improvement Engage in secure development practices across pipelines like GitHub Actions and Azure DevOps Leverage Kubernetes and infrastructure-as-code practices to support secure deployment Join the IKEA Cyber Security team with growth opportunities in skills and expertise

Your role Were hiring a Cybersecurity Architect to safeguard critical infrastructure! If you have expertise in Application Security,Cloud security , SAST,SCA, Cybersecurity compliance and threat modelling, apply now for Pan India locations . Join us in securing industrial environments Work within the Cyber security domain, focusing on the Automated security testing part of our services and improving overall security posture of products and systems for assigned business domain. You will be part of an agile team, constantly improving and automating the security posture of the cloud infrastructure. You will support the engineering community to build secure infrastructure at scale. You will perform threat modeling and security risk assessments. Understanding of security compliance requirements such as GDPR, NIS2, ISO27000. You will build and operate reliable tooling to increase the visibility of cloud environments and remediate security misconfigurations. You will be a valued member of the team, providing sound perspectives on infrastructure security as well as secure software development. You will be part of the Cyber Security organization, with a lot of room to grow and develop your skills, knowledge, and experience. Your profile Experience in cloud native environments and preferably Google Cloud Platform or Azure& Cyber security complaince Experience utilizing CI/CD practices to Automate security testing tools like SAST (Static Application Security Testing), SCA (Software Composition Analysis), IaC scanning or Container scanning tools in GitHub, Azure DevOps etc. Experience in working with REST APIs and API security. You have experience with threat modeling, security design reviews, and security architecture. Experience with CI/CD pipelines (preferably Github actions), Kubernetes and infrastructure-as-code is a plus.

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

Role & responsibilities Drive and implement security best practices throughout the entire Software Development Lifecycle (SDLC) for the D2C Portal, including requirements Perform security architecture reviews to identify and address potential vulnerabilities in system design Manage and prioritize findings from SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA Work closely with development teams to ensure timely remediation of identified vulnerabilities. Preferred candidate profile Mandatory: forensic analysis AWS WAF Akamai DataDog, ELK, and incident response platforms. Preferred Qualification Bachelor's degree in Computer Science, Information Security, or a related technical field.

Your Role Were hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of toolsBurp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Primary Skills : Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cybersecurity, Security Configuration Review, Source Code Review Job Description: 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API & Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms. Notice: Immediate to 15 days Location: ENBD Bangalore or ENBD Chennai or Dubai Location: Bangalore/Chennai/Dubai Experience: 4-6 Years Thanks & Regards, Ankita Ghosh

Dear Aspirant, Greetings from JTSi Technologies! We JTSi Technologies India Pvt Ltd, a US based IT Co in Kochi Infopark is urgently looking an Application Security Engineer for our operations in Kochi. The incumbent must be one with a strong understanding of application security principles and secure coding practices, common vulnerabilities and security testing methodologies. JTSi Technologies India Private Limited is a US based IT Co, with 20+ years into business. Our global offices are in Washington DC & New Jersey USA and our Indian HQ is in Bangalore. Details are as follows: Designation: Application Security Engineer (Consultant) Qualification: BE / B Tech / MCA Experience: Minimum 4 Years - 7 Years. Skillsets: Vulnerability Assessment, API, Code, Web & Cloud Security Remuneration: Salary ranges will be the best in the industry. Shift Time: Consultant / Part Time Freelancer Place of Posting: Infopark, Kochi. Roles and Responsibilities: Vulnerability Assessment - Identifying potential security weaknesses in applications through code reviews, penetration testing, and security assessments Designing and Implementing Security Architecture - Developing and integrating cybersecurity designs for systems and networks, ensuring they align with the organization's overall security strategy Secure Design and Development - Collaborating with developers to implement secure coding practices, secure architecture design, and secure development lifecycles (SDLC). API Security Design and Implementation - Design and implement secure API architectures by incorporating authentication, authorization (OAuth 2.0 JWT, etc.), and encryption mechanisms. Enforce API security best practices including rate limiting, input validation, logging, and auditing. Cloud and Container Security- Determine application security capability requirements and strategy (e. g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments) Able to assess cloud-native application architectures with a focus on security Security Testing - Conducting both static and dynamic security testing during and after application development to identify vulnerabilities Identity and Access Management - Implementing and managing systems for controlling access to data and applications, ensuring only authorized individuals can access sensitive information Incident Response - Responding to security incidents, investigating breaches, and implementing remediation steps Security Monitoring - Continuously monitoring applications for suspicious activity and potential security threats Security Tool Implementation - Utilizing and implementing security tools such as web application firewalls (WAFs) and other security technologies Skills and Qualifications: Strong understanding of application security principles, secure coding practices, common vulnerabilities (like XSS, SQL injection), and security testing methodologies Proficiency in one or more programming languages used in application development (e.g., Java, Angular, .Net, JavaScript). Familiarity with security tools like SAST, DAST, and WAFs Ability to analyse complex security issues and develop effective solutions Ability to clearly communicate security risks and recommendations to both technical and non-technical stakeholders Working effectively with developers, system administrators, and other security professionals. If you are interested or if any references kindly send us your recently updated resume to careers@jtsiindia.com and we will revert you with more details at the earliest. Thanks, and Regards, Recruitment Team JTSi Technologies India Private Limited Third Floor, Thapasya Building, Infopark, Kochi, Kerala - 682042. E Mail : careers@jtsiindia.com | Website : www.jtsiindia.com Contacts : 0484 4070368

