55 Sca Jobs

Please find below responsibilities for required position for SOA and OSB development: Proven experience (typically 8+ years) working with Oracle SOA Suite (BPEL, Mediator, OSB, Adapters). Strong understanding of SOA architecture, Web Services (SOAP/REST), and XML technologies (XSLT, XPath, XSD). Experience with Oracle Service Bus (OSB) and Enterprise Service Bus (ESB) concepts. Proficient in Java, JDeveloper, and SOA Suite tooling. Familiarity with integration technologies such as JMS, FTP, HTTP, and databases. Knowledge of error handling, transaction management, and performance tuning in SOA/OSB. Experience with version control tools like Git, SVN. Strong analytical and problem-solving skills. Excellent communication skills and ability to work collaboratively in a team. Be able to verify Composite applications in terms of modelling and development according to the Service Component Architecture (SCA) specifications Create and maintain technical documentation including design specs, configuration, and deployment guides.

As a VP - CCO - Cyber at Barclays, you will be responsible for providing control advisory and governance on various aspects related to cybersecurity. Your role will involve ensuring proactive identification of security risks, timely remediation to reduce risk exposure, and developing and refreshing security policies and standards to address emerging risks and regulatory requirements. Key Responsibilities: - Provide control advisory and governance on Application Security, DevSecOps practices and controls, Threat modelling controls, Secure coding, and API security. - Develop and refresh security policies and standards to address new emerging risks and changes in regulatory requirements. - Identify and prioritize risks using frameworks like STRIDE, DREAD, or PASTA. - Analyze SDLC, DevSecOps practices, integration, and vulnerability management to translate findings into business-impact narratives. - Manage Technology Risk and Controls, leveraging IT risk frameworks such as ITIL, COBIT5, COSO, NIST, and industry standards. - Implement secure coding practices, API security standards, and industry standards like NIST, ITIL, OWASP, and CWE. Qualifications Required: - Bachelor's degree in Computer Science or equivalent work experience in a relevant industry. - Strong background in risk management, technology, and information security. - Knowledge of SAST, DAST, SCA, IAST, Mobile, cloud security, and other AppSec related technologies. - Experience in managing Technology Risk and Controls, and familiarity with IT risk frameworks. - Relevant professional certification such as CISSP, CISA, CISM, PMP, CRISC or equivalent. In your role as VP - CCO - Cyber, you may also be assessed on key critical skills such as risk and controls, change and transformation, business acumen, strategic thinking, and digital and technology expertise. Location: Pune, IN Barclays Values: All colleagues are expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset to Empower, Challenge, and Drive.,

My profile - linkedin.com/in/yashsharma1608 only those who can come walkin on 5th july - banglore Role - Android Developer (Kotlin programming) Experience - 6+ Years Client - MBRDI Location- Bangalore [on-site] Budget - 13L [Max] Job Description: (Kotlin Programming)" "Kotlin Programming: Strong experience in Kotlin, specifically for Android development. Static Code Analysis (SCA): Hands-on experience with SonarQube, including writing custom rules and plugins. SCA Framework Development: Ability to design and maintain a scalable SCA framework tailored for Android projects. Automotive Compliance Standards: * Understanding of MISRA guidelines (adapted for Kotlin). * Familiarity with ISO 26262 (functional safety). * Knowledge of ASPICE process compliance. Governance Rule Definition: Ability to define and enforce coding standards and quality gates. CI/CD Integration: Experience integrating SCA tools into CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions)." "Secure Coding Practices: Awareness of CERT and OWASP guidelines for secure software development. Code Quality Metrics: Understanding of code smells, technical debt, and maintainability indices. Cross-functional Collaboration: Ability to work with DevOps, QA, and development teams to ensure compliance and quality. Documentation & Reporting: Experience in documenting rules, compliance reports, and audit trails. Tool Customization: Ability to extend or tailor SonarQube plugins for domain-specific needs."

Who we are We&aposre a leading, global security authority that&aposs disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world&aposs largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That&aposs digital trust for the real world. Job summary As a Senior Application Security Engineer specializing in application security and DevSecOps within our cybersecurity team, you will play a crucial role in safeguarding our company&aposs web applications by integrating security practices into the Software Development Life Cycle (SDLC). You will be responsible for the proactive identification, assessment, and mitigation of security vulnerabilities, developing and driving the adoption of DevSecOps practices, and ensuring that security is embedded in all phases of software development. What you will do Lead the integration of security measures into the SDLC, ensuring that all aspects of web application development are secure by design. Conduct thorough security assessments and penetration testing for web applications to identify vulnerabilities and security gaps. Play an advisory role with software engineering teams in the architectural design of new applications, emphasizing secure architectural patterns and best practices. Perform and coordinate manual and automated code reviews. Lead threat modeling exercises across engineering teams. Collaborate with software development teams to implement DevSecOps practices, providing guidance on secure coding, automated security testing, and continuous monitoring. Contribute to internal security tooling development or integration. Develop and maintain a secure framework for code deployment, automating security processes where possible to streamline the development workflow. Work cross-functionally with various teams, including IT, engineering, operations, and business units, to communicate security policies and procedures effectively. Establish and maintain strong relationships with stakeholders, presenting complex security concepts in an accessible manner. Stay abreast of the latest security threats, trends, and technologies in web application security and incorporate this knowledge into company practices. Assist in the development and enforcement of security policies and procedures, ensuring compliance with industry standards and regulations. Assist with managing bug bounty program. Develop program documentation to promote operational stability and scalability. Support Leadership in defining and executing the roadmap for DevSecOps maturity and secure SDLC initiatives. Support governance and compliance teams on secure engineering practices for aligning security policies related to SDLC Drive and support security identified remediation efforts. Foster and promote a security-forward culture. Mentor junior team members. Other duties and responsibilities, as assigned. What you will have Minimum of 5 years of experience in cybersecurity, with a focus on web application security and secure SDLC. Proficiency with programming/scripting languages such as JavaScript, Python, Java, Bash, PowerShell Experience in penetration testing Bachelors or masters degree in computer science, cybersecurity, or a related field. Proven track record of working with DevSecOps tools (such as SAST/DAST/SCA) and methodologies. Strong understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities. Excellent communication skills with the ability to engage technical and non-technical stakeholders. Strong analytical and problem-solving abilities, with a meticulous attention to detail. Advanced level of knowledge of Information Security design concepts and principles Nice to have Master&aposs degree in a technical discipline Professional security certifications such as CISSP, OSCP, CEH, or equivalent are highly desirable. Experience working in highly regulated environments. Advanced level of knowledge of IT frameworks and standards (NIST, OWASP Top Ten, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust, FedRAMP) Certified Information Systems Auditor (CISA) AWS Solutions Architect Benefits Generous time off policies Top shelf benefits Education, wellness and lifestyle support Show more Show less

