711 Security Testing Jobs - Page 13

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Consultant Specialist. The full stack Engineering job is responsible for delivering across the Technology delivery lifecycle including inception, construction, testing, release and ongoing management of a product or service in a pod within a Technology team. They will be required to continually enhance their skills within a number of specialisms which include front end, development, security, testing, and operational support. In this role, you will: Provide support across the end-to-end delivery and run lifecycle, utilizing their skills and expertise to carry out software development, testing and operational support activities with the ability to move between these according to demand. End to end accountability for a product or service, identifying and developing the most appropriate Technology solutions to meet customer needs as part of the Customer Journey Liaise with other engineers, architects, and business stakeholders to understand and drive the product or service s direction. Establish a digital environment and automate processes to minimize variation and ensure predictable high-quality code and data. Create technical test plans and records, including unit and integration tests, within automated test environments to ensure code quality. Provide support to DevOps teams working at all stages of a product or service release/change with a strong customer focus and end to end journeys, ensuring they have an excellent domain knowledge. Working with Ops, Dev and Test Engineers to ensure operational issues (performance, operator intervention, alerting, design defect related issues, etc. ) are identified and addressed at all stages of a product or service release / change. Provide support in identification and resolution of all incidents associated with the IT service, as directed by leadership of the DevOps team, Ensure service resilience, service sustainability and recovery time objectives are met for all the software solutions delivered. Responsible for automating the continuous integration / continuous delivery pipeline within a DevOps Product/Service team driving a culture of continuous improvement. Keep up to date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable Requirements To be successful in this role, you should meet the following requirements: Must Have: Java 8 or above, Spring framework along with high experience in 1. Handling multi thread applications, 2. Concurrency Programming, 3. Distributed Transaction, like 2PC/3PC/TCC/Saga, State Machine experience before Some of the behaviours we expect from our engineers: Expertise in governance such as: Production governance Monitoring Risk & Control Support Deeper understanding of component delivery in areas such as: Security Accessibility Leading retros at a pod level. Broader knowledge of cross component dependencies and ownership. Actively improving the system stability and monitoring Understanding of underlying infrastructure components Understanding of tech debt. You ll achieve more when you join HSBC. .

Job description Exp .-4-9 Years Location : Bangalore/Hyderabad/Chennai/Pune/Mumbai Must have skills- Penetration testing, DAST Testing, SAST Testing, OWASP top 10 The candidate should be having experience on various industry based security standards and the relevant tests. The candidate should possess comprehensive experience with various industry-recognized security standards (apart from OWASP, NIST, ISO 27001, and PCI-DSS) and demonstrate proficiency in conducting relevant security assessments and compliance-driven testing based on these frameworks.

About the Role : Looking for Cybersecurity Test Engineer who will be working closely with Hardware, Software and Systems engineering teams to deliver the next generation of Automotive SOC's. Ideal candidate is someone who has strong knowledge and hands on experience with Cybersecurity ISO 21434 standards. He/she should be able to Validate Cybersecurity features for Automotive SOC's and its applications. Responsibilities : - Perform penetration testing of SoC Automotive products. - Establish the Security goals and requirements. - Verification strategies in compliance with ISO 21434. - Develop test specifications, test cases, and test plans for security vulnerability testing. - Scan vulnerabilities with regards to CVSS levels and patch fixing from NIST database. - Perform code-level fuzz testing using open source tools. - Support documentation of test results and collaborate with the development team. - Participate in automating test process within CI/CD environments. - Setup and maintain traceability in compliance with Automotive SPICE requirements. - Experience in tools like OpenVAS, Nmap , wireshark, penetration testing for embedded systems. - Experience in Automotive domain is a must. - Practical experience performing TARA, security concepts and other Cybersecurity Artefacts mentioned in IS021434.

