169 Secure Coding Jobs - Page 7

Are you passionate about tackling sophisticated, high-impact security challenges at scaleJoin our dynamic Software Security Engineering team and work alongside product development teams to embed ground breaking secure software practices across the entire Splunk product portfolio In this role, you'll dive deep into identifying evolving vulnerability patterns, analyze real-world attack tactics, and craft innovative security solutions that safeguard Splunks industry-leading products Collaborating with Product Security, Risk, and Compliance teams, youll play a pivotal role in ensuring Splunk not only meets but exceeds new policy and regulatory requirements Get ready to make a tangible impact on the future of security at Splunk! Meet the Global Security Team Splunk is here to build a safer and more resilient digital world The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best place to work If you become a Splunker, we want your whole, authentic self, what we call your "million data points" So bring your work experience, problem-solving skills and talent, of course, but also bring your joy, your passion and all the things that make you, you, What you'll get to do Analyze and Innovate: Identify emerging code vulnerability trends and research real-world attack patterns to stay ahead of evolving security threats, Develop Cutting-Edge Solutions: Design and implement sophisticated security mechanisms that protect Splunks products from vulnerabilities and attacks, Collaborate Across Teams: Work closely with Product Development, Product Security, Risk, and Compliance teams to ensure security is woven into every phase of the software development lifecycle, Shape Security Strategy: Contribute to crafting Splunks security strategy by integrating secure coding standards and vulnerability management into the product pipeline, Drive Regulatory Excellence: Ensure Splunk remains proactive and aligned with the latest policy and regulatory requirements, Must-have Qualifications 3 years in software security, with a deep understanding of secure coding practices, vulnerability management, and common security flaws (e-g , OWASP Top 10), 3 years of programming in languages such as Python, Java, C++, or Go, and the ability to identify and remediate security issues in code, Understanding of risk management principles and popular regulatory requirements (e-g , FEDRAMP, HIPAA, SOC 2) and how they impact security and software development, Analytical and problem-solving abilities to address sophisticated security challenges at scale, Bachelors degree in Computer Science, Security, or equivalent work experience, Nice-to-have Qualifications Weve taken special care to separate the must-have qualifications from the nice-to-haves ?Nice-to-have? means just that: Nice To Have So, dont worry if you cant check off every box Were not hiring a list of bullet pointswere interested in the whole you, Familiarity with threat modeling techniques, Experience implementing security tooling and automation within software build pipelines, Proven track record to work effectively in cross-functional teams to implement security practices, Security certifications such as CompTIA Security+ or GIAC Security Essentials, Splunk is an Equal Opportunity Employer Splunk, a Cisco company, is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis,

Job Title: Manager Application Security Company Name: Info Edge India Ltd Job Description: As the Manager Application Security, you will be responsible for leading the application security initiatives within Info Edge India Ltd. You will work closely with development teams to ensure that security is integrated into the software development lifecycle. The role involves assessing potential vulnerabilities in applications, implementing security best practices, and ensuring compliance with security standards. You will also be responsible for conducting security assessments, managing security incidents, and providing guidance on secure coding practices. Additionally, you will collaborate with cross-functional teams to promote a culture of security awareness throughout the organization. Key Responsibilities: - Lead application security assessments and conduct security reviews of applications. - Develop and implement application security policies, standards, and guidelines. - Collaborate with development teams to integrate security into the software development lifecycle. - Conduct threat modeling and vulnerability assessments to identify security risks. - Provide training and support to developers on secure coding practices. - Monitor security trends and stay updated on emerging threats and vulnerabilities. - Respond to security incidents and coordinate incident response efforts. - Prepare reports and presentations for management on application security metrics and status. Skills and Tools Required: - Strong understanding of application security principles and best practices. - Experience with application security testing tools, such as static and dynamic analysis tools. - Familiarity with secure coding practices and frameworks (e.g., OWASP Top Ten). - Knowledge of security standards and compliance frameworks (e.g., ISO 27001, NIST). - Proficiency in one or more programming languages (e.g., Java, Python, C#). - Experience in conducting threat modeling and risk assessment. - Strong analytical skills and attention to detail. - Excellent communication and interpersonal skills to work collaboratively with various teams. - Certifications in application security (e.g., Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP)) are a plus.