Own secure, automated delivery across multi-cloud (AWS/Azure/GCP) and on-prem Kubernetes Design CI/CD with GitOps, IaC (Terraform/Ansible), container security, observability, and reliability Use GenAI (Gemini/ChatGPT/Claude) for pipeline authoring, policy scaffolding, runbook generation, incident summarisation, and change-risk analysis Implement SAST/DAST/SCA, SBOMs, supply-chain hardening (SLSA/Provenance), OPA/Gatekeeper policies, secrets management (Vault), and golden paths Measure DORA metrics, availability SLOs, and cost efficiency

As a Product Security Architect, you will be responsible for providing privacy and security technical expertise to support the product team throughout the product development lifecycle. You will collaborate with the Product Security Leader to ensure compliance with Healthcare Product Cybersecurity Standards. Your key responsibilities will include assessing the privacy and cybersecurity state of the product, defining product roadmap features, and coordinating product development for cybersecurity enhancements. You will work on security architecture, product development coordination, defect management for cybersecurity issues, and ensuring adherence to cloud standards for cloud-based products. Additionally, you will be responsible for creating and maintaining Product and Security Manual documentation, as well as delivering Product Cybersecurity Standard artifacts in collaboration with the Product Security Leader. In this role, you will lead product Security Technical Design Reviews, ensure compliance with regulatory standards, and participate in post-market product vulnerability monitoring. Your expertise will be crucial in addressing customer concerns related to privacy and security, as well as providing technical guidance on vulnerability mitigation and design changes. To excel in this position, you should possess strong soft skills such as the ability to work independently, contribute as an individual contributor, and focus on self-planning activities. Mandatory technical skills include Security Engineering, globally recognized Cyber Security Certifications, and knowledge of security technologies like cryptography, authentication management, and security tools such as SAST, DAST, and Penetration Testing. Experience in product engineering, knowledge of cloud infrastructure, and familiarity with medical software/device engineering are desirable skills for this role. Additional experience in standard software engineering, penetration testing, and red teaming activities would be beneficial. If you have a passion for cybersecurity, experience in product security architecture, and a desire to contribute to the development of secure products in a healthcare environment, this role could be a great fit for you.,

Tools & Platforms (Preferred) : Familiarity with GitHub, Jira, and FlexDeploy is a plus. Skill Set Requirement : Integration Developer Experience : Minimum of 5+ years of hands-on experience in : Oracle Fusion Middleware SOA Suite Oracle Integration Cloud (OIC) Tibco BW/BC Managed File Transfer (MFT) REST API integrations Technical Skills : Strong proficiency in : Designing and developing integration processes between : Oracle EBS 12.10 Oracle Fusion Applications - Third-party apps (Coupa, ServiceNow, MS Outlook) - Using OIC Gen3 - Oracle SOA Suite (on-premises and SOACS) - Core standards : SOAP, WSDL, XSLT, SCA, JCA - REST API design, development, and fault handling