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Position - Salesforce QA (SFDC QA) with Automation (Added advantage) Experience - 6+Years Location - Bangalore A Salesforce QA (SFDC QA) Engineer with automation expertise is highly valuable in ensuring the quality and reliability of Salesforce applications. This role involves testing Salesforce implementations , validating workflows , and automating test cases to improve efficiency. Key Responsibilities: Functional & Regression Testing: Ensure Salesforce applications work as expected across different scenarios. Automation Testing: Utilize tools like Selenium, TestNG, and Apex Test Framework to automate test cases. Integration Testing: Validate third-party integrations with Salesforce. Performance & Security Testing: Ensure the system is optimized and secure. Collaboration with Developers & Admins: Work closely with Salesforce developers and administrators to refine test strategies. Perks & Benefits: Health and Wellness: Healthcare policy covering your family and parents. Food: Enjoy a scrumptious buffet lunch at the office every day (For Bangalore) Professional Development: Learn and propel your career. We provide workshops, funded online courses and other learning opportunities based on individual needs. Rewards and Recognitions: Recognition and rewards programs in place to celebrate your achievements and contributions. Why join Relanto? Health & Family: Comprehensive benefits for you and your loved ones, ensuring well-being. Growth Mindset: Continuous learning opportunities to stay ahead in your field. Dynamic & Inclusive: Vibrant culture fostering collaboration, creativity, and belonging. Career Ladder: Internal promotions and clear path for advancement. Recognition & Rewards: Celebrate your achievements and contributions. Work-Life Harmony: Flexible arrangements to balance your commitments.

Position - Salesforce QA (SFDC QA) with Automation (Added advantage) Experience - 4+Years Location - Bangalore A Salesforce QA (SFDC QA) Engineer with automation expertise is highly valuable in ensuring the quality and reliability of Salesforce applications. This role involves testing Salesforce implementations , validating workflows , and automating test cases to improve efficiency. Key Responsibilities: Functional & Regression Testing: Ensure Salesforce applications work as expected across different scenarios. Automation Testing: Utilize tools like Selenium, TestNG, and Apex Test Framework to automate test cases. Integration Testing: Validate third-party integrations with Salesforce. Performance & Security Testing: Ensure the system is optimized and secure. Collaboration with Developers & Admins: Work closely with Salesforce developers and administrators to refine test strategies. Perks & Benefits: Health and Wellness: Healthcare policy covering your family and parents. Food: Enjoy a scrumptious buffet lunch at the office every day (For Bangalore) Professional Development: Learn and propel your career. We provide workshops, funded online courses and other learning opportunities based on individual needs. Rewards and Recognitions: Recognition and rewards programs in place to celebrate your achievements and contributions. Why join Relanto? Health & Family: Comprehensive benefits for you and your loved ones, ensuring well-being. Growth Mindset: Continuous learning opportunities to stay ahead in your field. Dynamic & Inclusive: Vibrant culture fostering collaboration, creativity, and belonging. Career Ladder: Internal promotions and clear path for advancement. Recognition & Rewards: Celebrate your achievements and contributions. Work-Life Harmony: Flexible arrangements to balance your commitments.

Position - Salesforce QA (SFDC QA) with Automation (Added advantage) Experience - 4+Years Location - Bangalore A Salesforce QA (SFDC QA) Engineer with automation expertise is highly valuable in ensuring the quality and reliability of Salesforce applications. This role involves testing Salesforce implementations , validating workflows , and automating test cases to improve efficiency. Key Responsibilities: Functional & Regression Testing: Ensure Salesforce applications work as expected across different scenarios. Automation Testing: Utilize tools like Selenium, TestNG, and Apex Test Framework to automate test cases. Integration Testing: Validate third-party integrations with Salesforce. Performance & Security Testing: Ensure the system is optimized and secure. Collaboration with Developers & Admins: Work closely with Salesforce developers and administrators to refine test strategies. Perks & Benefits: Health and Wellness: Healthcare policy covering your family and parents. Food: Enjoy a scrumptious buffet lunch at the office every day (For Bangalore) Professional Development: Learn and propel your career. We provide workshops, funded online courses and other learning opportunities based on individual needs. Rewards and Recognitions: Recognition and rewards programs in place to celebrate your achievements and contributions. Why join Relanto? Health & Family: Comprehensive benefits for you and your loved ones, ensuring well-being. Growth Mindset: Continuous learning opportunities to stay ahead in your field. Dynamic & Inclusive: Vibrant culture fostering collaboration, creativity, and belonging. Career Ladder: Internal promotions and clear path for advancement. Recognition & Rewards: Celebrate your achievements and contributions. Work-Life Harmony: Flexible arrangements to balance your commitments.