Join us as a Application Security Consultant at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards You'll spearhead the evolution of our digital landscape, driving innovation and excellence You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences To be successful as a Application Security Consultant you should have experience with: Strong knowledge of CVEs, CWEs and their effect on the application In depth knowledge of various AppSec technologies such as SAST, DAST, SCA, IAST RASP etc Some development skills and hands on experience of one or more programming languages and framework Experience with writing scripts in scripting language like python, JavaScript Desirable Skillsets/ Good To Have Ability to demonstrate knowledge and enthusiasm for low-level technical topics including native development (any platform) Experience of languages inherent to modern, mobile development: Java+JNI, Objective C, Swift etc Familiarity with process of reverse engineering and associated low-level technologies such as assembly and tools Familiarity with concept of mobile code hardening i e controls and techniques for the goals of anti-tempering, obfuscation and environment monitoring Ability to reproduce vulnerabilities in lab environment Job Location: Pune Purpose of the role To support business areas with day-to-day processing, reviewing, reporting, trading and issue resolution Accountabilities Support various business areas with day-to-day initiatives including processing, reviewing, reporting, trading, and issue resolution Collaboration with teams across the bank to align and integrate operational processes Identification of areas for improvement and providing recommendations in operational processes Development and implementation of operational procedures and controls to mitigate risks and maintain operational efficiency Development of reports and presentations on operational performance and communicate findings to internal senior stakeholders Identification of industry trends and developments to implement best practice in banking operations Participation in projects and initiatives to improve operational efficiency and effectiveness Assistant Vice President Expectations Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda Take ownership for managing risk and strengthening controls in relation to the work done Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc) to solve problems creatively and effectively Communicate complex information 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience Influence or convince stakeholders to achieve outcomes All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship our moral compass, helping us do what we believe is right They will also be expected to demonstrate the Barclays Mindset to Empower, Challenge and Drive the operating manual for how we behave Back to nav Share job X(Opens in new tab or window) Facebook(Opens in new tab or window) LinkedIn(Opens in new tab or window)