Skills :- SCA, SAST, Iac tools, SCM, Developers with Devops experience, application development security Shift Timings - 2.00 pm - 11.00 pm Experience :- 5-7 years Engineer, Product Security Omnicom Global Solutions, Hyderabad IN About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicoms branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4500 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Role Overview We have an exciting opportunity for an Engineer, Product Security at our Hyderabad office. This role supports secure software development, risk mitigation, and product security best practices across automated platforms and infrastructure-as-code environments. The Product Security Engineer will perform vulnerability assessments, provide risk analysis, support incident response, and collaborate with development and DevOps teams to embed security into all stages of the product lifecycle. This role plays a vital part in enabling secure, scalable, and compliant services across Omnicoms digital ecosystem. Key Responsibilities - Assist in implementing secure software development standards and practices. - Support integration of security measures into automated service platforms and infrastructure-as-code. - Conduct regular security assessments and vulnerability scans for applications and infrastructure. - Analyse and report on security risks and vulnerabilities; provide mitigation recommendations. - Collaborate with the incident response team on investigations and real-time threat intelligence. - Monitor and manage security tools to detect and respond to application and infrastructure threats. - Continuously monitor cloud environments and SaaS platforms for emerging security threats. - Work closely with development, QA, and IT teams to support secure software delivery. - Prepare and present security metrics, reports, and summaries to Product Security Leads and stakeholders. - Deliver security awareness training on secure software development and SecDevOps practices. - Contribute to the maintenance of security documentation and internal guidelines. Required Qualifications - 3-5 years of experience in cybersecurity, software engineering, or DevOps with a focus on product security. - Familiarity with security assessment tools (e.g., SAST, SCA scanners) and CI/CD environments. - Basic understanding of secure coding, cloud security, and infrastructure-as-code practices. - Hands-on experience with tools such as GitHub, AWS, Terraform, Jenkins, Docker, etc. - Understanding of IT governance frameworks (e.g., SDLC, ITIL) is a plus. - Strong analytical, documentation, and troubleshooting capabilities. - Bachelor's degree in Cybersecurity, Computer Science, IT, or related field. - Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, SIEM, and risk analysis - Certifications such as Security+ or CEH are a plus. Preferred Qualifications - AppSec depth (CSSLP, eWPT), Cloud specialization (AWS Security), Foundational credibility (Security+), and CEH are a plus. - Experience with cloud security frameworks and zero trust architecture. Note :- Interested Candidates can share their CVs on shalu.singh@omc.com Regards, Shalu Singh

Role & responsibilities Description: Job Title: FOSS Compliance Analyst Location: Bangalore Experience: 5+ Years We are seeking a detail-oriented and experienced FOSS Compliance Analyst to manage open source software audits across our product portfolio. The ideal candidate will have hands-on experience with SCA tools and a strong understanding of open source licensing, compliance, and risk mitigation. ________________________________________ Key Responsibilities • Conduct thorough audits of software codebases to identify open source components and associated licenses. • Identify all categories of software components Proprietary, Third party, Open Source Software. Use and manage SCA tool to streamline FOSS analysis. • Collaborate with engineering teams to ensure compliance with open source license obligations. • Maintain and update the organizations open source policy and compliance processes. • Review Software Bill of Materials (SBOMs) for internal and external stakeholders. • Provide training and guidance to development teams on FOSS usage best practices. • Programming experience in web technologies like CSS, Python, Java understanding of open source databases, software integration methods. • Stay current with evolving open source licensing trends and regulatory requirements. ________________________________________ Required Qualifications • Minimum 5 years of experience in FOSS auditing and compliance. • Proficiency with one or more SCA tools (e.g., Black Duck, WhiteSource, FOSSA, Snyk, FOSSID). • Strong understanding of open source licenses (GPL, MIT, Apache, BSD, etc.). • Experience working with SBOMs and license documentation. • Understanding of Open Source Software principles and communities. • Excellent communication and documentation skills. • Ability to work independently and cross-functionally in a fast-paced environment. • IT Skills: MS office tools (Word, Excel, PowerPoint). • Language Skills: Proficient in English language. ________________________________________ Preferred Qualifications • Experience with CI/CD pipelines and integrating SCA tools. • Familiarity with legal aspects of software distribution and IP. • Knowledge of Inner-Source, Open-Source and Contributions are plus. ________________________________________ Why Join Us? • Work on cutting-edge compliance initiatives in a tech-forward environment. • Be part of a team that values transparency, innovation, and continuous learning. • Competitive compensation, flexible work options, and growth opportunities. Preferred candidate profile

As an Information Security Engineer, you will play a critical role in driving secure application development and vulnerability remediation across our AWS and Azure cloud environments. You'll collaborate with cross-functional teams to embed security into systems, tools, and workflows, ensuring the security and integrity of our digital assets. This role is ideal for someone who thrives in a cloud-native, developer-focused environment and is passionate about building scalable security practices, not just identifying issues but helping resolve them through engineering and automation. Your responsibilities will include conducting vulnerability scans and risk assessments in public cloud environments (AWS, Azure) to identify and remediate security risks, supporting the integration and ongoing use of SAST, DAST, and SCA tools within CI/CD pipelines and developer workflows, collaborating with development teams to improve secure application development practices, providing guidance on vulnerability remediation, contributing to application and infrastructure threat modeling, evaluating and advising on the security of AI-enhanced applications and large language models (LLMs), applying Kubernetes and container security best practices, defining and maintaining application security governance, policies, and technical standards, working with external penetration testers to coordinate testing efforts, maintaining and enhancing security logging and monitoring strategies, providing training and knowledge-sharing to development teams on application security tools and best practices, staying up to date on current security trends, threats, and regulatory changes, and partnering with IT, legal, compliance, and other teams to ensure a holistic and aligned approach to security. To be successful in this role, you should have a Bachelor's degree in computer science, Information Security, or a related field, CISSP certification (or equivalent security certification), 7-10 years of Information Security experience with at least 5 years in IT roles, a strong understanding of security architecture design, particularly in Kubernetes, familiarity with industry-standard security frameworks and best practices, proven experience of conducting penetration tests, vulnerability assessments, risk assessments, and threat modeling, knowledge of regulatory standards such as GDPR, PCI_DSS 4.0, and ISO-27001, a solid understanding of the Software Development Life Cycle (SDLC) and its integration with secure development practices, strong communication skills in English, and the ability to work collaboratively in a team environment. In return, you'll be part of a purpose-led company with a Values-focused culture, enjoy competitive PTO plans, holidays, group mediclaim insurance coverage, life insurance, personal accident insurance, fitness perks, a Calm App subscription, support for working women, and a commitment to diversity and inclusion. ABC Fitness is an equal opportunity employer that fosters an inclusive environment and encourages applicants from diverse backgrounds to apply. ABC Fitness is the premier provider of software and related services for the fitness industry, known for excellence in support for clubs and their members. With a commitment to diversity, equality, belonging, and inclusion, ABC Fitness creates an environment where employees, clients, and stakeholders feel valued and inspired to reach their full potential. Established in 1981, ABC helps gyms and health clubs globally perform better and more profitably, offering a comprehensive SaaS club management solution. Join us if you thrive in a growth-oriented environment and enjoy working with enthusiastic over-achievers.,