Job description Exp .-3-10 Years Location : Bangalore/Hyderabad/Chennai/Pune/Mumbai Must have skills- Penetration testing, DAST Testing, SAST Testing, OWASP top 10 The candidate should be having experience on various industry based security standards and the relevant tests. The candidate should possess comprehensive experience with various industry-recognized security standards (apart from OWASP, NIST, ISO 27001, and PCI-DSS) and demonstrate proficiency in conducting relevant security assessments and compliance-driven testing based on these frameworks.

Design, develop, and maintain automated testing frameworks and systems. Collaborate with development teams to write comprehensive unit tests. Participate in the continuous integration and continuous deployment (CI/CD) processes. Analyse test results, troubleshoot issues, and improve the areas of weakness in our applications. Work closely with other engineers and product managers to ensure that all aspects of quality are being addressed throughout the software development lifecycle. Key Responsibilities Develop and execute automated tests to ensure product quality. Design and implement testing tools and frameworks to automate test processes. Enhance and maintain excellent test coverage throughout the software development lifecycle. Collaborate with development teams to understand new features and create appropriate testing strategies. Report, track, and manage any discovered defects. Build fully automated regression suite for Stage and Production Develop CI/CD pipeline to ensure services are thoroughly tested prior to production deployments. What we're Looking For: Minimum of 5 years experience in software quality assurance with a strong focus on automation testing. Experience in developing and maintaining automated testing frameworks like Playwright, Cypress, or Selenium. Experience testing REST APIs with automation tools such as: Postman, Swagger, etc Proficient in programming languages such as Java Script, Type Script or Python. Experience with continuous integration tools like Jenkins or Gitlab. Strong understanding of software QA methodologies, tools, and processes. Excellent problem-solving skills and attention to detail. It s a Plus if You Have Worked on Security testing tools like ZAP, BurpSuite Load and performance testing experience i.e Locust , JMeter etc Prior Experience with Mobile testing tools i.e Appium, protractor Prior experience with the US healthcare system.

Join the Product Security Testing team at ServiceNow, where we help secure the applications our customers rely on. As a new graduate, you ll work alongside experienced engineers to identify and fix security issues in our products. You ll learn how to find vulnerabilities in Java and JavaScript code, understand the security implications of AI-enabled applications, and contribute to building tools that make security testing more efficient. We re looking for someone with a strong engineering mindset, curiosity to learn, and a passion for solving real-world security problems. What You ll Do: Perform security testing on new product features. Review code written in Java, JavaScript, and other languages to identify vulnerabilities. Understand and apply secure development practices throughout the software development lifecycle (SDLC). Collaborate with developers to fix security issues and improve product security. Explore and assess security risks in AI-enabled applications. Contribute to the development of internal tools and automation to support security testing. Stay up to date with the latest trends in application and AI security. What We re Looking For: Passion for security Master s degree in computer science or a related field, with a focus on AI/ML or Cybersecurity. Strong problem-solving and analytical skills.

