1040 Sast Jobs - Page 8

Design, develop, and maintain secure and scalable cloud infrastructure platforms using the latest DevSecOps and Platform Engineering methodologies Create and implement best practices and processes for code quality, security, performance, and scalability using Sonarqube, Cycode, DAST, SAST & FOSSA Strong experience using GCP specific services like Compute Engine, CloudRun, GKE, Cloud operations suite, Service Mesh, Anthos, Pub/Sub, Dataflow, Cloud Scheduler, Bigtable, AlloyDB, Vertex AI, Big Query, Cloud SQL and other managed services. Google Cloud infrastructure provisioning including VPC, Subnet, Gateway, Security groups, managed services, Kubernetes Cluster etc. Expertise with automating I...

We are looking for an Sr Product Security Analyst, with a focus on Penetration testing and Python coding. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the Cyber Security Lab team. Roles and Responsibilities In this role, you will: Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment. Engage in application and domain-specific threat modeling and attack surface analysis/reduction Engage in incident response methods lead incident response processes related to product cybersecurity Create and track meaningful metrics around product ...

Were hiring a Application Security Test Engineer with 2-5 years of experience in Application Security , SAST , and SCA tools like Snyk, SonarQube, or Checkmarx. Integrate security into CI/CD, manage vulnerabilities, and support teams in secure coding.

Your key responsibilities Expertise In executing large scale application security programs Expertise in Shift left security concept and security in DevOps Understanding of agile software development principles and security practices Convey complex technical security concepts to technical and non-technical audiences including executives. Strong knowledge of software supply chain vulnerabilities and the ability to effectively communicate methodologies and techniques with development teams Provide technical leadership and advise to junior team members on application security engagements. Develop automated solutions that mitigate risks throughout the organization. Support policies and vulnerabil...

As a Vice President - Chief Cybersecurity Officer (CCO) at Barclays, you will play a crucial role in providing control advisory and governance on various aspects of cybersecurity such as Application Security, DevSecOps practices, Threat modeling controls, Secure coding, and API security. Your responsibilities will include ensuring proactive identification of security risks, timely remediation to reduce risk exposure, and developing and refreshing security policies and standards to address emerging risks and regulatory requirements. Key Responsibilities: - Provide control advisory and governance on Application Security, DevSecOps practices, Threat modeling controls, Secure coding, and API sec...

**Role Overview:** As a Hardware Penetration Tester on our Device Penetration Testing team at Cisco, you will proactively engage in technical and hands-on security assessments to strengthen the security of millions of Cisco devices. Your main responsibilities will include dissecting hardware, analyzing firmware, identifying critical vulnerabilities, and contributing to the security and trustworthiness of Cisco's product portfolio. **Key Responsibilities:** - Perform technical and hands-on security assessments by analyzing hardware components and interactions, including JTAG, UART, SPI, and I2C communication analysis. - Conduct in-depth analysis of firmware interactions with underlying hardwa...

As a Sr. Principal Security Engineer at HighRadius, you will play a crucial role in leading the offensive security efforts for our applications and platforms. Your responsibilities will include proactive threat emulation, vulnerability research, and full-scope red team operations. You will be responsible for identifying and exploiting complex vulnerabilities across our web applications, APIs, and cloud infrastructure, while also mentoring developers and integrating advanced security controls into the CI/CD pipeline. **Key Responsibilities:** - **Adversary Simulation & Red Team Operations:** Plan and execute sophisticated red team operations and adversary emulation exercises to test the resil...

Role Overview: You will be responsible for developing and leading a team of engineers to deliver complex backend solutions using Node.js, Nest.js, Next.js/React.js, and TypeScript. Your role will also involve ensuring a solid understanding of RESTful API architecture, performance tuning, and secure application design. Additionally, you will need to have experience with SQL/NoSQL databases such as MongoDB and MySQL, as well as familiarity with Cloud platforms like AWS/GCP/Azure. Key Responsibilities: - Develop and lead a team of engineers to deliver complex backend solutions - Utilize Node.js, Nest.js, Next.js/React.js, and TypeScript for development - Deep understanding of SQL/NoSQL database...