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about protecting companies from cyber threats Do you want to be part of a team that safeguards the digital assets of cutting-edge organizations Look no further - Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Technical Specialists. As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches. But that's not all - at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems. Not only will you be responsible for ensuring the security of Kyndryl's customers network and systems, but you will also enrich the organization's knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks. You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions. Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with outside the box ideas that could change the trajectory of cyber security. This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity team! Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Skills and Experience: Having 5 + years of exp in AppSec & TPRM Lead Own and govern the end-to-end Vulnerability Management (VM) program Ensure DevSecOps integration completeness across SAST, DAST, SCA, CSPM, and Infra tools for automating security assessments in DevOps pipelines Track remediation SLA adherence, escalate overdue issues, and align with stakeholders Review and report weekly/monthly dashboards covering risk trends, SLAs, and exceptions Oversee secure SDLC enforcement and continuous improvement of security processes Preferred Skills and Experience: Facilitate TPRM alignment and integration into the broader VM landscape Lead cross-functional coordination, metrics-driven governance, and knowledge sharing Perform thread modelling for new applications Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the world's most innovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as they provide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days are the same. Your Role Perform static application security testing on source code using Fortify. Perform software composition analysis using Sonatype IQ Assist with scan onboarding and troubleshooting Integrate tools into Jenkins pipelines Collaborate with teams to remediate high/critical findings Generate and analyse SCA scan result Automate reporting and dashboards Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. Your Profile Deep understanding of Source code review, SCA and SBOM Hands-on experience with SAST and SCA tool Fortify SCA, Sonatype IQ. Good understanding of secure coding practices for languages such as Java, .NET ,JavaScript,Python,etc. Strong knowledge of OWASP Top 10, CWE, and secure software development lifecycle (SSDLC). Familiarity with CI/CD pipelines and integrating security tools in DevOps. (Jenkins, GitHub) Security certifications such as OSCP, GWAPT, eWPTX, CEH, CRTP will be an added advantage. What will you love working at Capgemini Every Monday, kick off the week with a musical performance by our in-house band - The Rubber Band. Also get to participate in internal , yoga challenges, or marathons. At Capgemini, you can work on in tech and engineering with industry leaders or create to overcome societal and environmental challenges. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. You will have the on one of the industry's largest digital learning platforms, with access to 250,000+ courses and numerous certifications. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Job Description for a Presales Engineer specializing in Application Security and Vulnerability Scanning/Testing Tools: Job Title: Presales Engineer Application Security & Vulnerability Management Location: Mumbai Job Type: Full-Time Role Summary As a Presales Engineer focused on Application Security and Vulnerability Testing tools, you will play a pivotal role in driving technical sales engagements. You will work closely with sales teams to understand customer requirements, demonstrate product capabilities, and design solutions that address security challenges across web, mobile, and cloud environments. Key Responsibilities Collaborate with sales teams to understand client needs and propose tailored security solutions Deliver product demos and technical presentations for tools such as: DAST, SAST, SCA, IAST and API scanning tools Lead Proof of Concept (PoC) engagements and pilot deployments Respond to RFPs with detailed technical documentation Map product capabilities to customer use cases and compliance requirements Design end-to-end security testing workflows integrating DAST, SAST, SCA, IAST and API scanning tools Recommend DevSecOps integrations with CI/CD pipelines (e.g., Jenkins, GitLab, Azure DevOps) Lead onboarding and implementation of tools Troubleshoot deployment issues and guide remediation strategies Required Skills & Experience 5+ years of experience in application security, vulnerability management, or technical presales Hands-on knowledge of Application security testing tools like AppScan, Checkmarx and Fortify. etc. Strong understanding of methodologies: DAST, SAST, SCA, IAST, API Security, CSPM, DevSecOps Familiarity with secure software development lifecycle (SSDLC) Understanding of Software applications and IT Infrastructure Knowledge of web technologies (HTTP, REST, JavaScript, HTML, etc.) Knowledge of networking, operating systems and security concepts Understanding of programming languages: Java, .NET, Python, JavaScript, C/C++, etc. Experience with CI/CD tools (Jenkins, GitLab, Azure DevOps) and cloud platforms (AWS, Azure, GCP) Experience with scripting languages (Python, Bash, PowerShell) Lead onboarding and implementation of the tools Troubleshooting skills Excellent communication, presentation, and stakeholder engagement skills Preferred Qualifications Bachelors degree in Computer Science, Cybersecurity, or related field Certifications related to Application Security testing tools Experience with cloud platforms (AWS, Azure, GCP) and container security Experience with secure coding practices Exposure to container security and cloud-native application protection Prior experience in a customer-facing technical role