Dear Candidate, We are hiring a Security Engineer to design and implement secure systems across cloud and application environments. Ideal for engineers excited about threat modeling and proactive defense. Key Responsibilities: Perform security assessments and code reviews Develop security policies and incident response procedures Implement security controls in cloud and on-prem environments Monitor for vulnerabilities and recommend mitigation Required Skills & Qualifications: Knowledge of OWASP Top 10, secure coding practices Experience with SIEM, IDS/IPS, and vulnerability scanners Familiarity with cloud security (AWS, Azure, GCP) Bonus: Certifications (CISSP, CEH, OSCP) Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Ideally, looking for a combination of Development and Application Security experience. Job Summary: We are seeking a skilled Application Security Engineer to join our Information Security team. The ideal candidate will have a minimum of 8-12 years of experience in application security and a strong background in software development , particularly in .NET, C#, Angular, and React . This role is crucial in ensuring the security of our applications by working closely with development, DevOps, and security teams to identify, remediate, and prevent security vulnerabilities throughout the software development lifecycle (SDLC). Key Responsibilities: Conduct application security assessments, including code reviews, penetration testing, and threat modeling to identify vulnerabilities. Work closely with developers to integrate secure coding practices and provide guidance on remediating security issues. Implement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools. Develop and enforce security policies, procedures, and best practices for application security. Assist in the design and review of security architecture for new and existing applications. Collaborate with DevOps teams to integrate security into CI/CD pipelines using DevSecOps principles . Research emerging threats, vulnerabilities, and security trends to proactively mitigate risks. Support incident response efforts related to application security breaches. Provide security training and awareness to development teams. Document security findings, mitigation plans, and security controls. Minimum Requirements (Must-Have) 8-12 years of experience in application security with a focus on secure software development. Strong background in software development , with hands-on experience in .NET, C#, Angular, and React . Hands-on experience with SAST, DAST, Software Composition Analysis (SCA), and penetration testing tools (e.g., Burp Suite, Checkmarx, Veracode, Fortify, SonarQube ). Solid understanding of OWASP Top 10, SANS 25, and secure coding practices . Experience with threat modeling, risk assessment, and vulnerability management . Knowledge of API security, authentication, and authorization mechanisms (OAuth, JWT, SAML, etc.). Familiarity with container security, Kubernetes security, and cloud security best practices (AWS, Azure, GCP). Experience working in Agile and DevSecOps environments , integrating security into CI/CD pipelines. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to work collaboratively across teams.

The CIO Network Automation & Orchestration team are looking for a software developer. We have a pipeline of exciting development initiatives that are transforming how we automate the provisioning and orchestration of our network and cloud infrastructure, providing common user interfaces, APIs and an abstraction layer to enable seamless software-defined integration. Your role will be envisioning and developing applications to support IBM CIO network engineering and hybrid cloud product teams as they automate and integrate critical workflows. As an experienced developer you will provide mentorship and guidance in development best practices, fostering a team culture of continuous learning and improvement. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Programming 5 + years of experience developing production software with a strong level of expertise in one or more programming languages like Python, Javascript and Java Strong experience with integration technologies such as LDAP, SAML/SSO, API’s Bash/Shell Scripting Experience working on various OS platforms such as Linux, AIX, VMware Experience with Web Technologies (JSON/XML, HTML/CSS, Web Services, etc) and working in a SaaS environment Strong understanding of cybersecurity and secure coding practice DevOps and CI/CD Practice Proficiency in Git for managing code and experience with CI/CD pipelines Ability to develop requirements based on client interviews and documented requirements Experience in full software development life cycleAnalysis, Design, Coding, Testing, Deploying Training and Operational Support Proficiency in Jira for managing requirements Leadership Lead work with engineering and product owners to define and prioritise requirements that help us meet business objectives Documentation and Communication Able to write clear documentation for automation scripts and workflows. Work effectively in cross-functional teams, often communicating with network engineers, developers, and DevOps teams Coaching and mentoring Ability and willingness to support team members in software development best practices, fostering a culture of continuous learning and improvement Preferred technical and professional experience Networking Knowledge Knowledge of network fundamentals such as TCP/IP, routing, switching, VLANs, DNS, DHCP, VPNs, etc. Knowledge of routers, switches, firewalls, and wireless access points Some understanding of network architecture, segmentation, and virtualisation technologies like SDN (Software Defined Networking). Automation and Orchestration Experience with automation and orchestration tools like Ansible, IBM Rapid Network Automation (RNA), Kubernetes, NetBox Good understanding and integration of monitoring tools like Instana Experience of developing workflows with and integrating network provider technology such as F5, Cisco, Versa, Palo Alto, Juniper Security and Compliance Some understanding of secure configuration, firewall rules, and encryption protocols. Some knowledge of automating compliance checks and vulnerability assessments. Analytical and Problem-Solving Skills Ability to troubleshoot network and automation issues Knowledge of using tools and standards to analyse logs e.g Syslog to identify issues. Soft Skills Must be willing and able to keep up with rapidly changing technologies in networking and automation. High proficiency for attention to detail, ensuring configurations and scripts are precise to avoid network disruptions.