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Role Summary Akrivia HCM is looking for an experienced Release Manager to own the end-to-end movement of code from merge to “available for users” across our web, mobile, and API platforms. You will coordinate cross-functional teams, enforce quality gates, automate delivery pipelines, and make sure every release lands predictably, safely, and with clear business impact. Key Responsibilities Plan & Schedule Publish rolling release calendar, freeze windows, and cut-off dates. Drive release scoping meetings with Product, Engineering, QA, Design, Security, and Customer Success. Gate & Qualify Verify CI/CD pipeline status, security scans, performance and accessibility test results. Chair go/no-go reviews and stop the line when critical gates fail. Deploy & Enable Orchestrate environment promotions (Dev QA Stage Prod) via GitOps/ArgoCD. Manage phased rollouts and feature-flag toggles; oversee App Store / Play Store submissions for mobile builds. Monitor & Recover Track live KPIs (latency, error rate, crash-free sessions) during and after releases; trigger rollback when required. Lead incident communication until service health is fully restored. Communicate Send timely status updates, go/no-go notifications, and customer-facing release notes. Keep a single “risk board” of blocking issues visible to all stakeholders. Improve & Automate Run post-release retrospectives, convert learnings into pipeline automation, templates, and checklists. Track and report KPIs: Planned vs Actual release dates, Change Failure Rate, MTTR, and Release Lead Time. Must-Have Qualifications Proven track record of managing at least 3+ years of releases for a high-traffic SaaS product or mobile + web ecosystem. Strong hands-on knowledge of CI/CD pipelines (GitHub Actions / GitLab CI / Jenkins), container orchestration (Kubernetes/EKS), and package promotion strategies. Familiarity with GitOps tools (ArgoCD or Flux) and Infrastructure-as-Code (Terraform/Helm). Experience coordinating App Store / Play Store submission cycles and phased rollouts. Deep understanding of release metrics: lead time, deployment frequency, change failure rate, MTTR. Excellent communication and stakeholder-management skills; can drive decisions with data under tight timelines. Good-to-Have Skills Exposure to AWS Well-Architected or other cloud cost / reliability audits. Knowledge of feature-flag platforms (LaunchDarkly, ConfigCat) and A/B testing rollouts. Working familiarity with SOC 2 / ISO 27001 controls and audit evidence requirements. Experience automating mobile build pipelines with Fastlane or Codemagic. Certification: AWS DevOps Engineer Pro / Certified Kubernetes Admin / PMI-ACP / SAFe.

Technical Skills, Experince & Qualification Required :- 4-6 yrs of Experience into Pentest, Pen tester / Pen testing Manual Pentesting of web application, infrastructure, mobile app Extensive knowledge in the areas of information system security Coding ability (at the very least Python) Recognized credential on a hacking platform: training (HTB, root-me, etc.) or bug bounty (synack, hackerone, etc.) Experience in relevant tools : Burp Suite or equivalent, network discovery, vulnerability scanner, OSINT, exploitation and post-exploitation on web app, OS, infra and mobile application, payload customization, virtualization. Deep knowledge in manual web application penetration testing and payload customization Expertise in at least one programming language Experience in working on Linux and Windows environment Cloud environment testing (AWS, Azure) Certifications Required : Offensive security : OSWE, OSCE, OSCP, OSWP, OSEE certification EC-Council certification (APT, LPT, not CEH) Government sponsored certification : CREST, PASSI PCI DSS certification ISO 27001 certification SANS or equivalent certification Immediate Joiners will be preferred