Role Overview: BMC Helix is seeking a motivated individual to join the Product Security Group in a senior technical position. As a penetration tester, you will play a crucial role in safeguarding the organization's digital assets by identifying and addressing security weaknesses through vulnerability assessments and penetration testing. Your expertise in application security best practices and continuous improvement in cybersecurity will be key to the success of the team. Key Responsibilities: - Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. - Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and ...

**Job Description:** We are seeking a passionate and skilled Engineer specializing in Application Security. The ideal candidate will have a solid foundational knowledge in security practices and possess hands-on experience with various security tools and methodologies. This role is essential in ensuring the security of our applications and protecting sensitive data. **Key Responsibilities:** - Conduct security assessments of web and mobile applications using SAST, DAST, and MAST methodologies. - Perform Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate security risks in applications. - Collaborate with development teams to integrate security practices into the ...

Job Title: Wealth Management Operational Security Engineer Cloud, Vulnerability, and Application Security Location: Chennai Experience: 5 to 8 Years Work Mode: Hybrid ***Note : Joiners: Immediate to 30 days preferred About the Role We are seeking a highly skilled Operational Security Engineer to support the APAC Wealth Management Security Office (CISO Delegation). This role focuses on safeguarding enterprise systems, applications, and cloud infrastructure through technical access control, vulnerability management, and compliance enforcement ensuring data confidentiality, integrity, and availability. Key Responsibilities 1. Threat & Vulnerability Management Lead vulnerability assessments usin...

Itron is innovating new ways for utilities and cities to manage energy and water. We create a more resourceful world to protect essential resources for today and tomorrow. Join us. Title : Information Security Specialist (Application Security II). Location : Pune, India. Itron's Resiliency Solutions business helps make communities more adaptive and sustainable. We do this by pairing external data with artificial intelligence to identify areas of high risk and prevent catastrophic loss for utilities and critical infrastructure owners across the country. We are a team of close-knit engineers, subject matter experts, and business leaders who obsess over problem-solving, new technologies, and ma...

Greetings for the Day! Brief About Aurionpro: Aurionpro Solutions Limited is a global leader in providing advanced technology solutions with a focus on Banking, Payments, Transit, Data Centre Services, and Government sectors, leveraging Enterprise AI to create comprehensive technology for our clients worldwide. Formed in 1997 and headquartered in Mumbai, Aurionpro prides itself on its deep domain knowledge, interconnected IP, global footprint and a flexible, passionate approach to business. Our client base of over 300 institutions that trust Aurionpro with their mission-critical technology needs is backed by our team of 2500 professionals making Aurionpro one of the deepest pools of fintech,...

Job Description Key Responsibilities Analyze application risks and implement security controls across web and mobile platforms. Perform vulnerability assessments, review findings, and drive remediation with engineering teams. Work with Development and DevOps teams to integrate security into the SDLC/CI-CD pipelines. Ensure applications adhere to OWASP guidance (OWASP Top 10, ASVS, MASVS, etc.). Ensure secure configuration of cloud resources following best practices and benchmarks. Monitor cloud environments for potential misconfigurations, risks, or suspicious behavior. Implement identity, access, and data protection controls across cloud platforms. Required Skills & Qualifications Strong ba...

Were seeking a Senior Application Security Engineer to help strengthen Zetas application and platform security posture. Youll play a critical role in embedding security throughout the software development lifecycle, ensuring our systems, applications, and AI-driven platforms are built securely from the ground up. Zeta operates at massive scale, powering billions of consumer profiles and petabytes of data across real-time, AI-powered marketing platforms. In this role, youll collaborate with engineering and product teams to identify risks, implement secure design principles, and build automated controls that enable secure innovation. This position offers significant technical scope, cross-func...

1. Level 2 Resource Source Code Review (SCR) Skills: Source Code Review, Multiple Languages, Checkmarx, SonarQube, Certifications (CEH/ OSCP/ SANS25/LPT/ CEPT) 2. Level 1 Resource Source Code Review (SCR) Skills: Source Code Review, Checkmarx, SonarQube, Certifications (CEH/ OSCP/ SANS25/ LPT/CEPT) Key Responsibilities : Perform manual and automated code reviews to identify security vulnerabilities in web, mobile, and backend applications. Collaborate with developers, DevOps, and QA teams to ensure secure coding practices and help fix identified issues. Use SAST tools (e.g., Fortify, Checkmarx, Veracode, SonarQube) to scan code and interpret results. Validate and triage findings to eliminate...