We are hiring a Senior Full Stack Developer with expertise in Node.js, React.js, and Azure to build scalable web applications, secure APIs, and modern UIs. The role involves cloud deployment, CI/CD, and mentoring in an Agile environment.

Experience: 4+ years with at-least 2-3 years in client facing advisory consulting role and managing a medium sized team Preferred Certifications: CISSP, CEH, OSCP, CSSLP, or GWAPT or equivalent are a plus Desired skill set: 1. Conduct thorough manual and automated static code analysis using tools like SonarQube, Checkmarx, Fortify, and others to identify vulnerabilities in the source code of applications. 2. Perform detailed reviews of source code to identify security vulnerabilities, coding errors, and non-compliance with security standards. 3. Strong knowledge of secure coding practices and security vulnerabilities, particularly those listed in the OWASP Top 10 (e.g., SQL injection, XSS, CSRF, etc.). 4. Experience with static application security testing (SAST) tools such as Checkmarx, SonarQube, Fortify, or similar tools. 5. Hands-on experience in reviewing code for common vulnerabilities in languages like Java, C/C++, Python, JavaScript, PHP, Ruby, .NET, or Go. 6. Strong understanding of web application security concepts, including HTTP(S), API security, cookies, sessions, and authentication mechanisms. 7. Familiarity with modern software development frameworks (e.g., Spring, Django, Angular, React) and how to secure them. 8. Knowledge of common software security vulnerabilities, including injection flaws, data leakage, broken authentication, broken access control, improper cryptography, and insecure deserialization. 9. Familiarity with dynamic application security testing (DAST) tools, penetration testing, and fuzz testing for finding runtime vulnerabilities. 10. Experience with version control systems such as Git to facilitate code reviews and secure collaboration. 11. Strong problem-solving skills and the ability to communicate complex security concepts to non-technical stakeholders. 12. Familiarity with the Secure Development Lifecycle (SDL) and integrating security into the development and deployment processes. 13. Experience with cloud-native security practices and securing cloud-based applications (e.g., AWS, Azure, GCP). 14. Strong understanding of DevSecOps and integrating security into CI/CD pipelines. 15. Evaluate code for common security issues such as injection flaws, cross-site scripting (XSS), broken authentication, and other OWASP Top 10 vulnerabilities. 16. Provide actionable recommendations to developers on how to remediate identified vulnerabilities and improve overall code security. 17. Keep up-to-date with the latest security threats, vulnerabilities, and technology trends to ensure the organizations code remains secure.

