11 Secure Sdlc Jobs

About Narayana Health: Narayana Health is headquartered in Bengaluru, India, and operates a network of hospitals in India and Overseas. The mission of Narayana Health is to deliver high-quality, affordable healthcare services to the broader population. The Narayana Health Group is India's leading healthcare provider and one of the largest hospital groups in the country with a network of 21 hospitals, 5 heart centers, and 19 primary care facilities. Annually, the NH group treats over 2.6 Million patients from over 78 countries covering 30+ medical specialties. The Centers of Excellence at Narayana Health help in treating Adult & Pediatric patients, with one of the largest transplant centers in India. The presence of Narayana Health spans across 17 locations in India and includes an overseas hospital in the Cayman Islands, USA. Additionally, two hospitals have international accreditation from the Joint Commission International (JCI), and 19 hospitals have domestic accreditation from the National Accreditation Board for Hospitals (NABH). About Athma: Athma is the Software Development Centre of Narayana Health, dedicated to building next-generation products for healthcare with the aim of making healthcare safe and affordable for patients. Athma's products handle over 10M transactions daily and assist 7M patients in navigating their health journeys. Athma SDC is focused on transforming healthcare through technology, making it more personalized, accessible, and effective for Indian users. Role: Senior Security Architect As a vital member of the team, the Application Security Architect at Athma will play a crucial role in fortifying the organization's application security. Responsibilities include implementing and enhancing security measures, ensuring compliance, and collaborating with cross-functional teams to safeguard products. Key Responsibilities: - Develop and integrate security measures throughout the software development life cycle. - Conduct security testing for mobile/web applications. - Work with Cybersecurity solutions, including Web and Mobile application security, and API Management. - Oversee and ensure compliance with regulatory standards and security best practices. - Provide guidance in code reviews, emphasizing secure coding practices. - Collaborate with cross-functional teams for security risk assessments, incident response, and remediation efforts. - Communicate security concepts effectively to both internal and external stakeholders. - Understand and apply knowledge of enterprise architecture, operations, and security controls. - Possess relevant certifications in application security and cybersecurity. Experience: 8 to 13 Years Required Skills: - Java-based Technologies & Spring Security: - Hands-on experience in securing applications developed using Java, focusing on frameworks like Spring, Spring Boot, and Spring Security. - In-depth knowledge of authentication, authorization, and other security functionalities provided by Spring Security. - Ability to identify and mitigate Java-specific security vulnerabilities. - Secure SDLC and Threat Modeling: - Proven experience in implementing security throughout the software development life cycle. - Ability to apply threat modeling methodologies for designing secure applications. - Security Testing: - Proficiency in conducting security testing for mobile applications and APIs. - Experience with SCA, SAST, DAST, and other relevant security testing tools. - Cyber Security Solutions: - Familiarity with Cyber Security solutions, including Web/Mobile Application Security and API Management. - Knowledge of Assessment frameworks and compliance obligations. - Compliance and Standards: - Experience in overseeing and ensuring compliance with security standards. - Implementation and maintenance of security controls to meet compliance requirements. - Code Reviews and Communication: - Ability to provide guidance in code reviews, emphasizing security best practices. - Strong communication skills to articulate complex security concepts to diverse stakeholders. - Cross-functional Collaboration: - Proven collaboration skills with cross-functional teams for security risk assessments and incident response. - Enterprise Knowledge: - Strong understanding of enterprise architecture, operations, and security controls.,

Senior Cyber Security Partner | 8+ yrs exp | Lead threat modeling, secure SDLC, cloud security (AWS/Azure/GCP), compliance (OWASP/NIST/ISO), incident response, mentoring, and tool evaluation. Pref: CISSP/CISM/CEH. Hybrid – Bengaluru.