Level 2 Resource Source Code Review (SCR) Experience : 5-6 years Skills : Source Code Review, Multiple Languages, Checkmarx, SonarQube, Certifications (CEH/OSCP/SANS25/LPT/CEPT) Level 1 Resource Source Code Review (SCR) Experience: 2- 3 years Skills : Source Code Review, Checkmarx, SonarQube, Certifications (CEH/OSCP/SANS25/LPT/CEPT) The Source Code Review (SCR) Professional is responsible for analyzing, reviewing, and evaluating application source code to identify security vulnerabilities, coding errors, and adherence to best practices. This role ensures the integrity, security, and quality of software by performing thorough code assessments and working closely with development teams to imp...

JOB DESCRIPTION Company Profile A Fortune 500 company, CBRE is the global leader in real estate services and leverages the industry's most powerful knowledge base to meet the commercial real estate needs of its clients worldwide. Our vision is to be the preeminent, vertically integrated, globally capable real estate service firm. Globally we employ over 80,000 employees and operate in over 60 countries. The Team Global Cyber Security Office The Global CSOs mission is to mitigate cyber security risk by actively working with the CBRE business, Digital & Technology and other partner organizations (Compliance, Risk Mgmt., Audit, & Legal) to seamlessly integrate security processes, tools, and peo...

As a Senior QA Engineer at our company, you will be responsible for owning test automation across data/ETL pipelines, APIs, and web frontends. Your role will involve designing robust QA strategies, building CI/CD-native test suites, driving performance/load testing, and turning system requirements into executable, measurable test plans. **Key Responsibilities:** - **ETL/Data Quality Automation:** - Design and automate tests for ingestion, transformation, and loading including schema checks, constraints, null/dup checks, reconciliation, and row/column-level validation. - Implement data contract and data lineage test coverage, ensure CDC/merge logic and dedup rules are verified. - Add data che...

Job Title: Company Secretary Merchant Banking Summary: We are hiring a qualified Company Secretary to support our Merchant Banking team in handling regulatory compliance, documentation, and transaction execution. The role involves working on open offers, takeovers, IPOs, SME listings, rights issues, and other capital market assignments. Success in this role means ensuring accurate and timely compliance, smooth coordination with clients and regulators, and contributing to efficient deal execution. This position plays a key role in strengthening our regulatory processes and supporting overall merchant banking operations. Responsibilities: * Assist in IPO, SME IPO, takeover, open offer, and oth...

We are seeking a Head of Security Engineering with 1215 years of hands-on experience to own the end-to-end technical security strategy and execution in a high-velocity, AI-first data organization. Reporting directly to the VP of Business Information Security Officer (EDO BISO), you will lead and mentor a high-performing team of security engineers specializing in cloud security, application security (AppSec), and AI/ML security. You will foster a culture of automation, accountability, and proactive defence while remaining deeply hands-on in architecture, remediation, and incident response. This is a player-coach role: you will design, implement, and operate secure systemsnot just advise. Resp...

The DevSecOps Security Engineer will embed security into modern delivery for our customer environment. Hands-on role partners widlocal Engineering/DevOps to secure CI/CD pipelines, Kubernetes workloads, runtime environments &threat hunting activities Required Candidate profile • Hands-on DevSecOps experience across CI/CD, Kubernetes, and cloud-native platforms. • Strong IaC security and policy-as-code (Terraform/Helm/Git-based guardrails). • Kubernetes security

About The Role Project Role : Security Consulting Practitioner Project Role Description : Advise clients on their business protection journey by shaping security strategy, designing solutions, and providing guidance to strengthen cyber resilience. Must have skills : Static Application Security Testing (SAST) Good to have skills : Dynamic Application Security Testing (DAST) Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will provide enterprise-level advice to make organizations cyber resilient. Your typical day will involve engaging with various stakeholders to assess their security posture, identifying ...

About The Role Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Cybersecurity Fundamentals Good to have skills : Python (Programming Language), Microsoft PowerShell, Security Operation Automation Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education S...

Responsibilities: Develop PoCs/scanners (e.g., XSS/SSRF/SQLi checks, payload generators, matchers). Integrate third-party tools via Docker and Python adapters. Contribute to orchestration (scheduling, retries, parallel runs) and baseline CI.