Lead the design, development, and deployment of scalable, secure backend systems using Java, J2EE, and GoLang. Architect and implement robust RESTful APIs and microservices aligned with enterprise cloud-native standards. Collaborate closely with DevOps, QA, and frontend teams to deliver end-to-end product functionality. Set coding standards, influence architectural direction, and drive adoption of best practices across backend systems. Own performance tuning, monitoring, and high availability for backend services using tools like Prometheus, ELK, and Grafana. Implement security, compliance, and privacy by design principles in backend systems. Lead incident response and resolution of complex production issues across multi-cloud environments (e.g., AWS, Azure, OCP). Mentor and guide junior developers and contribute to team-wide knowledge sharing and skill development. Actively participate in Agile ceremonies and contribute to continuous delivery and process improvement. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 11+ years of backend software development experience focused on scalable, secure, cloud-native enterprise systems. Deep expertise in Java, J2EE, and GoLang for building distributed backend systems. Advanced experience in architecting and implementing RESTful APIs, service meshes, and inter-service communication. Expert in Postgres or equivalent RDBMS — data modeling, indexing, and performance optimization at scale. Proven track record with microservices architecture, including Docker, Kubernetes, and service deployment patterns. Expert-level familiarity with backend-focused CI/CD tooling (Jenkins, GitLab CI/CD, ArgoCD) and IaC tools (Terraform, CloudFormation). Strong knowledge of monitoring/logging tools such as Prometheus, Grafana, ELK, and Splunk, focusing on backend telemetry and observability. Experience deploying applications on cloud platformsAWS (EKS, ECS, Lambda, CloudFormation), Azure, or GCP. Familiarity with DevSecOps, secure coding practices, and compliance-aware architecture for regulated environments. Proficient in integration, load, and unit testing using JMeter, RestAssured, JUnit, etc. Leadership in backend architecture, performance tuning, platform modernization, and mentoring of technical teams. Effective cross-functional collaboration skills in multi-team, multi-region environments. Preferred technical and professional experience Deep understanding of backend architecture patterns including microservices, event-driven architecture, and domain-driven design. Experience implementing security and privacy by design principles in cloud-native backend systems. Hands-on expertise with cryptographic protocols and standards such as TLS, FIPS, and experience integrating with Java security frameworks (e.g., JCE, Spring Security). Strong grasp of secure coding practices, with experience identifying and mitigating OWASP Top 10 vulnerabilities. Exposure to designing and developing shared platform services or backend frameworks reused across products or tenants (e.g., in multi-tenant SaaS environments). Familiarity with API security patterns, including OAuth2, JWT, API gateways (e.g., Kong, Apigee). Prior experience working on compliance-oriented systems (e.g., SOC2, HIPAA, FedRAMP) or architecting for high-assurance environments. Proficiency with Shell scripting, Python, or Node.js for infrastructure automation or backend utilities.

7-10 years of development experience in high-volume, SAAS platforms. Minimum 3-5 years of experience in an Agile development environment (Scrum or Kanban preferred) as a technical lead or manager. Proven experience leading teams in building scalable, robust, secure, and cloud-based software applications. Technical Skills: Proficiency in modern development languages and frameworks such as, Java, C#, and others. Strong knowledge of front-end technologies like Angular, as well as back-end technologies including Oracle/PostgreSQL databases. Expertise in Microservices architecture, cloud-based application development, and automation frameworks like Jenkins and Git. In-depth experience with Azure Cloud services, including deployment, management, and optimization of cloud-based applications. Strong understanding of secure coding practices, cybersecurity principles, and compliance with security standards. Roles and Responsibilities Leadership and Team Building: Lead and mentor a Scrum team of engineers working on a greenfield project, fostering a culture of continuous improvement and innovation. Provide technical leadership in developing software applications and solutions based on documented business and system requirements. Collaborate closely with the Product Team to participate in the creation of new products from scratch, ensuring alignment with business objectives. Development and Delivery: Design and develop software applications with a focus on stability, scalability, security, and performance. Own the delivery schedule and ensure the quality of work by providing accurate estimates and managing the development process effectively. Write, edit, and debug code across all layers of the stack, including front-end, back-end, and database layers. Utilize Test-driven Development (TDD) and Behavior-driven Development (BDD) techniques to create detailed, executable designs for solutions. Implement secure coding practices and ensure that all developed applications adhere to industry security standards.