Required Skills & Experience: * 7- 9 years of overall IT experience with minimum 3+ years in DevSecOps/Security engineering. * Strong knowledge of CI/CD tools: Jenkins, GitHub Actions, GitLab CI, Azure DevOps. * Hands-on with security tools: SonarQube, Checkmarx, Fortify, OWASP ZAP, Aqua, Prisma Cloud, Snyk, etc. * Expertise in cloud platforms: AWS, Azure, or GCP (with security focus). * Experience in containerization & orchestration security: Docker, Kubernetes. * Strong scripting knowledge: Python, Bash, Shell, Groovy, or PowerShell. * Proficient in infrastructure as code (IaC) and securing IaC templates. * Experience with SIEM and monitoring tools: Splunk, ELK, CloudWatch, Datadog. * Understanding of zero-trust security models and modern security frameworks. * Good knowledge of network security, firewalls, and identity/access management.

DAST , SAST, SCA , Grey Box, Team Handling

Cybersecurity at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients) What will you be responsible for? - Responsible for driving software security and code security practices that meets Providence software security policies to ensure Providence developed application code is secure and code vulnerabilities are remediated. - Driving code security reviews and false positive analysis and shares best practices across the team. - Identify scope for implementing security best practices and implement process workflows that strengthen the overall security posture. - Participate in all aspects of agile software development, including design, implementation, and deployment to include code security aspects wherever needed in the application building phase. - Troubleshoot, debug, and optimize security code remediation methods and stay ahead of with industry trends and emerging technologies related to secure code practices. What would your work week look like? - Collaborate with cross-functional developer teams and engage in code scanning activities within Providence code repositories (ADO and GitHub) - Propagate and educate developer teams about secure coding practices and assist in remediating code vulnerabilities identified in the scan. - Identify and implement secure coding practices that aligns with industry standard frameworks such as NIST, CIS and Providence information security policies etc. - Set-up regular meeting with stakeholders to show progress of software security scans and code vulnerabilities trends. - Clearly communicate roadmap, backlog, and team updates across the organization. Who are we looking for? - Bachelors degree in related filed, to include computer science, cyber security or equivalent combination of education and experience. - 3-5 years of relevant post-qualification experience, with at least 3 years of proven experience in Application security testing, code scanning techniques, software security analysis and software code vulnerability remediation. - Solid understanding of Static Software Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA) and Code Security best practices. - Hands-on experience in DAST, SAST, SCA vulnerabilities remediation and reporting with any industry leading toolset. - Solid understanding in CI/CD pipelines and configuration of pipelines using GitHub actions or ADO pipelines or any automated method to perform code security scans in the code build process. - Good understanding in implementing DevOps security best practices while building solutions. - Familiarity with cloud native solutions, application containerization and container orchestration (Docker, Kubernetes), Infrastructure as Code (IaC), helm charts and YAML template configuration. - Solid understanding of API integrations, code testing, integration testing and UAT testing methods. - Scripting or programming understanding with Shell scripting, Power Shell, Python, KQL etc.

Skills :-3-7 years of experience in EITHER / OR BOTH development, or DevSecOps. Mandatory requirements are SAST, SCA, IaC, SCM, Pipeline automations. Location :- Bangalore,Hyderabad, Chennai,Gurgaon Shift Timings :- 2.00 pm - 11.00 pm About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicoms branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4500 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Lets build this together! Role Overview We have an exciting opportunity for an Engineer, Product Security at our Hyderabad office. This role supports secure software development, risk mitigation, and product security best practices across automated platforms and infrastructure-as-code environments. The Product Security Engineer will perform vulnerability assessments, provide risk analysis, support incident response, and collaborate with development and DevOps teams to embed security into all stages of the product lifecycle. This role plays a vital part in enabling secure, scalable, and compliant services across Omnicoms digital ecosystem. Key Responsibilities Assist in implementing secure software development standards and practices. Support integration of security measures into automated service platforms and infrastructure-as-code. Conduct regular security assessments and vulnerability scans for applications and infrastructure. Analyse and report on security risks and vulnerabilities; provide mitigation recommendations. Collaborate with the incident response team on investigations and real-time threat intelligence. Monitor and manage security tools to detect and respond to application and infrastructure threats. Continuously monitor cloud environments and SaaS platforms for emerging security threats. Work closely with development, QA, and IT teams to support secure software delivery. Prepare and present security metrics, reports, and summaries to Product Security Leads and stakeholders. Deliver security awareness training on secure software development and SecDevOps practices. Contribute to the maintenance of security documentation and internal guidelines. Required Qualifications 3-5 years of experience in cybersecurity, software engineering, or DevOps with a focus on product security. Familiarity with security assessment tools (e.g., SAST, SCA scanners) and CI/CD environments. Basic understanding of secure coding, cloud security, and infrastructure-as-code practices. Hands-on experience with tools such as GitHub, AWS, Terraform, Jenkins, Docker, etc. Understanding of IT governance frameworks (e.g., SDLC, ITIL) is a plus. Strong analytical, documentation, and troubleshooting capabilities. Bachelor&aposs degree in Cybersecurity, Computer Science, IT, or related field. Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, SIEM, and risk analysis Certifications such as Security+ or CEH are a plus. Preferred Qualifications AppSec depth (CSSLP, eWPT), Cloud specialization (AWS Security), Foundational credibility (Security+), and CEH are a plus. Experience with cloud security frameworks and zero trust architecture. Show more Show less