Role Description This is a full-time role for a VAPT, Red Team, Mobile Security professional . The role involves day-to-day tasks related to Cybersecurity, Physical Security, Network Security, Information Security, and Communication. Experience : 4 - 8 Yrs Job Location : Chennai (WFO) Qualifications Devsecops / SAST / DAST / Application Security / Scripting (Python/Shell) Azure/ AWS / GCP Security services & configuration management. Experience in Vulnerability Assessment & Penetration Testing in Network, Web, Mobile Applications, Kubernetes, Container security & APIs. Experience in one or more vulnerability scanning tool. Qualys VMDR, Rapid7 & Tenable is preferred. Implement, operate, and manage the vulnerability management program. Ensure scans are performed according to policies and scan frequencies. Excellent knowledge in Security Operations/Information Security Process, techniques, and technologies. Strong knowledge of container security, Devsecops Tools and Security controls. Working experience with configuration management. Must have prior experience/knowledge on Devsecops implementation (Application Security) and knowledge on Devsecops operation (SAST/DAST) Provide recommendations for continuous improvements in Security Operations & Process. Experience in Management and Metrics Reporting. Experience in defining standards for OS and/or applications. Able to demonstrate the identified vulnerability and provide the recommendation for remediation wherever required. Certifications like CEH, OSCP, GPEN or other information security or IT platform certifications. Experience in vulnerability assessment & penetration testing in Network, Web applications, Mobile applications & APIs. Strong understanding of OWASP/SANS Top 25 Concepts Hands-on experience on automated & manual application security testing tools like BurpSuite Professional, HCL AppScan Enterprise & Standard, Web Inspect, Postman, Nikto, ZAP, SQLmap, Nmap, Kali Linux, etc. Experience in developing Application Security policies, process, secure coding standards & guidelines. Good knowledge of secure software development standard, process, techniques, and tools. Experience in dealing with application security incidents & relevant communication. Demonstrated ability to clearly communicate complex ideas verbally and in writing. Excellent troubleshooting, problem solving, and analytical skills.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Cybersecurity Fundamentals Good to have skills : Python (Programming Language), Microsoft PowerShell, Security Operation AutomationMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Integration Engineer, you will provide consultative Business and System Integration services to assist clients in implementing effective solutions. Your typical day will involve engaging with clients to understand their needs, facilitating discussions to translate these needs into actionable business and technology solutions, and ensuring that the proposed solutions align with both business requirements and technological capabilities. You will also be responsible for driving transformation initiatives and enhancing the customer journey through functional and application designs, ensuring that all aspects of the integration process are seamless and effective. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to ensure alignment of business and technology solutions.- Analyze client requirements and provide tailored integration strategies to meet their needs.- Perform regular maintenance (patching, upgrades, configuration changes) of security solutions.- Build and implement on-premises and cloud-based security solutions using SaaS, IaaS, and orchestration tools.- Implement robust monitoring and logging solutions.- Report on security status, incidents, and improvements to management.- Develop and maintain APIs and microservices for automation workflows.- Stay abreast of cybersecurity trends, vulnerabilities, and attack vectors.- Proactively propose enhancements to security controls.- Provide exceptional support to internal and external users.- Conduct regular security assessments and vulnerability scans.- Promote security awareness through training and communication.- Collaborate closely with other departments to integrate security measures- Automate complex tasks and workflows across infrastructure management, data processing, application deployments, and IT operations.- Identify process improvement opportunities and implement optimizations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cybersecurity, SDLC, Python and PowerShell, including experience with automation scripts, frameworks and best practises .- Good To Have Skills: Experience with Python (Programming Language), Microsoft PowerShell, Security Operation Automation.- Strong understanding of network security protocols and practices.- Familiarity with risk assessment methodologies and compliance standards.- Experience in implementing security measures and monitoring systems for vulnerabilities.- Good understanding of SDLC in code development and analysis.- Knowledge in Cyber security tooling for SAST, DAST and SCA solutions- Knowledge in Container and Orchestration environment such as Docker, Kubernetes or Openshift is a plus- Knowledge of version control systems (e.g., Git) and CI/CD pipelines. Additional Information:- The candidate should have minimum 3+ years of experience in Cybersecurity and SDLC.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Educational Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key contributor to building efficient programs/ systems and if you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Security testing(3-5 years exp) - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMIndividual should be open to learn new technology as needed and should work independently. Strong in ST with key ST related skills with good in driving a team and must be able to do client interaction. Preferred Skills: Technology-Application Security-Application Risk Profiling Threat Modeling-Microsoft Threat Modelling Technology-Application Security-Penetration Testing (Black/White/Grey Box Testing) Technology-Application Security-Vulnerability Management Technology-Infrastructure Security-Cloud Security Technology-Mobile Testing-Mobile Security Testing Technology-Security Testing-Security Testing - ALL Technology-Application Security-DevSecOps

Educational Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key contributor to building efficient programs/ systems and if you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Security testing(5-8 years exp) - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMIndividual should be open to learn new technology as needed and should work independently. Strong in ST with key ST related skills with good in driving a team and must be able to do client interaction. Preferred Skills: Technology-Application Security-Application Risk Profiling Threat Modeling-Microsoft Threat Modelling Technology-Application Security-Application Security - ALL Technology-Application Security-Penetration Testing (Black/White/Grey Box Testing) Technology-Application Security-Vulnerability Management Technology-Infrastructure Security-Cloud Security Technology-Mobile Testing-Mobile Security Testing Technology-Security Testing-Security Testing - ALL Technology-Application Security-DevSecOps