Project Role :Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Dynamic Application Security Testing (DAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with cross-functional teams to assess security vulnerabilities, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive monitoring and response to potential threats, contributing to the overall security posture of the organization while continuously enhancing your knowledge of emerging security technologies and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard enterprise assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Dynamic Application Security Testing (DAST), Penetration Testing.- Strong understanding of web application security principles and practices.- Experience with security testing tools and methodologies.- Knowledge of secure coding practices and application development lifecycles.- Familiarity with compliance frameworks such as OWASP, NIST, and ISO. Additional Information:- The candidate should have minimum 3 years of experience in Dynamic Application Security Testing (DAST).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Dynamic Application Security Testing (DAST) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME in DAST, cloud security, and application security testing.- Lead and mentor a security testing team; take ownership of team decisions and direction.-Collaborate with development, operations, and product teams to integrate security practices across CI/CD pipelines (DevSecOps) for DAST.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to ensure compliance with established security policies.- Develop and maintain security documentation, including policies, procedures, and guidelines.- Engage with business stakeholders and technical teams to define cloud security controls and architecture, ensuring alignment with business needs and performance goals.- Conduct regular security assessments, audits, and gap analyses.- Develop, update, and maintain security documentation, including policies, procedures, technical guidelines, and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Dynamic Application Security Testing (DAST).- Strong understanding of cloud security principles and practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with threat modeling and risk assessment methodologies.- Knowledge of secure coding practices and application security testing tools.- Strong understanding of cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Additional Information:- The candidate should have minimum 7.5 years of experience in Dynamic Application Security Testing (DAST).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Dynamic Application Security Testing (DAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with cross-functional teams to assess security vulnerabilities, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive monitoring and response to potential threats, contributing to the overall security posture of the organization while continuously enhancing your knowledge of emerging security technologies and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard enterprise assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Dynamic Application Security Testing (DAST), Penetration Testing.- Strong understanding of web application security principles and practices.- Experience with security testing tools and methodologies.- Knowledge of secure coding practices and application development lifecycles.- Familiarity with compliance frameworks such as OWASP, NIST, and ISO. Additional Information:- The candidate should have minimum 3 years of experience in Dynamic Application Security Testing (DAST).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Application Security Architecture and Design Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A DevSecOps SME ensures that security is seamlessly integrated into every phase of the software development lifecycle (SDLC). They work at the intersection of development, security, and operations to automate security checks, identify vulnerabilities early, and maintain compliance with security standards, enabling secure, fast, and reliable software delivery Roles & Responsibilities:-The DevSecOps SME is responsible for embedding security practices into DevOps workflows. This includes automating security testing, managing secure CI/CD pipelines, and collaborating with development and operations teams to ensure that applications are built and deployed securely. They monitor systems for vulnerabilities, respond to incidents, and continuously improve security controls and processes. -This role requires a strong understanding of application security, cloud infrastructure, automation tools, and secure coding practices. The analyst also plays a key role in educating teams on security best practices and ensuring compliance with industry regulations. oCI/CD-Experience with Jenkins, GitLab CI, Azure DevOps, or similar tools.-Infrastructure as Code (IaC):Familiarity with Terraform, Ansible, or CloudFormation.-Automation Scripting:Proficiency in scripting languages like Python, Bash, or PowerShell.-Cloud Platforms:Knowledge of AWS, Azure, or GCP security services and best practices.-Containers & Orchestration:Experience with Docker and Kubernetes, including securing containerized environments. Professional & Technical Skills: -Security Integration:Embed security tools and practices into CI/CD pipelines to ensure secure code deployment.-Demonstrate a profound comprehension of security architecture, capable of creating, assessing, and revising secure solutions that promote scalability, adaptability, and reusability. -Act as the subject matter expert (SME) responsible for guiding and making security architecture decisions across all aspects of Accenture client presales, proposal design, and integration within client ecosystems. -Develop and uphold reusable security architecture and design patterns for utilization. -Create, devise, and troubleshoot intricate security implementations, overseeing the development of High-Level Design (HLD) and Low-Level Design (LLD) documents.-Vulnerability Management:Identify, assess, and remediate vulnerabilities in applications and infrastructure.-Automation:Develop and maintain scripts and tools to automate security testing and compliance checks. Additional Information:- The candidate should have minimum 2 years of experience in Application Security Architecture and Design.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Dynamic Application Security Testing (DAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with cross-functional teams to assess security vulnerabilities, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive monitoring and response to potential threats, contributing to the overall security posture of the organization while continuously enhancing your knowledge of emerging security technologies and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard enterprise assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Dynamic Application Security Testing (DAST), Penetration Testing.- Strong understanding of web application security principles and practices.- Experience with security testing tools and methodologies.- Knowledge of secure coding practices and application development lifecycles.