As a highly skilled professional in the field of Information Security, you will play a crucial role in ensuring the secure development of software applications. With your University degree in computer science or IT and a minimum of 6 years of experience in Information Security, you will possess the necessary qualifications to excel in this role. Your expertise in Software Development Lifecycle (SDLC) security reviews, control environment evaluation, and design flaw assessments will be key in upholding the highest standards of security. Your responsibilities will include conducting internal and third-party Security Risk Assessments on critical assets, coordinating with project teams to enforce security frameworks throughout the SDLC, and preparing detailed security effectiveness reports for management review. Your hands-on experience in Static and Dynamic Application Security Testing, along with your familiarity with industry best practices such as OWASP, SANS Institute, and NIST, will be invaluable in developing a comprehensive security framework for developers to follow. In this role, you will also be responsible for testing applications/systems against SSDLC frameworks, ensuring compliance with RBI/ReBIT Information Security practices, and facilitating the integration of new applications into the data center post-assessment. Your expertise in application security tools and methodologies, along with your ability to define and enhance security requirements for agile development methods, will be essential in driving continuous improvement in application security standards. Additionally, you will collaborate with the DevSecOps team to establish secure CI/CD pipeline processes and enable application teams to develop new capabilities securely. Your certifications in CISSP, CSSLP, cloud security, or DevSecOps automation will further validate your expertise and commitment to upholding the highest standards of information security in the industry.,

eInfochips, an Arrow company, is a global leader in providing product engineering and semiconductor design services. With over 25 years of experience and a team of 2500+ engineers, we have developed 500+ products deployed in 140 countries. Our services cover Silicon Engineering, Embedded Engineering, Hardware Engineering, and Digital Engineering, catering to 7 of the top 10 semiconductor companies globally. We are currently looking for a Senior IoT/Cyber Security Specialist with 5 to 12 years of experience, including a minimum of 5 years in secure software engineering. The position is based in Pune or Ahmedabad and requires a BE or MS in Electronics/Computer Engineering, with Cyber Security certifications preferred. As a Cyber Security Specialist at eInfochips, you will be responsible for serving as a subject matter expert in product security. Your role will involve leading secure software development practices, threat modeling, penetration testing, security incident response, and coaching engineering teams on cybersecurity best practices. Key Responsibilities: - Act as an SME for Cyber/Product Security, guiding software and firmware teams on secure development lifecycle practices. - Develop security architecture, threat models, and cybersecurity requirements for connected devices. - Lead security verification, penetration testing, and validation efforts. - Manage security compliance for engineering projects and third-party audits. - Drive the implementation of security policies, standards, and procedures organization-wide. - Provide technical leadership in security design, risk assessments, and mitigation strategies. - Stay updated on emerging threats, industry standards, and regulatory requirements. - Deliver training and knowledge sharing on security best practices. Required Technical Skills: - Experience with threat intelligence analysis. - Expertise in SCA, SAST, DAST tools, vulnerability classification, and secure coding principles. - Implementing PKI, cryptographic keys, secure boot, secure communications, identity management, and firmware security. - Proficiency in penetration testing tools, threat modeling, and security standards. - Programming skills in C/C++, Java, Python, or similar languages. - Familiarity with encryption protocols. - Preferred certifications: CISSP-ISSEP, CISSP-ISSAP, CEH, OSCP, CSSLP, GIAC. Desired Experience: - Security analysis for Industrial, Automotive, Medical, and IoT systems. - Knowledge of UNECE security standards. - Experience in leading security tool adoption in regulated environments. Soft Skills: - Self-driven, motivated, and proactive. - Excellent communication skills. - Eager to learn new technologies. - Positive attitude with strong problem-solving abilities. Join us at eInfochips for the opportunity to work on cutting-edge technologies and lead a high-performing team in a fast-paced, dynamic environment. If you meet the requirements and are enthusiastic about this role, please share your resume at arti.bhimani1@einfochips.com,

Education : Bachelor's degree required. Security Expertise : Deep familiarity with OWASP Top 10 and other security concerns for web applications. Deep understanding of OWASP Application Security Verification Standards (ASVS) . In-depth understanding of SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) scanning practices. Tools and Experience : Experience using Veracode , Appscan , or other enterprise security tools for scanning. Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) found by scanning tools. Familiarity with secret management systems integration. Technical Expertise : Advanced knowledge of front-end and back-end web application development in at least one technology stack: .NET , Java , PHP , Ruby/Rails , Angular , Node.js , etc. Proven track record of staying up-to-date with trends, tools, and processes improving security posture. Documentation & Communication : Strong documentation skills and technical writing abilities . Excellent verbal and written communication skills, English proficiency required. Ability to communicate, collaborate, and present effectively across diverse teams. Team-Oriented : Ability to work in a fast-paced, dynamic environment while producing high-quality work. Technical Skills: SAST , DAST , SCA Veracode , Appscan , HCL (Dynamic scanning tool) CVEs , CWEs Secret management systems .NET , Java , PHP , Ruby/Rails , Angular , Node.js Roles and Responsibilities: Perform SAST , SCA , and DAST scans using industry standard vulnerability scanners. Use Veracode for SAST/SCA scanning, configuring the scan platform for correct identification of static code CWE and SCA derived CVEs . This includes coordinating with the app owner to ensure all code branches are included in the compiled binary. DAST process includes crawling the target application to identify the directory and file structure, followed by executing DAST scans using HCL product to identify dynamic issues visible only during code execution.