Project description We are seeking a seasoned Solution Architect with deep expertise in designing and securing complex web and mobile application ecosystems. This role requires a strategic mindset combined with hands-on technical proficiency to assess risks, define robust security architectures, and drive secure development practices across the SDLC. Responsibilities Architect and implement security solutions for web and mobile platforms, aligned with business objectives and compliance standards. Should have experience with Backbase, additiv, Crealogix, and Avaloq. Perform threat modeling, application security assessments, static and dynamic code reviews, and vulnerability analyses. Define security requirements and best practices across the Secure Software Development Lifecycle (SDLC). Lead penetration testing initiatives and collaborate with cross-functional teams to mitigate identified risks. Establish governance and control frameworks to ensure ongoing security posture management. Advise development and infrastructure teams on secure design patterns and architectural decisions. Stay current with emerging threats, technologies, and industry trends. Proven experience building and securing scalable web and mobile applications. Deep understanding of application security principles, secure architecture, and risk management. Proficiency in tools and methodologies for penetration testing, code analysis, and vulnerability assessment. Strong knowledge of Secure SDLC practices and integration of security into CI/CD pipelines. Excellent communication skills to engage stakeholders, developers, and leadership. Skills Must have Overall, 10+ years of experience as a Solution Architect. Proven experience in building and securing web and mobile applications. Strong knowledge of security architecture and secure coding principles. Hands-on experience in Application security assessments Penetration testing Vulnerability assessment Secure SDLC practices Static code review tools (e.g., Fortify, Checkmarx, SonarQube) Familiarity with OWASP Top 10 and CWE/SANS Top 25 Excellent problem-solving and communication skills Nice to have Certified Secure Software Lifecycle Professional (CSSLP) Experience with cloud security (AWS, Azure, GCP) Knowledge of regulatory and compliance frameworks (e.g., ISO 27001, GDPR, PCI-DSS)

As an organization focused on re-imagining agricultural insurance through the innovative integration of Public Cloud, GIS, Remote-sensing, and cutting-edge AI-based algorithms, we at Kshema are dedicated to empowering the future of agricultural insurance. Leveraging the latest advancements in Mobile and Geospatial technologies, we are committed to revolutionizing the industry. We are currently seeking a Chief Information Security Officer (CISO) who will play a pivotal role in driving our cyber security strategy and ensuring strict compliance with regulatory and statutory guidelines pertaining to information and cyber security. As the CISO, you will be entrusted with the responsibility of enforcing policies aimed at safeguarding the organization's information assets and coordinating all information/cyber security-related matters internally and externally. **Key Responsibilities:** - Develop a comprehensive Information Security Roadmap for the organization with a forward-looking perspective. - Establish and oversee an enterprise-wide information security and IT risk management program. - Lead the implementation and review of Hardware, Network, and Software Security Standards and Controls to fortify systems, data, and assets against internal and external threats. - Implement Security Assessment and Testing Processes, including Penetration Testing, Secure Software Development, and Vulnerability Management. - Identify and deploy cutting-edge Security Products/Tools for various purposes. - Proactively monitor and address security issues, potential threats, and vulnerabilities to enhance security standards continually. - Conduct Information Security awareness training for all employees. - Execute Security Assessment practices such as Audits and Reviews. - Provide strategic guidance and consultation for IT Projects, including security risk assessments. - Conduct real-time analysis, investigations, and forensics when necessary to enhance security measures. - Develop strategies to manage security incidents and conduct investigations. - Maintain regular communication with stakeholders on Information and Data Security Practices and Activities. - Implement a strategy for deploying information security technologies to mitigate cyber-attack risks. - Continuously evaluate current IT security practices and systems for enhancement. - Ensure compliance with the latest regulations and requirements. - Develop and implement business continuity plans. **Desired Skills and Experience:** - Engineering Graduate/Post-Graduate in fields such as Computer Science, IT, Electronics, Communications, or Cyber Security. - Minimum of 15 years" experience in risk management, information security, or cyber security. - Profound knowledge of information security management frameworks like ISO/IEC 27001 and NIST. - Familiarity with DevSecOps, Secure SDLC, Security Automation, Security Testing, DR & BCP Concepts. - Experience in financial forecasting and budget management. - Understanding of Industry Security Standards, Protocols, and Data Privacy Regulations. - Ability to navigate ambiguity and devise solutions for complex problems. - Experience in contract and vendor negotiations and management. - Proficiency in Agile software development practices. - Collaboration skills to work effectively with cross-functional teams. - Relevant certifications such as CISSP, CEH, CISA, and CISM are advantageous. - Hands-on experience in designing, implementing, and operating security in public clouds like AWS, Azure, Oracle, or GCP. - Strong written and verbal communication skills with a high level of integrity. - Excellent presentation skills. Join us at Kshema and be a part of our mission to redefine agricultural insurance through innovation and technology.,