- Familiarity with compliance frameworks such as OWASP, NIST, and ISO. Additional Information:- The candidate should have minimum 3 years of experience in Dynamic Application Security Testing (DAST).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Dynamic Application Security Testing (DAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with cross-functional teams to assess security vulnerabilities, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive monitoring and response to potential threats, contributing to the overall security posture of the organization while continuously enhancing your knowledge of emerging security technologies and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard enterprise assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Dynamic Application Security Testing (DAST), Penetration Testing.- Strong understanding of web application security principles and practices.- Experience with security testing tools and methodologies.- Knowledge of secure coding practices and application development lifecycles.- Familiarity with compliance frameworks such as OWASP, NIST, and ISO. Additional Information:- The candidate should have minimum 3 years of experience in Dynamic Application Security Testing (DAST).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role Security Architect Project Role Description Define the cloud security framework and architecture ensuring it meets the business requirements and performance goalsDocument the implementation of the cloud security controls and transition to cloud securitymanaged operations Must have skills Dynamic Appcation Security Testing (DAST) Good to have skills Minimum . year(s) of experience is required Educational Quafication years full time education Summary As a Security Architect you will define the cloud security framework and architecture ensuring it meets the business requirements and performance goalsYour typical day will involve collaborating with various teams to assess security needs documenting security controls and transitioning to cloud securitymanaged operations all while ensuring compance with industry standards and best practices Roles & ResponsibitiesExpected to be an SME in DAST cloud security and appcation security testing.Lead and mentor a security testing team; take ownership of team decisions and direction.Collaborate with development operations and product teams to integrate security practices across CI/CD pipenes (DevSecOps) for DAST.Collaborate and manage the team to perform.Responsible for team decisions.Engage with multiple teams and contribute on key decisions.Provide solutions to problems for their immediate team and across multiple teams.Conduct regular security assessments and audits to ensure compance with estabshed security pocies.Develop and maintain security documentation including pocies procedures and guidenes.Engage with business stakeholders and technical teams to define cloud security controls and architecture ensuring agnment with business needs and performance goals.Conduct regular security assessments audits and gap analyses.Develop update and maintain security documentation including pocies procedures technical guidenes and standards Professional & Technical Skills Must To Have Skills Proficiency in Dynamic Appcation Security Testing (DAST).Strong understanding of cloud security principles and practices.Experience with security frameworks such as NIST ISO or CIS.Famiarity with threat modeng and risk assessment methodologies.Knowledge of secure coding practices and appcation security testing tools.Strong understanding of cloud security (AWS Azure GCP) and container security (Docker Kubernetes) Additional InformationThe candidate should have minimum years of experience in Dynamic Appcation Security Testing (DAST).This position is based at our Pune office.A years full time education is required.

Lead the design, development, and deployment of scalable, secure backend systems using Java, J2EE, and GoLang. Architect and implement robust RESTful APIs and microservices aligned with enterprise cloud-native standards. Collaborate closely with DevOps, QA, and frontend teams to deliver end-to-end product functionality. Set coding standards, influence architectural direction, and drive adoption of best practices across backend systems. Own performance tuning, monitoring, and high availability for backend services using tools like Prometheus, ELK, and Grafana. Implement security, compliance, and privacy by design principles in backend systems. Lead incident response and resolution of complex production issues across multi-cloud environments (e.g., AWS, Azure, OCP). Mentor and guide junior developers and contribute to team-wide knowledge sharing and skill development. Actively participate in Agile ceremonies and contribute to continuous delivery and process improvement. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 6+ years of backend software development experience focused on scalable, secure, cloud-native enterprise systems. Deep expertise in Java, J2EE, and GoLang for building distributed backend systems. Advanced experience in architecting and implementing RESTful APIs, service meshes, and inter-service communication. Expert in Postgres or equivalent RDBMS — data modeling, indexing, and performance optimization at scale. Proven track record with microservices architecture, including Docker, Kubernetes, and service deployment patterns. Expert-level familiarity with backend-focused CI/CD tooling (Jenkins, GitLab CI/CD, ArgoCD) and IaC tools (Terraform, CloudFormation). Strong knowledge of monitoring/logging tools such as Prometheus, Grafana, ELK, and Splunk, focusing on backend telemetry and observability. Experience deploying applications on cloud platformsAWS (EKS, ECS, Lambda, CloudFormation), Azure, or GCP. Familiarity with DevSecOps, secure coding practices, and compliance-aware architecture for regulated environments. Proficient in integration, load, and unit testing using JMeter, RestAssured, JUnit, etc. Leadership in backend architecture, performance tuning, platform modernization, and mentoring of technical teams. Effective cross-functional collaboration skills in multi-team, multi-region environments. Preferred technical and professional experience Deep understanding of backend architecture patterns including microservices, event-driven architecture, and domain-driven design. Experience implementing security and privacy by design principles in cloud-native backend systems. Hands-on expertise with cryptographic protocols and standards such as TLS, FIPS, and experience integrating with Java security frameworks (e.g., JCE, Spring Security). Strong grasp of secure coding practices, with experience identifying and mitigating OWASP Top 10 vulnerabilities. Exposure to designing and developing shared platform services or backend frameworks reused across products or tenants (e.g., in multi-tenant SaaS environments). Familiarity with API security patterns, including OAuth2, JWT, API gateways (e.g., Kong, Apigee). Prior experience working on compliance-oriented systems (e.g., SOC2, HIPAA, FedRAMP) or architecting for high-assurance environments. Proficiency with Shell scripting, Python, or Node.js for infrastructure automation or backend utilities.