Req ID: 327416 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Azures Kubernetes Service (AKS) with DataRobot to join our team in Bangalore, Karn taka (IN-KA), India (IN). Duties & Responsibilities: Bachelor s/Master s degree in Computer Science or Data Science 5 to 8 years of experience in software development and with data structures/algorithms 5 to 7 years of experience with programming language Python or JAVA, database languages (e.g., SQL), and no-sql 5 years of experience in developing large-scale platform, distributed systems or networks, experience with compute technologies, storage architecture Strong understanding of microservices architecture Experience building AKS applications on Azure Strong understanding and experience with Kubernetes for availability and scalability of the application in Azure Kubernetes Service Experience in building and deploying applications with Azure, using third-party tools (e.g., Docker, Kubernetes and Terraform) Experience working with AKS clusters, VNETs, NSGs, Azure storage technologies, Azure container registries etc. Good understanding of building Redis, ElasticSearch, and MongoDB applications Preferably have worked with RabbitMQ E2E understanding of ELK, Azure Monitor, DataDog, Splunk and logging stack Experience with development tools, CI/CD pipelines such as GitLab CI/CD, Artifactory, Cloudbees, Jenkins, Helm, Terraforms etc. Understanding of IAM roles on Azure and integration / configuration experience Preferably working on Data Robot setup or similar applications on Cloud/Azure Functional, integration, and security testing; performance validation

QA Automation Engineer (Cypress) Industry & Sector: A fast-scaling provider of digital engineering and quality-assurance services, we empower global enterprises across finance, retail, and SaaS to ship resilient web applications. Our on-site engineering pods in India combine modern test automation, DevOps, and cloud expertise to accelerate release cycles while safeguarding user experience. Role & Responsibilities Design and implement end-to-end UI and API test suites in Cypress aligned with BDD scenarios and risk-based coverage. Integrate automated tests into CI/CD pipelines (Jenkins, GitHub Actions) to enable zero-touch regression and rapid feedback. Collaborate with developers and product owners during sprint grooming to define acceptance criteria, edge cases, and test data. Monitor test execution, analyse flaky results, and drive root-cause debugging for swift defect resolution. Continuously optimise framework architecture, reporting dashboards, and parallel execution for speed and stability. Champion quality culture by mentoring junior QA members and embedding shift-left testing practices across teams. Skills & Qualifications Must-Have 5 8 years hands-on automation experience with Cypress and JavaScript/TypeScript. Solid grasp of RESTful API testing using Postman or similar libraries. Proficiency with Git-centred workflows and merging strategies. Working knowledge of CI/CD tooling (Jenkins, GitLab, or Azure DevOps). Understanding of Agile/Scrum ceremonies and story-pointing. Ability to author modular, maintainable test code and articulate defects clearly. Preferred Exposure to contract testing, visual regression, or component testing. Experience testing micro-services hosted on AWS, Azure, or GCP. Knowledge of performance or security testing basics. Familiarity with containerised execution via Docker. ISTQB or equivalent certification. Prior mentorship or lead responsibilities in QA teams. Benefits & Culture Highlights On-site, collaborative workspace with dedicated innovation lab and latest testing gear. Continuous learning budget covering certifications, conferences, and community events. Performance-linked bonuses and clear growth pathway into Lead/Architect tracks.