As a Cybersecurity Application Security Consultant with a focus on DevSecOps in Bhopal, Madhya Pradesh, you will play a crucial role in ensuring the secure design, development, and deployment of applications by integrating security measures across the SDLC. Your responsibilities will include integrating security into CI/CD pipelines, performing various security testing such as SAST, DAST, IAST, and SCA, conducting threat modeling and security architecture reviews, guiding teams on secure coding practices, and automating security testing using tools like Burp Suite, ZAP, Checkmarx, SonarQube, among others. Additionally, you will be involved in supporting incident response activities and maintaining security documentation. To excel in this role, you should have at least 3 years of experience in application security with a strong focus on DevSecOps. Proficiency in OWASP Top 10, secure coding practices, and vulnerability management is essential. You should be familiar with tools such as Jenkins, GitLab, Azure DevOps, Fortify, and have hands-on experience with scripting languages like Python and Bash, as well as container security technologies like Docker and Kubernetes. Excellent communication and problem-solving skills are also required. Preferred qualifications for this position include a degree in Computer Science, Information Technology, or Cybersecurity, along with certifications like CEH or OSCP. Knowledge of compliance standards such as ISO 27001, NIST, and GDPR, as well as familiarity with programming languages like Java, .NET, Python, and Node.js, would be advantageous. This is a full-time permanent position with a day shift schedule. The work location may vary as it involves being on the road for certain assignments.,

As a Senior Lead DevSecOps at our Pune location, you will play a pivotal role in combining technical leadership, security expertise, and DevSecOps best practices to embed security within the software development lifecycle. Your key responsibilities will include proactively assessing security gaps, developing innovative solutions, and driving DevSecOps transformation to enhance resilience and efficiency. You will collaborate extensively with business, technology, risk, and other corporate teams to establish and strengthen the adoption of security by design. Reporting to the Business Information Security Officer (BISO) for Wealth and Asset Management, you will operate within a complex landscape driven by client expectations and diverse needs across the globe. As the primary liaison between development and cybersecurity teams, you will ensure the seamless integration of security into the DevOps pipeline. Your role will involve implementing security automation, risk mitigation strategies, and CI/CD security integration to ensure secure software delivery. Building trust with clients, stakeholders, and engineering teams will be crucial as you advocate for security best practices and DevSecOps adoption across the organization. You will collaborate with development teams to integrate secure coding practices and vulnerability assessments while leading the DevSecOps strategy to align with business objectives and regulatory requirements. To excel in this role, you must have 12+ years of experience in DevSecOps, Cloud Security, or Secure Software Development, with expertise in CI/CD, cloud security, Azure DevOps, container security, and automation tools. Experience in implementing security checks within a Secure SDLC Pipeline, Secrets Management, SCA, open-source tools, and strong knowledge of security frameworks and security testing are essential. Your proven ability to engage with clients, lead teams, and drive strategic security initiatives will be critical for success in this multi-functional team environment.,

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud. You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What You Will Be Doing Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, and notification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of the SDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What We&aposll Want You To Have You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for: DAST: Burp Suite, OWASP Zap, Invicti, AppScan SAST/SCA: Fortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface Management: OWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful security?initiatives.? Understanding of software development; how applications and systems are designed, built, and break is critical. Understand?DevSecOps?cultural mindsets, and an engineering-focused approach to solving?complex?security problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes.? The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Show more Show less