Job Purpose An ICE Application Security Engineer is part of a team responsible for ensuring that ICE produces and maintains secure applications. This team member influences secure design, performs code analysis, identifies vulnerabilities through hands-on penetration testing, assists developers in remediation efforts, and communicates findings to developers, QA teams and management. Responsibilities Application Identification and Review - Operates the Application Development Security Lifecycle from design review through automated and hands-on testing. Standards and Policies - Maintains and contributes to Application Development Security Policies and standards by keeping up with industry trends and publications from organizations such as NIST, OWASP, and SANS. Secure Design Works with development teams to establish security requirements early in the SDLC and contributes security subject matter expertise during the development of new projects and releases. Tool Management Focuses on automation while implementing, maintaining and integrating cutting-edge technologies to assess an applications security with static code analyzers (SAST), dynamic testing (DAST) tools, software composition scanners, Web Application Firewall (WAF) and bug bounty programs. Developer Education Keeps software engineers apprised of secure coding practices and builds strong rapport and respect with the ICE application development community via training sessions, one-on-one education, Intranet blogs and other opportunities. Knowledge and Experience University degree in Computer Science, Engineering, MIS, CIS, or related discipline Software engineering experience in Java, C++, .NET and/or related languages Expert at deploying, configuring, and using SAST, DAST, and Software Composition in large environments Experience designing solutions to integrate transparently with the CI/CD pipeline Familiarity with application development in large cloud environments

Frontend / UI Development Develop modular and maintainable UI components using React.js and TypeScript Implement state management with Redux and maintain a consistent and predictable UI state Create responsive, accessible, and high-performance interfaces aligned with modern UX standards Collaborate closely with designers and product managers to refine user interactions Optimize rendering performance and front-end scalability for dynamic applications Ensure consistency in design through reusable components and design systems Backend Development Develop backend services and APIs with Node.js and TypeScript Implement secure, well-structured, and testable server-side logic Ensure robust integration between frontend and backend systems Data Layer – MongoDB, Elasticsearch, Neo4j Work extensively with MongoDB for schema design, indexing, and efficient querying Integrate and query data using Elasticsearch to support dynamic content and lookup operations Model and query complex relationships using Neo4j and Cypher Design APIs and data flows that span across these technologies to power application logic Cloud & AI Integration Use Azure and AWS SDKs and services for application-level tasks (e.g., function invocation, storage access, API integration) Integrate with OpenAI APIs and implement secure, efficient communication between application logic and AI endpoints R equired Skill Set: Strong proficiency in React.js, TypeScript, Redux, HTML5, CSS3 Expertise in Node.js, Python and backend API development Hands-on experience with MongoDB, Elasticsearch, and Neo4j in production applications Experience working with cloud platforms such as Azure and AWS at the application layer Comfortable integrating and handling responses from OpenAI APIs or similar AI/LLM services Deep understanding of RESTful APIs, version control (Git), testing, and secure coding practices Solid debugging and performance optimization skills on both client and server side Nice to Have: Experience with UI testing frameworks (Jest, React Testing Library) Familiarity with WebSockets or GraphQL Exposure to micro-frontend architecture or component-driven development Prior work in AI-integrated user interfaces or intelligent assistants Experience with access control patterns and secure data handling in frontend applications Soft Skills: Strong ownership and attention to detail Excellent problem-solving and debugging skills Ability to work collaboratively with cross-functional teams Clear communication and proactive attitude