Role Documentum DevOps/SecOps Engineer Visit our website bmwtechworks.in to know more. Follow us on LinkedIn I Instagram I Facebook I X for the exciting updates. What awaits you/ Job Profile Highly motivated and skilled DevOps/SecOps Engineer to lead the automation and security efforts for our Documentum-based systems. Strong background in DevOps principles, experience with CI/CD pipelines, and a passion for integrating security into the software development lifecycle. Responsible for automating deployments, monitoring system performance, implementing security measures, and collaborating with cross-functional teams to ensure the reliability and security of our Documentum environment. Develop alternate plans/ solutions to be implemented as per root cause analysis of critical problems Follow escalation matrix/ process as soon as a resolution gets complicated or isn t resolved Provide knowledge transfer, sharing best practices with the team and motivate What should you bring along Automating Documentum Deployments: Implementing CI/CD pipelines for Documentum environments, automating build, testing, and deployment processes. Infrastructure as Code (IaC): Defining and managing Documentum infrastructure using code, enabling automation and consistency. Security Integration: Integrating security practices into the SDLC, including vulnerability scanning, security testing, and compliance checks. Monitoring and Alerting: Setting up monitoring systems for Documentum applications and infrastructure, establishing alerts for performance and security issues. Incident Response: Developing and implementing procedures for responding to security incidents and system failures. Collaboration: Working closely with development, security, and operations teams to ensure seamless integration and security. Performance Optimization: Identifying and resolving performance bottlenecks within the Documentum environment. Security Audits and Compliance: Conducting regular security audits and ensuring compliance with relevant security standards and regulations. Staying Updated: Keeping up to date with the latest Documentum technologies, security threats, and best practices. Must have technical skill Strong understanding of DevOps principles and practices. Experience with CI/CD pipelines (e.g., Jenkins, GitLab CI). Proficiency in scripting languages (e.g., Python, Bash). Experience with configuration management tools (e.g., Ansible, Puppet). Basic Knowledge of cloud platforms (e.g., AWS, Azure). Familiarity with containerization technologies (e.g., Docker, Kubernetes). Understanding of security concepts and best practices (e.g., encryption, authentication, authorization). Experience with Documentum administration and development. Excellent communication and collaboration skills. Problem-solving and analytical skills. Good to have technical skills Documentum Certification Agile Concepts training completion.

SailPoint Engineer/Tester : We are looking for experienced SailPoint professionals to join our team in Hyderabad or Cochin for an exciting Work From Office (WFO) opportunity. Required Experience-5-7 Yr Mandatory : Job Type : Work From Office (WFO)- Hybrid Mode Job Location-Hyderabad/Cochin (Any One) Working Hours : Normal working hours (Monday to Friday, ) Contract Duration- 6 Months Additional Information : Start Date : Immediate-Immediate Joiners Only Contract Duration : 6 months Location : Hyderabad or Cochin (Work From Office) Background Verification : Mandatory through a third-party verification process. Required Experience : 5-7 Yr Mandatory Please Note-We are looking for Immediate Joiner Only Role : SailPoint Engineer/Tester Role & Responsibilities : Support the implementation, testing, and validation of SailPoint Identity Security Cloud (IAM). Develop and maintain workflows, policies, and access controls within SailPoint IdentityIQ/IdentityNow. Create and execute manual and automated test cases for IAM solutions. Conduct test automation using Application Lifecycle Management (ALM) tools. Ensure compliance with SOX, GxP, and other security standards. Required Qualifications (Mandatory) : Experience : 5-7 years in IAM, specializing in SailPoint IdentityIQ/IdentityNow. Technical Skills : Strong knowledge of SailPoint architecture, workflows, and connectors. Programming : Hands-on experience with Java, REST APIs, XML, and SQL. Testing Expertise : Familiarity with test automation tools and IAM validation methodologies. Directory Services : Understanding of Active Directory, LDAP, and authentication protocols (SAML, OAuth, OpenID Connect). Next Steps : If you're excited about this opportunity and meet the requirements, we'd love to hear from you ! To apply, please reply with the following details along with your updated resume : Your resume must match 100% with the above job description Ensure that all the relevant skills mentioned in the JD are reflected in your resume to increase your chances of getting shortlisted.