Who are we? FalconX is a pioneering team of operators, investors, and builders committed to revolutionising institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever-evolving cryptocurrency landscape. Who is on the team? We are entrepreneurs. Many in our company have been founders or have aspirations to eventually start their own company. We take these ambitions and experiences to bring a solutions-oriented mindset to the problems we encounter day-to-day. We have been fortunate to have learned from mentors and peers at institutions such as Google, LinkedIn, JUMP Trading, Citadel, PEAK6 Investments, Goldman Sachs, JP Morgan, Harvard Business School, Carnegie Mellon, IIT, IIM +more. The team you would report to all have technical backgrounds in Application Security and Product Security. They cover a wide variety of products that fall within Cryptocurrency, High-Frequency Trading, and AI systems. In this role, youll dive deeply into these product lines and provide guidance as well as implementation when needed. Responsibilities : Engineer systems and internal security tools to improve application security across all of FalconX via SSDLC improvements; Interface with the rest of Engineering on the security of Falconxs software products (Cryptocurrency; High Frequency Trading; AI systems). Youll provide guidance / recommendations / and drive the Engineers to implement your recommendations. Review and provide eng-design / architectural guidance for application systems Occasional Vulnerability Management Occasional Pentesting Educate and Train Engineers on Application Security fundamentals Execute and improve security reviews and consulting processes with runbooks and automation. Knowledge, Skills & Abilities : Strong software engineering skills in Python, Golang or Ruby. You have a past of writing production-grade code and can comfortably interact with SWEs throughout FalconX. Bonus points if you have a background of security exposure in the contexts of cryptocurrency, high-frequency trading system, or AI development Proven impact in two or more of the following AppSec domains: AppSec Education and Training, API Security, Implementation of a SSDLC, App-Layer Pentesting (BurpSuite), Manual / Automated Secure Code Reviews (SAST Tools, DAST Tools), Application Security Architecture and Design, Implementation of Security Controls (Encryption; MFA / RBAC Permissions; etc), OWASP Top Ten, BSIMM / OpenSAMM Proficiency in threat modeling risks to product applications / associated infrastructure and driving the implementation of preventative controls in partnership with Engineering. Technical Project Management Strong familiarity with what a secure SDLC should look like and tools / techniques to implement an SSDLC Ability to collaborate with internal and external stakeholders while prioritizing tasks and work independently under minimal supervision. Vulnerability management, incident response Qualifications : Minimum of 6+ years of direct experience as a Software Engineer / Software Architect in Python, Ruby, Go, etc Minimum of 6+ years of direct experience in Product or Application Security as a hands-on-keyboard AppSec or ProdSec Engineer / Consultant Practical experience performing detailed application-layer risk assessments, performing secure code reviews, doing eng-design reviews with Engineers Exceptional written and verbal communication skills Strong technical curiosity within the spaces of Cryptocurrency, AI, and High Frequency Trading Systems

Application & product security, including threat modeling and secure SDLC Cloud security (AWS/GCP/Azure), container security (Docker, Kubernetes & API protection DevSecOps- automation in IaC & CI/CD pipelines Scripting (Python/Shell), Linux security Required Candidate profile Sr Security Egr - 7+ yrs exp. to lead & enhance security across the SDLC. expertise in application security, threat modeling, cloud security (AWS/GCP/Azure), DevSecOps practices & strong communication

Role & responsibilities Application & product security, including threat modeling and secure SDLC Cloud security (AWS/GCP/Azure), container security (Docker, Kubernetes & API protection DevSecOps- automation in IaC & CI/CD pipelines Scripting (Python/Shell), Linux security Preferred candidate profile With more than 7+ years of Total industry experience Advanced experience in securing applications and application settings Advanced experience in app and product security Advanced understanding in securing cloud technologies Experience with technologies from at least one public cloud (AWS, GCP, Azure) Experience in securing containerization (Docker, K8s, etc) and API Experience with modern DevSecOps practices including implementing automated security in IaC and CI/CD pipelines Strong scripting skills Python/Shell Scripting experience Mid to advanced level Linux knowledge in a physical, virtual, or public cloud environment. Exceptional verbal and written communication skills are necessary to effectively collaborate with peers, and to present and explain highly technical information to stakeholders who may have limited technical knowledge. Bonus Points: CISSP, CASP+, GSLC, CISM certified. Qualifications Bachelor's or Master's degree in Computer Science, Engineering, or a related field.