Cowbell is signaling a new era in cyber insurance by harnessing technology and data to provide small and medium-sized enterprises (SMEs) with advanced warning of cyber risk exposures bundled with cyber insurance coverage adaptable to the threats of today and tomorrow. Championing adaptive insurance, Cowbell follows policyholders" cyber risk exposures as they evolve through continuous risk assessment and continuous underwriting. In its unique AI-based approach to risk selection and pricing, Cowbell's underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Founded in 2019 and based in the San Francisco Bay Area, Cowbell has rapidly grown, now operating across the U.S., Canada, U.K., and India. This growth was recently bolstered by a successful Series C fundraising round of $60 million from Zurich Insurance. This investment not only underscores the confidence in Cowbell's mission but also accelerates our capacity to revolutionize cyber insurance on a global scale. With the backing of over 25 prominent reinsurance partners, Cowbell is poised to redefine how SMEs navigate the evolving landscape of cyber threats. In support of business objectives, we are actively looking for an ambitious person, who is not afraid of hard-work and embraces ambiguity as it comes to join our Information Security Team as a Sr. Developer, Application Security. The InfoSec team drives security, privacy, and compliance improvements to reduce risk by building out key security programs. We enable our colleagues to keep the company secure and support our customers" security journey with tried and true best practices. We are a Java, Python, and React shop combined with world-class cloud infrastructure such as AWS & Snowflake. Balancing proper security while enabling execution speed for our colleagues is our ultimate goal. It's challenging and rewarding! If you are up for the challenge, come join us. You will be instrumental in curing security defects in code, burning down any new and existing vulnerabilities. You can fix the code yourself and continuous patching is your north star. You will be the champion for safeguards and standards that will keep our code secure and reduce the introduction of new vulnerabilities. Partner and collaborate with internal stakeholders in assisting with the overall security posture with an emphasis on the Engineering and Operations/IT areas. Work across engineering, product and business systems teams to enhance and evangelize security in applications (& infrastructure). Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts. Develop and maintain application scanning solutions to inform stakeholders of security weaknesses & vulnerabilities. Review outstanding vulnerabilities with product teams and assist in remediation efforts to reduce risk. Bachelor's degree in computer science or another STEM discipline and 8 to 10+ years of professional experience in security software development. Majority of prior experience as a Security Engineer focused on remediation of security vulnerabilities and defects in Java and Python. Must have prior in-depth demonstrable experience developing in JAVA and Python; Basically you are developer first and a security engineer second. Applicants that do not have this experience will not be considered. Experience developing in, and securing, Javascript and React a plus. Experience securing integrations and code that utilizes Elasticsearch, Snowflake, Databricks, RDS a big plus. Detail-oriented with problem-solving, communication, and analytical skills. Expert understanding of CVE and CVSS scoring and how to utilize this data for validation, prioritization, and remediation. Excellent understanding and utilization of OWASP. Demonstrated ability to secure API; Techniques, patterns, will be assessed. Experience designing and implementing application security solutions for web and or mobile applications. Experience developing and reporting vulnerability metrics as well as articulating how to reproduce and resolve those security defects. Experienced in application penetration testing; and understanding of remediation techniques for common misconfigurations and vulnerabilities. Demonstrable experience in understanding patching and library upgrade paths including interdependencies. Familiarity with CI/CD tools. Previous admin experience in CI/CD is not required but a big plus. Capability to deploy, provide maintenance for, and operationalize scanning solutions. Hands-on ability to conduct scans across application repositories and infrastructure. Must be willing to work extended hours and weekends as needed. Great at and enjoys documenting solutions; creating repeatable instruction for others, operational documentation, developing technical diagrams, and similar artifacts. Preferred Qualifications: You can demonstrate and document threat modeling scenarios using well-known frameworks such as STRIDE. Proficient with penetration testing tools such Burp suite, Metasploit or ZAP. You are already proficient with SAST & SCA tools; proficiency with DAST and/or OAST tool usage and techniques would be even better. As a mentor you also have the experience and desire in providing fellow engineering teams with technical guidance on the impact and priority of security issues and driving remediation. Capability to develop operational process from scratch or improve current processes and procedures through well-thought-out hand-offs, integrations, and automation. Familiarity with multiple security domains such as application security, infrastructure security, network security, incident response, and regulatory compliance and certifications. Understanding of modern endpoint security technologies/concepts. Adept at working with distributed team members. What Cowbell brings to the table: Employee equity plan for all and wealth enablement plan for select customer-facing roles. Comprehensive wellness program, meditation app subscriptions, lunch and learn, book club, happy hours, and much more. Professional development and the opportunity to learn the ins and outs of cyber insurance, cybersecurity as well as continuing to build your professional skills in a team environment. Equal Employment Opportunity: Cowbell is a leading innovator in cyber insurance, dedicated to empowering businesses to always deliver their intended outcomes as the cyber threat landscape evolves. Guided by our core values of TRUE Transparency, Resiliency, Urgency, and Empowerment, we are on a mission to be the gold standard for businesses to understand, manage, and transfer cyber risk. At Cowbell, we foster a collaborative and dynamic work environment where every employee is empowered to contribute and grow. We pride ourselves on our commitment to transparency and resilience, ensuring that we not only meet but exceed industry standards. We are proud to be an equal opportunity employer, promoting a diverse and inclusive workplace where all voices are heard and valued. Our employees enjoy competitive compensation, comprehensive benefits, and continuous opportunities for professional development.,

Join us as an Application Security Consultant at Barclays, where you will play a key role in supporting the successful delivery of Location Strategy projects while adhering to plan, budget, agreed quality, and governance standards. You will be at the forefront of evolving our digital landscape, driving innovation, and ensuring excellence in our digital offerings to provide unparalleled customer experiences. To excel in this role, you should possess a strong understanding of CVEs, CWEs, and their impact on applications. Additionally, you must have in-depth knowledge of various AppSec technologies such as SAST, DAST, SCA, IAST, and RASP. Proficiency in at least one programming language and framework, as well as experience in writing scripts in languages like Python and JavaScript, are essential skills for this position. Desirable skill sets to have include the ability to showcase expertise in low-level technical topics, such as native development on any platform, and experience with languages used in modern mobile development like Java+JNI, Objective C, and Swift. Familiarity with concepts like reverse engineering, assembly, and mobile code hardening techniques will be beneficial. Furthermore, the ability to replicate vulnerabilities in a lab environment is a plus. As an Application Security Consultant, you will be based in Pune and will be responsible for supporting various business areas with day-to-day tasks, including processing, reviewing, reporting, trading, and issue resolution. You will collaborate with teams across the bank to align operational processes, identify areas for improvement, and implement operational procedures and controls to mitigate risks while maintaining efficiency. In this role, you will also develop reports and presentations on operational performance, identify industry trends, and participate in projects to enhance operational efficiency. As an Assistant Vice President, you will consult on complex issues, advise People Leaders on escalated matters, and contribute to risk mitigation and policy development. You will take ownership of managing risk, collaborate with other business areas, and engage in data analysis to creatively solve problems and communicate complex information effectively. Your role will also involve influencing stakeholders to achieve desired outcomes. All colleagues at Barclays are expected to embody the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset of Empower, Challenge, and Drive. Your commitment to these values and mindset will serve as our moral compass and guide our behavior within the organization.,