SailPoint Engineer/Tester : We are looking for experienced SailPoint professionals to join our team in Hyderabad or Cochin for an exciting Work From Office (WFO) opportunity. Required Experience-5-7 Yr Mandatory : Job Type : Work From Office (WFO)- Hybrid Mode Job Location-Hyderabad/Cochin (Any One) Working Hours : Normal working hours (Monday to Friday, ) Contract Duration- 6 Months Additional Information : Start Date : Immediate-Immediate Joiners Only Contract Duration : 6 months Location : Hyderabad or Cochin (Work From Office) Background Verification : Mandatory through a third-party verification process. Required Experience : 5-7 Yr Mandatory Please Note-We are looking for Immediate Joiner Only Role : SailPoint Engineer/Tester Role & Responsibilities : Support the implementation, testing, and validation of SailPoint Identity Security Cloud (IAM). Develop and maintain workflows, policies, and access controls within SailPoint IdentityIQ/IdentityNow. Create and execute manual and automated test cases for IAM solutions. Conduct test automation using Application Lifecycle Management (ALM) tools. Ensure compliance with SOX, GxP, and other security standards. Required Qualifications (Mandatory) : Experience : 5-7 years in IAM, specializing in SailPoint IdentityIQ/IdentityNow. Technical Skills : Strong knowledge of SailPoint architecture, workflows, and connectors. Programming : Hands-on experience with Java, REST APIs, XML, and SQL. Testing Expertise : Familiarity with test automation tools and IAM validation methodologies. Directory Services : Understanding of Active Directory, LDAP, and authentication protocols (SAML, OAuth, OpenID Connect). Next Steps : If you're excited about this opportunity and meet the requirements, we'd love to hear from you ! To apply, please reply with the following details along with your updated resume : Your resume must match 100% with the above job description Ensure that all the relevant skills mentioned in the JD are reflected in your resume to increase your chances of getting shortlisted.

Responsibilities: Conduct UI/UX testing, vulnerability assessments and security testing on web applications and APIs. Develop and maintain automated test scripts using tools like Cypress, Playwright, Selenium, or similar. Collaborate with the development team to ensure quality and security throughout the software development lifecycle. Create and maintain test plans, test cases, and security documentation. Perform code reviews and provide feedback on potential security issues. Provide expert knowledge on application security issues and best practices to the development team. Requirements: Bachelors Degree in Computer Science or IT security related field (Master’s preferred). Minimum 2 years experience (in product company) as a QA Test Engineer, particularly in automation. Proficiency in automation tools like Playwright, Cypress, Selenium, or similar. In-depth knowledge of common application vulnerabilities and exploitation techniques such as SQL injection,CSRF, XSS, and other OWASP Top Ten vulnerabilities. Strong understanding of software QA methodologies, tools, and processes. Experience in writing clear, concise, and comprehensive test plans and test cases. Familiarity with Agile frameworks and regression testing. Experience with the travel industry is a plus. Strong integrity and work ethic. Possess excellent communication and interpersonal skills. Proactive, assertive, and has a creative approach to problem solving. Benefits: Competitive salary and performance-based bonuses. Opportunity to work with a dynamic and innovative team in a fast-growing startup environment. Chance to work directly with CXOs and set up the core product & tech vertical for the organisation. Continuous learning and development opportunities.

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP

Job Tittle - Security Test Engineer Job Type: Full-time EXP 5+ Years Location - Gurgaon Roles & Responsibilities: Perform Security Assessments: Conduct various types of security testing, including: 1. Penetration Testing : Perform black-box, gray-box, and white-box penetration testing on web applications, APIs, mobile applications (iOS/Android), and network infrastructure. 2. Vulnerability Assessments : Utilize automated and manual techniques to identify security weaknesses. 3. Static Application Security Testing (SAST) : Analyze source code to identify potential vulnerabilities. 4. Dynamic Application Security Testing (DAST) : Test applications in a running state and vulnerabilities. 5. Interactive Application Security Testing (IAST) : Combine elements of SAST and DAST for comprehensive testing. 6. Configuration Reviews : Assess the security posture of various systems and applications. 7. Threat Modeling: Participate in threat modeling sessions to identify potential attack vectors and vulnerabilities early in the development lifecycle. 8. Vulnerability Management: Document identified vulnerabilities clearly and concisely, including steps to reproduce, impact, and severity. Communicate findings to development teams and stakeholders effectively. Track and manage vulnerabilities through their lifecycle, from discovery to remediation and retesting. Provide guidance and recommendations to development teams on remediation strategies. 9. Security Tooling & Automation : - Utilize and configure security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus, Acunetix, Fortify, Checkmarx, Metasploit). - Develop and implement automated security tests and scripts to improve efficiency. - Stay up-to-date with the latest security testing tools, techniques, and best practices. 10. Collaboration & Communication: - Collaborate closely with development, DevOps, QA, and product teams to integrate security into the SDLC (Secure SDLC). - Educate and mentor developers on secure coding practices and common vulnerabilities. - Participate in security code reviews. - Present security findings and recommendations to technical and non-technical audiences. 11. Research & Development: - Stay informed about emerging security threats, attack vectors, and industry trends. - Contribute to the improvement of security testing methodologies and processes. Participate in security community activities, conferences, and training. Required Skills & Qualifications : - Education : Bachelor's degree in computer science, Information Security, or a related field (or equivalent practical experience). - Experience : Mid-Level: 3-6 years of experience in security testing, penetration testing, or application security. Senior Level: 6+ years of experience in security testing, leading penetration testing engagements and architecting secure solutions. Technical Skills : - Strong understanding of web application security vulnerabilities (e.g., OWASP Top 10, SANS Top 25). o Proficiency with security testing tools (e.g., Burp Suite, OWASP ZAP, Nmap, Metasploit). - Experience with various operating systems (Linux, Windows). - Familiarity with scripting languages (e.g., Python, Ruby, PowerShell, Bash). Understanding of network protocols, firewalls, and intrusion detection/prevention systems. - Knowledge of secure coding principles and common programming languages (e.g., Java, Python, C#, JavaScript, Node.js). - Experience with cloud security (AWS, Azure, GCP) is a strong plus. Familiarity with CI/CD pipelines and integrating security into automated workflows. Soft Skills : - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences. - Ability to work independently and as part of a team. - High attention to detail and a methodical approach to testing. - Curiosity and a strong desire to learn and stay current with security trends. Desired Certifications (Plus, but not required): OSCP OSWE CEH (Certified Ethical Hacker) CompTIA Security+ SANS certifications (e.g., GWEB, GWAPT, GPEN) CSSLP (Certified Secure Software Lifecycle Professional)

Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users Validation - Supplier will perform manual validation and false-positive analysis on the automated scan results. Remediation Support: The remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Scan Retest: Supplier will perform revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. Complex application testing and remediation/mitigation recommendation author Technical leadership of group of less experienced testers. Adversary based approach to test plan development Attempt to access unauthorized data Attempt to make unauthorized changes Bypass business logic, authentication, user privileges, etc.. Hijack accounts (Does not include social engineering methods) Attempt to exploit OWASP Top 10 vulnerabilities EcoSystem Testing All forms of application security testing, attempt to exploit All forms of device security testing, attempt to exploit All forms of database security testing, attempt to exploit Full Stack review, weakness enumer #Cybersecurity Job ID R-73980-1 Date posted 07/04/2025

Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users Validation - Supplier will perform manual validation and false-positive analysis on the automated scan results. Remediation Support: The remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Scan Retest: Supplier will perform revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. Complex application testing and remediation/mitigation recommendation author Technical leadership of group of less experienced testers. Adversary based approach to test plan development Attempt to access unauthorized data Attempt to make unauthorized changes Bypass business logic, authentication, user privileges, etc.. Hijack accounts (Does not include social engineering methods) Attempt to exploit OWASP Top 10 vulnerabilities EcoSystem Testing All forms of application security testing, attempt to exploit All forms of device security testing, attempt to exploit All forms of database security testing, attempt to exploit Full Stack review, weakness enumer #Cybersecurity Job ID R-73980 Date posted 07/04/2025

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Selenium Good to have skills : Java Enterprise EditionMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer (Tester), you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. You will perform continuous testing for security, API, and regression suite, create automation strategy, automated scripts, and support data and environment configuration. Participate in code reviews, monitor, and report defects to support continuous improvement activities for the end-to-end testing process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to ensure quality throughout the software development lifecycle.- Develop and execute automated test scripts for regression testing.- Analyze test results and provide feedback to the development team.- Identify and report defects to ensure quality deliverables.- Implement best practices for test automation and continuous integration. Professional & Technical Skills: - Must To Have Skills: Proficiency in Selenium.- Good To Have Skills: Experience with Java Enterprise Edition.- Strong understanding of test automation frameworks and tools.- Experience in API testing and security testing.- Knowledge of software testing methodologies and best practices. Additional Information:- The candidate should have a minimum of 3 years of experience in Selenium.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Automated Testing Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer, you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Your typical day will involve performing continuous testing for security, API, and regression suites, creating automation strategies, and supporting data and environment configurations. You will also participate in code reviews and monitor defects to support continuous improvement activities for the end-to-end testing process, ensuring that quality is maintained throughout the development lifecycle. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to ensure alignment on project goals and quality standards.- Develop and maintain automated test scripts to enhance testing efficiency and coverage. Professional & Technical Skills: - Must To Have Skills: Proficiency in Automated Testing.- Strong understanding of test automation frameworks and tools.- Experience with continuous integration and continuous deployment practices.- Familiarity with performance testing and security testing methodologies.- Ability to analyze and interpret test results to provide actionable insights. Additional Information:- The candidate should have minimum 3 years of experience in Automated Testing.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education:Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Key responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights.Technical experience:Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms.Professional attributes:Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines. Qualifications:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). Qualification 15 years full time education

Job Description: We are seeking a highly skilled and detail-oriented Quality Assurance (QA) Engineer to join our dynamic team. The ideal candidate will be responsible for ensuring the quality, functionality, and performance of our web and mobile applications through rigorous testing. This role requires expertise in manual and automated testing, API validation, cross-browser compatibility testing, and WCAG accessibility compliance. If you have a passion for quality assurance and a proven track record in testing, we would love to hear from you. Testing Strategy and Execution Key Responsibilities: Design and implement comprehensive test strategies across multiple platforms and browsers. Conduct thorough manual and automated testing of web and mobile applications. Execute API testing using industry-standard tools such as Postman. Perform cross-browser compatibility testing across Chrome, Firefox, Safari, and Edge. Quality Assurance Process Develop and maintain detailed test plans, test cases, and test scenarios. Implement continuous testing methodologies throughout the development lifecycle. Conduct exploratory testing to identify potential issues and edge cases. Ensure WCAG compliance and accessibility testing. Documentation and Reporting Create and maintain comprehensive test documentation. Track and document defects using JIRA or similar project management tools. Generate detailed test reports and quality metrics. Validate UI implementations against Figma designs. Team Collaboration Participate in Agile ceremonies and sprint planning. Collaborate closely with developers to resolve identified issues. Communicate testing results to stakeholders and project managers. Provide feedback on product quality and potential improvements. Preferred Qualifications: Experience with test automation frameworks such as Selenium, Cypress, or Playwright. Familiarity with CI/CD pipelines and continuous testing. Knowledge of performance testing tools. Understanding of security testing best practices. Requirements: Bachelor's degree in Computer Science, Information Technology, or a related field. Minimum 2-3 years of professional QA experience. Proven expertise in web and mobile application testing. Strong knowledge of API testing methodologies and tools. Proficiency in test case development and bug tracking. Experience with WCAG guidelines and accessibility testing. Demonstrated ability to work with Figma for design validation. Excellent written and verbal communication skills.

Looking for Cyber Security Specialist -Application Security-Automotive co in Bangalore Key skills: Threat Analysis/ modelling/Identification, Security Testing, SDLC Security, good knowledge on Open source scanning tools