Senior Manager, Corporate Security – Application Security Architect Remote Job Description About Corporate Security Cognizant Corporate Security, a key organization within Cognizant Technology Solutions, is chartered with managing and directing the global enterprise physical and logical security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management and various other groups, and is responsible for identifying security initiatives and standards. Corporate Security drives security compliance and serves as the key organization responsible with helping the business appropriately manage security risks. Position Description Cognizant is searching for an experienced Application Security Architect who can lead application security initiatives for product teams in the Cognizant Healthcare division. This will include day-to-day collaboration with product teams, ensuring that they meet Cognizant Security requirements and architectural standards in addition to regulatory and contractual obligations. This will also include reviewing application designs to ensure security is part of each product from the start. You would ensure solutions are appropriately assessed prior to release, and work with product teams to prioritize remediation of findings from security activities. This is not an assessment/testing role; although testing experience will be beneficial, the role is for design-level review and guidance. To excel in this role, you will need the following: 5+ years of application security and secure coding experience. Expertise in implementing a secure SDLC within an Agile framework for new and existing applications. Expertise in designing and implementing application security controls across complex and diverse environments. Experience reviewing testing/scanning results and communicating the technical implications to development teams. Ability to assess real-world risk and communicate that in technical and business/management contexts. Exceptional verbal and written communication skills, including the development of reports and best practices documents. An attitude of always learning, sharing your knowledge with the team, and collaborating across multiple security teams. Strong attention to detail and self-organization skills. Experience working remotely and with geographically separated teams. Additional preference for candidates who: Have done application development in large-scale environments. Have conducted threat models. Have integrated application security practices into CI/CD pipelines and DevOps environments. Have experience with Java and .NET. Have secured applications in Cloud environments (especially Azure). Understand network and infrastructure security. Have conducted application testing (SAST, DAST, and manual assessments). Obtained relevant GIAC or Offensive Security certifications. About Cognizant Technology Solutions Cognizant is a leading provider of Information Technology, Consulting, IT Infrastructure, and Business Process Outsourcing services. Cognizant’s single-minded mission is to dedicate our business process and technology innovation know-how, deep industry expertise, and worldwide resources to working together with customers to make their businesses stronger. As a customer-centric, relationship-driven partner, we are redefining the way companies experience and benefit from global services. Our unique delivery model is infused with a distinct culture of high customer satisfaction. Cognizant delivers a trusted partnership, cost reductions and business results. Cognizant is a member of the NASDAQ-100, the S&P 500, the Forbes Global 2000, and the Fortune 500. Cognizant is ranked among the top performing and fastest growing companies in the world. Visit us online at http://www.cognizant.com/ or follow us on Twitter: Cognizant. Cognizant is an Equal Opportunity Employer M/F/D/V. Cognizant is committed to ensuring that all current and prospective associates are afforded equal opportunities and treatment and a work environment free of harassment.

Conduct threat modeling, enforce Secure SDLC, embed security in CI/CD pipelines, and collaborate with teams to identify risks and drive remediation early in the development lifecycle. Required Candidate profile Candidate should have a Bachelor's in CS or related field with strong knowledge of AppSec, DevSecOps, and secure coding practices.

Strong C/C++ skills, multithreading expertise, and hands-on experience in networking and security protocols. Work on cutting-edge technologies in a collaborative R&D environment driving the digital transformation of the print industry. Required Candidate profile Experience in network programming using TCP/IP, sockets, and familiarity with application protocols like HTTP/S, SNMP, FTP, IPP, LPR, WSD, Bonjour.

Dear Candidate, We are hiring a Security Engineer to design and implement secure systems across cloud and application environments. Ideal for engineers excited about threat modeling and proactive defense. Key Responsibilities: Perform security assessments and code reviews Develop security policies and incident response procedures Implement security controls in cloud and on-prem environments Monitor for vulnerabilities and recommend mitigation Required Skills & Qualifications: Knowledge of OWASP Top 10, secure coding practices Experience with SIEM, IDS/IPS, and vulnerability scanners Familiarity with cloud security (AWS, Azure, GCP) Bonus: Certifications (CISSP, CEH, OSCP) Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies