232 Snyk Jobs - Page 2

Porter: Creating Impactful Journeys At Porter, we're not just passionate about improving productivity; we're on a vision to Moving a billion dreams one delivery at a time. We empower businesses, both large and small, to optimize their operations and unleash unprecedented growth in their core functions. Join us in pioneering the future of last-mile logistics, one that's poised to disrupt the industry and redefine the way we think about transportation. Why Porter? Industry Leadership: As the fastest-growing leader in last-mile logistics, we have a pan-India and International presence with operations spanning multiple cities. With a fleet size exceeding 750k driver partners and 15 million customers. Porter is at the forefront of this dynamic and rapidly expanding sector. Cutting-Edge Technology: Our industry-best technology platform has garnered over $150 million in investments from renowned backers, including Sequoia Capital, Kae Capital, Mahindra Group, LGT Aspada, Tiger Global, and Vitruvian Partners. We leverage technology to drive efficiency, innovation, and unparalleled service. Ambitious: We're not just solving problems; we're addressing a massive challenge and going after a market with a valuation surpassing $50 billion USD. Our ambition extends beyond last-mile delivery; we aim to disrupt all facets of logistics, including warehousing and LTL transportation. Thriving Community: Join a community of passionate individuals who are committed to doing the best work of their lives. At Porter, we value the spirit of collaboration, innovation, and embracing challenges head-on. Be a Part of Something Extraordinary: If you're ready to make an impact, be at the forefront of innovation, and embrace the challenges and opportunities of a fast-paced work environment, Porter is the place for you. We're not just building a brand; we're creating a household name in transportation. Join us and be part of the revolution – where every day is an opportunity to redefine what's possible. If you are ready to make a significant impact and shape the future of Porter, apply now and be part of our exciting journey! Role Define and Drive Platform Vision : Champion a platform mindset —build scalable, secure, and reusable cloud and security capabilities that empower application teams to ship quickly and safely. Participate in defining and evolving the long-term technical vision for cloud infrastructure and security engineering. Translate this vision into a clear multi-year execution roadmap, balancing innovation with operational excellence. Stay ahead of industry trends and emerging technologies, and align them with the company’s goals to maintain a forward-looking posture. Cross-Org Collaboration and Platform Adoption Foster strong partnerships with product engineering, infosec, and compliance teams to align platform capabilities with the needs of the business. Ensure successful adoption of platform solutions by driving enablement, automation, and a customer-centric approach to internal tooling. Continuously improve engineering efficiency by listening to feedback, streamlining developer workflows, and investing in secure-by-default, low-friction solutions. Project Management and Execution Excellence Act as a masterful program manager —own the execution of complex, cross-functional initiatives in cloud and security domains. Establishes clear goals and cascades them to teams, along with KPIs, and operating rhythms to ensure timely delivery of strategic programs. Delegate effectively across leads and ICs while actively unblocking teams and ensuring consistent forward momentum. Communicate progress, risks, and trade-offs to leadership and stakeholders proactively. People Leadership and Talent Development Build and nurture high-performing, cross-functional teams by hiring top talent, fostering a strong culture, and setting clear expectations. Lead regular performance assessments , give constructive feedback, and identify growth opportunities aligned with individual aspirations and business needs. Invest in personalized career development , helping engineers and managers grow into technical leaders and domain experts. Encourage a culture of learning, experimentation, psychological safety, and continuous improvement . Operational Ownership and Risk Mitigation Own the operational health of platform and security infrastructure, including availability, scalability, cost, and incident response. Establish strong risk management practices —ensure the platform meets compliance requirements (e.g., SOC2, ISO 27001) and proactively mitigates vulnerabilities. Define and enforce secure defaults, governance frameworks, and auditability as part of every platform offering. Skills Cloud Infrastructure Expertise: Advanced proficiency in any of the major cloud, preferably GCP, with experience designing and maintaining production-grade infrastructure. Infrastructure as Code: Deep experience with Terraform and cloud-native tooling for automation, configuration, and deployment. Containerization and Orchestration: Hands-on knowledge of Docker and Kubernetes in production environments. Systems & Networking: Strong foundation in Linux systems, networking, DNS, and load balancer configurations. Monitoring & Reliability: Experience with monitoring stacks like Datadog/newrelic, Prometheus, or equivalent, and implementing SLOs and alerts for infrastructure health. Communication & Leadership: Clear communicator with experience running incident bridges, postmortems, and cross-functional syncs. People Management : Proven ability to lead and grow high-performing, cross-functional engineering teams. Skilled in performance management, coaching, and career development, with a focus on fostering an inclusive, psychologically safe culture that promotes ownership, accountability, and continuous improvement. Good to Have (Security Skills) CI/CD & DevSecOps Practices: Proven experience integrating infrastructure provisioning, security checks, and observability into automated pipelines. Security Tooling: Familiarity with tools like Snyk, Checkov, Aqua, or other CSPM/CIEM solutions. Application & Network Security: Working knowledge of secure application design, WAFs, VPNs, and firewalls. Compliance & Risk Management: Exposure to frameworks like SOC2, HIPAA, or PCI-DSS. SAST/DAST & Vulnerability Management: Experience integrating static/dynamic analysis into pipelines and managing remediation workflows.

Job Description RESPONSIBILITIES: Establish security best processes and practices for our mobile, on-premises and cloud-based platforms. Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls. Support and consult with product and development teams in the area of application security, including threat modeling and Application Security reviews. Implement, continuously develop, and maintain secure Software Security Development Lifecycle processes and software maturity model. Perform threat modeling, secure design, and source code review. Conduct security assessments, security testing and validation of vulnerability scan results. Assist teams in reproducing, triaging, and addressing application security vulnerabilities. Incorporate security tools/tasks to automate product development and deployment. Develop, implement, and automate defensive controls, creating and tuning tools and rules to detect and address malicious activity. Responsible for integration of security controls into SDLC. Establish supply chain security process and ensure 3rd party software meet the standards. Facilitate injection, integration, and compliance for Static Application Security Testing (SAST), Container Security Scanning & Open-Source Security Analysis during development phase. Facilitate injection, integration, and compliance for Dynamic Application Security Testing (DAST) Contribute to triaging, addressing security issues and tracking remediation. Own and manage Secure SDLC tooling. Develop and customize security tools used by security teams and developers. Work closely with development teams to build security directly into their SDLCs. Provide remediation guidance to programmers and management. Support bug bounty program Support the preparation of security releases Mentor and train development teams on secure coding standards and techniques. Develop Secure Coding Program. Constantly innovate at the pace of the adversary using latest techniques. EDUCATIONAL REQUIREMENTS: Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience Certifications in the field of Information Security (at least one of the following: CISSP, CEH, GIAC CPEN, OSCP, OSWE, CWAPT, GWAPT, GWEB) Experience Required A minimum of 3 to 5 years of experience. GENERAL KNOWLEDGE, SKILLS & ABILITIES: In-depth knowledge of web and mobile security vulnerabilities, attack vectors and mitigation techniques Experience with multiple programming languages (Java, JavaScript, Go, Python, Ruby, Objective-C, C#, PHP) with hands on level coding experience with at least one scripting and one objected oriented programming language. Fluent with security testing with SAST, SCA, DAST, IAST, Fuzz and penetration testing tools Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25 Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond). Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP. Knowledge of DevSecOps to maintain security in CI/CD pipeline. Solid experience with security tools like Semgrep, CheckMarx, VeraCode, BurpSuite, Snyk, Nessus Familiar with tools like Git, Jenkins, CircleCI, Maven, Ant, Gradle, Nexus, SonarQube, Artifactory, Chef, Splunk Experience writing custom rules for static analysis tools. Experience with API Security, IaC, Containerization, RASP, IAST Experience with micro services, container deployment and service orchestration Strong knowledge of cryptography, API security, and secret management Ability to clearly and effectively communicate concerns and issues to the management and engineers. Experience with Cloud (AWS, Azure, GCP) Security Experience writing tools to automate tasks and integrate systems using scripting languages like Go, Python and REST APIs. Experience in delivering and educating development groups in Secure Coding Expertise with common vulnerabilities and attack vectors. Experience integrating security tools into developer pipelines. DevOps experience managing deployment and configuration. General Skills Include Strong critical thinking and analytical skills Ability to approach problem solving in a constructive and collaborative way that does not require absolute security. The ability to communicate complicated technical issues and risks to programmers, network engineers and managers. Strong leadership, project, and team-building skills Exceptional communication skills with diverse audiences; the ability to be an application security subject matter expert who can explain relevant topics to general audiences.

Description We are seeking a highly technical Lead Software Engineer to drive the architecture, scalability, and engineering excellence of our core platforms. This role is ideal for someone who thrives on solving complex engineering problems and scaling distributed systems in production. You will design, build, and optimize full-stack systems with a strong focus on microservices, event-driven architecture, and cloud-native DevOps. You’ll work across the stack, from backend services and frontend performance to CI/CD, observability, and security. Responsibilities 1. Architecture & Scalabilit y • Architect and implement highly scalable microservices-based systems using Python (Django) or Node.js. • Design event-driven architectures using Kafka, RabbitMQ, or AWS SQS/SNS. • Build low-latency, high-throughput APIs, utilizing Redis/Memcached and CDNs. • Apply distributed systems patterns (e.g., CQRS, Saga, Circuit Breaker) for resilience and consistency. • Use container orchestration (e.g., Kubernetes) and serverless platforms (AWS Lambda, Azure Functions) for scalable, cloud-native deployments. 2. Full-Stack Engineeri ng • Build RESTful or gRPC APIs with Python (Django), or Node.js (Express/NestJS). • Develop high-performance frontend applications with React.js (Next.js), TypeScript, and state management (Redux, Zustand). • Design optimized database schemas across PostgreSQL, MySQL, MongoDB, or Cassandra, with attention to indexing, replication, and sharding. • Implement real-time features using WebSockets (Socket.io) or GraphQL subscription s. 3. DevOps & Cloud Infrastructure • Build and automate CI/CD pipelines using GitHub Actions, GitLab CI, or Jenkins with IaC tools like Terraform or Pulumi. • Manage Kubernetes clusters (EKS, GKE, AKS) using Helm and service meshes (Istio, Linkerd). • Set up robust monitoring and observability stacks (Prometheus, Grafana, OpenTelemetry, ELK). • Deploy security-first infrastructure in AWS, GCP, or Azure, following DevSecOps best practices. 4. Code Quality & Security • Enforce engineering standards via linters (ESLint, Pylint), static analysis (SonarQube), and automated testing (Jest, Pytest). • Conduct security audits and integrate SAST/DAST tools (Snyk, OWASP ZAP, Trivy) into CI/CD. • Implement zero-trust architectures using OAuth 2.0, JWT, and RBAC for access control. • Ensure compliance with OWASP Top 10 and other secure development standards. Eligibility ✅ 6+ years of hands-on experience building scalable, distributed software systems. ✅ Deep backend experience in Python (Django) or Node.js (Express/NestJS). ✅ Strong frontend experience with React.js, TypeScript, and Next.js. ✅ Proven experienc e in microservices, event-driven architect ures, and message br okers like Kafka or RabbitMQ. ✅ Hands-on expertise in both SQL (PostgreSQL, MySQL) and NoSQL (MongoDB, Redis, Cassandra). ✅ Solid DevOps skills including Kubernetes, Docker, and cloud plat forms (AWS/GCP/Azure). ✅ Strong knowledg e of secure coding practices, API security, and web application hardening. Preferred (Nice to Have): 🔹 Knowledge of blockchain technologies (Ethereum, Hyperledger, Solidity). 🔹 Experience with Web3 libraries (Web3.js, Ethers.js). 🔹 Contributions to open-source, technical blogs, or whitepapers. Educational Qualifications: 🎓 B.Tech / M.Tech in Computer Science or related field (Mandatory). Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph.

ABOUT TIDE At Tide, we are building a business management platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting. Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees. Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money. ABOUT THE TEAM: Our 40+ engineering teams are working on designing, creating and running the rich product catalogue across our business areas (e.g. Payments Services, Business Services). We have a long roadmap ahead of us and always have interesting problems to tackle. We trust and empower our engineers to make real technical decisions that affect multiple teams and shape the future of Tide's Global One Platform. It's an exceptional opportunity to make a real difference by taking ownership of engineering practices in a rapidly expanding company! We work in small autonomous teams, grouped under common domains owning the full lifecycle of some microservices in Tide's service catalogue. Our engineers self-organize, gather together to discuss technical challenges, and set their own guidelines in the different Communities of Practice regardless of where they currently stand in our Growth Framework. ABOUT THE ROLE: Contribute to our event-driven Microservice Architecture (currently 200+ services owned by 40+ teams). You will define and maintain the services your team owns (you design it, you build it, you run it, you scale it globally) Use Java 17 , Spring Boot and JOOQ to build your services. Expose and consume RESTful APIs . We value good API design and we treat our APIs as Products (in the world of Open Banking often times they are gonna be public!) Use SNS + SQS and Kafka to send events Utilise PostgreSQL via Aurora as your primary datastore (we are heavy AWS users) Deploy your services to Production as often as you need to (this usually means multiple times per day!). This is enabled by our CI/CD pipelines powered by GitHub with GitHub actions , and solid JUnit/Pact testing (new joiners are encouraged to have something deployed to production in their first 2 weeks) Experience modern GitOps using ArgoCD . Our Cloud team uses Docker, Terraform, EKS/Kubernetes to run the platform. Have DataDog as your best friend to monitor your services and investigate issues Collaborate closely with Product Owners to understand our Users' needs, Business opportunities and Regulatory requirements and translate them into well-engineered solutions WHAT WE ARE LOOKING FOR: Have some experience building server-side applications and detailed knowledge of the relevant programming languages for your stack. You don't need to know Java, but bear in mind that most of our services are written in Java, so you need to be willing to learn it when you have to change something there! Have a sound knowledge of a backend framework (e.g. Spring/Spring Boot) that you've used to write microservices that expose and consume RESTful APIs Have experience engineering scalable and reliable solutions in a cloud-native environment (the most important thing for us is understanding the fundamentals of CI/CD, practical Agile so to speak) Demonstrate a mindset of delivering secure, well-tested and well-documented software that integrates with various third party providers and partners (we do that a lot in the fintech industry) OUR TECH STACK: Java 17 , Spring Boot and JOOQ to build the RESTful APIs of our microservices Event-driven architecture with messages over SNS+SQS and Kafka to make them reliable Primary datastores are MySQL and PostgreSQL via RDS or Aurora (we are heavy AWS users) Docker, Terraform, EKS/Kubernetes used by the Cloud team to run the platform DataDog, ElasticSearch/Fluentd/Kibana and Rollbar to keep it running GitHub with GitHub actions for Sonarcloud, Snyk and solid JUnit/Pact testing to power the CI/CD pipelines WHAT YOU WILL GET IN RETURN: Competitive salary Self & Family Health Insurance Term & Life Insurance OPD Benefits Mental wellbeing through Plumm Learning & Development Budget WFH Setup allowance 25 Annual leaves Family & Friendly Leaves TIDEAN WAYS OF WORKING: At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community. #LI-NN1 TIDE IS A PLACE FOR EVERYONE At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members' diverse needs and lives. We are One Team and foster a transparent and inclusive environment, where everyone's voice is heard. At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone's voice is heard. You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice .

We are seeking a skilled and dynamic Security & Privacy Architect and SDL Coach to join our team and help strengthen the security posture of our software development lifecycle. This role combines a strong foundation in code analysis, security architecture, and coaching teams on security best practices. The ideal candidate will work closely with development teams, conducting security assessments, guiding secure coding practices, and ensuring compliance with industry standards. As a Security & Privacy Architect, you will be responsible for identifying vulnerabilities and providing actionable recommendations to reduce security risks. As an SDL Coach, you will help application teams adopt security-focused practices into their software development lifecycle (SDLC) while ensuring compliance with regulatory standards like PCI-DSS. Key Responsibilities Code Analysis, Scanning, and Remediation • Security Tool Configuration: Configure and operate security scanning tools (e.g., Snyk, Grit, Checkmarx, Coverity, Mend etc.) to scan applications and interpret results to identify potential security flaws. • Static and Dynamic Code Analysis: Perform static and dynamic code analysis to identify vulnerabilities in the source code. Help App teams in adopting best practices. • Vulnerability Remediation: Work directly with development teams to guide them in resolving identified vulnerabilities and promote secure coding practices. • Issue Prioritization: Prioritize critical security issues and escalate them for immediate remediation when necessary. Security & Privacy Architecture • Security Assessments: Conduct in-depth security assessments to identify potential attack vectors, vulnerabilities, and risks in the application architecture and source code. • Recommendations: Provide actionable recommendations to development and architecture teams to address security gaps and ensure compliance with security standards. • Security Design: Assist in the design of secure application architectures that meet both business and security requirements. SDL Coaching and Best Practices • SDL Awareness: Conduct Security Development Lifecycle (SDL) Coaching and Assessments with development teams to raise awareness of security practices and ensure they align with best security practices. • Security Best Practices Adoption: Guide teams in adopting and integrating Comcast Security practices into their SDLC, focusing on secure coding, testing, and deployment. • Coaching & Mentoring: Provide ongoing coaching and mentoring to developers to help them understand the importance of security throughout the development process. Compliance Lead (CGA, PCI, CPP) • Regulatory Compliance: Participate in security risk assessments and ensure that applications comply with relevant industry standards and regulations (e.g., PCI-DSS, CGA, CPP). • Audit Preparation: Assist application teams with preparation for security audits, providing guidance before and after audits to address any issues. • Documentation: Ensure that all security compliance requirements are well documented and tracked. Research and Continuous Improvement • Threat Intelligence: Stay updated on the latest security threats, vulnerabilities, and emerging trends in application security to proactively mitigate risks. • Tool & Framework Evaluation: Evaluate new security tools, frameworks, and technologies that can improve the effectiveness of security code scanning and remediation. Conduct comparative analysis and provide recommendations. • Process Improvement: Continually assess and improve security processes within the development lifecycle to enhance overall security posture. Required Qualifications • Experience: 8+ years of experience in application security, including hands-on experience with code analysis, security testing, and risk assessments. • Technical Skills: o Strong understanding of secure software development practices. o Familiarity with security tools such as Snyk, Grit, Checkmarx, Mend and other static/dynamic code analysis tools. o Knowledge of security vulnerabilities (e.g., OWASP Top 10, CVEs) and remediation techniques. o Experience with common security frameworks and methodologies (e.g., OWASP, NIST, CIS, PCI-DSS). o Proficient in at least one programming/scripting language (e.g., Python, Java, C#, JavaScript). • Compliance Knowledge: In-depth understanding of industry compliance standards such as PCI-DSS, CGA, and CPP. • Communication Skills: Excellent written and verbal communication skills with the ability to interact with technical and non-technical teams alike. Preferred Qualifications • Certifications: CISSP, CISM, CISA, or equivalent security certification is highly preferred. • Experience with Cloud Security: Knowledge of security best practices in cloud environments (AWS, Azure, GCP). • Experience with DevSecOps: Experience with integrating security practices into DevOps pipelines and workflows.

About Us Please be aware we have noticed an increase in hiring scams potentially targeting Seismic candidates. Read our full statement on our Careers page. Seismic, a rapidly growing Forbes Cloud 100 company, is the global leader in enablement, helping organizations engage customers, enable teams, and ignite revenue growth. The Seismic Enablement CloudTM provides continuous guidance to improve behavior, content, and skills to win more deals and deliver better experiences. More than 2,200 organizations around the globe including IBM and American Express have made Seismic their enablement platform of choice. Seismic integrates with business-critical platforms including Microsoft, Salesforce, Google and Adobe. Seismic is headquartered in San Diego, with offices across North America, Europe, Australia and China. Seismic is committed to building an inclusive workplace that ignites growth for our employees and creates a culture of belonging that allows all employees to be seen and valued for who they are. Learn more about DEI at Seismic here. Overview Seismic is a leader in sales enablement technology, delivering integrated solutions that connect marketing, sales, and buyers to drive meaningful engagement. We develop cutting-edge SaaS solutions, ensuring innovation, quality, and global reach to meet our customer needs. We specialize in delivering modern, scalable, and multi-cloud solutions that empower businesses to succeed in today’s digital era. Leveraging the latest advancements in technology, including Generative AI, we are committed to driving innovation and transforming the way businesses operate. As we embark on an exciting journey of growth and expansion, we are seeking a talented Information Security Analyst to join our team in Hyderabad, India. Who You Are You are a highly motivated and detail-oriented security professional with 1-2 years of experience in information security. You possess a strong understanding of security principles and are passionate about identifying and mitigating vulnerabilities. You are a strong communicator and collaborator, with the ability to effectively communicate technical information to both technical and non-technical audiences. You are a quick learner, eager to expand your knowledge in the ever-evolving cybersecurity landscape, and possess a strong work ethic with a focus on continuous improvement. What You’ll Be Doing This role is responsible for identifying, assessing and mitigating security vulnerabilities in software applications. They work closely with development teams to integrate security practices into the Software Development Lifecycle (SDLC) and help ensure that applications are secure and compliant with relevant standards and regulations. As part of this role, you will assist with the following: Review AppSec (SAST/DAST/SCA/Container/API) vulnerabilities, evaluate risk and verify vulnerabilities Respond to customer RFPs within SLAs. Proactively review and triage alerts related to our security tool set (CrowdStrike, Netskope, Snyk, Veracode, NoName) Communicate with our engineering department on potential risks within their applications, best practices, and fixes. Support technical security assessments to ensure services follow secure design principles across our engineering portfolio. Work with the security operations team to integrate security tooling into the CI/CD pipeline to automate security testing and vulnerability detection. Document and updating information security processes. What You Bring To The Team Must Haves Minimum 1 –2 years of Information Security experience. Knowledge of OWASP Top 10, and related CWEs and CVEs. Solid understanding of information security best practices related to: Application security Cloud security GRC Ability to read and understand at an analyst level at least one major programming language and framework (C#, .NET, JavaScript, Python, Ruby, Java.) Foundational Knowledge with Application Security (Software composition analysis, Static/Dynamic analysis, and API Security) Experience with a ticketing tracking system (e.g. Jira) Great communication skills, with the ability to collaborate across development, operations, and security teams. Highly proficient in spoken and written English Completed at least one security certification (e.g. SEC+, ISC2 CC or any others) Nice To Haves Proficiency with a scripting language such as Python, PowerShell or Bash Experience with answering Vendor Security Questionnaires Experience with an access management solution. Threat modeling experience following STRIDE methodology. What We Have For You At Seismic, we’re committed to providing benefits and perks for the whole self. To explore our benefits available in each country, please visit the Global Benefits page. If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please click here. Headquartered in San Diego and with employees across the globe, Seismic is the global leader in sales enablement , backed by firms such as Permira, Ameriprise Financial, EDBI, Lightspeed Venture Partners, and T. Rowe Price. Seismic also expanded its team and product portfolio with the strategic acquisitions of SAVO, Percolate, Grapevine6, and Lessonly. Our board of directors is composed of several industry luminaries including John Thompson, former Chairman of the Board for Microsoft. Seismic is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to gender, age, race, religion, or any other classification which is protected by applicable law. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to madhuri.p@s3staff.com

The DevSecOps Lead will be responsible for leading the implementation and continuous evolution of DevSecOps capabilities across our OT cybersecurity engineering ecosystem. This role will architect secure, scalable, and automated CI/CD pipelines, implement Infrastructure as Code (IaC), and integrate cybersecurity toolchains across development and operations workflows.You will be a key enabler for engineering velocity, code security, release stability, and automation maturity - bridging technology platforms, product teams, and cybersecurity operations. Preferred Qualifications Education : Bachelor’s degree in Computer Science, Engineering, or a related technical discipline. Master’s degree preferred (in Cybersecurity, Systems Engineering, or DevOps Automation). Certifications (preferred): DevOps: Certified Jenkins Engineer, GitHub Actions, Azure DevOps Expert, or similar. IaC / Automation: HashiCorp Terraform Associate, Red Hat Ansible Automation. Security Tooling: Practitioner-level training in SAST/DAST/SCA/EDR (e.g., Aqua Security, Snyk, SonarQube). Cloud Security: AWS Security Specialty, Azure Security Engineer, or CCSP. Compliance: Awareness training in IEC 62443 or NIST CSF is desirable. Key Requirements 8 + years of technology experience with strong focus on DevOps, cybersecurity integrations, and infrastructure automation. Expertise in building and governing CI/CD pipelines and cloud-native deployment workflows. Proven knowledge of tools such as Jenkins, GitHub Actions, ArgoCD, Terraform, Vault, and container security platforms. Hands-on experience with security tools integration (e.g., Checkmarx, SonarQube, Aqua, Snyk, Prisma Cloud). Familiarity with compliance and security frameworks (e.g., NIST, ISO 27001, IEC 62443) in OT/IT environments. Experience working with OT/ICS environments or industrial networks is preferred. Strong scripting and automation skills (Python, Shell, Go, etc.). Ability to work in cross-functional, Agile-driven teams and mentor engineers in secure software delivery practices. ONLY DevSecOps Lead may email resumes at joy.saha@adani.com

As a DevOps Architect, you will manage the software development process and create an automated delivery pipeline (CI/CD) to enhance infrastructure and application release efficiency. You are responsible for evaluating customer automation needs, supporting DevSecOps transformations, and designing and implementing high-quality DevOps architectures. Our ideal candidate has professional experience automating complex DevSecOps Pipeline deployments using modern CI/CD tools, along with a strong background in managing public cloud infrastructure through Infrastructure As Code (AWS, Azure, and GCP). To be a successful DevOps Architect, you should demonstrate a leadership mindset, possess solid operational experience, and possess effective problem-solving skills. The candidate should have excellent communication skills, be innovative, and stay current with industry trends and best practices in DevSecOps, AIOps, and FinOps. In this position, you will handle all the solution and technical aspects (DevOps) during the pre-sales process. Your responsibilities include identifying and addressing issues affecting customer satisfaction, actively collaborating with customers to enhance operational excellence and cost optimization, and implementing DevSecOps best practices to deliver business value. Building and maintaining relationships with key individuals within customer accounts and serving as a trusted advisor are crucial skills for driving the organic growth of customer accounts. Missions and main activities The main missions are : Automate build, deployment, and other aspects of the software development life cycle. Evaluate, Design, Implement, and streamline best practices architecture for Cloud and DevOps Solutions Implement microservice / container-based architectures. Conduct technical workshops with the customers and find automated solutions to problems that disrupt the availability, performance, and stability of customer systems. Work with the customer development, QA, security, and operations teams to understand requirements for functionality, performance, and security of applications. Explore and maintain an understanding of the internal architecture and client requirements of our applications. Manage the processes of deployments using a blue-green deployment pattern whenever possible. Implement the observability tools for infrastructure and applications. Ensure proper failover and backup architectures are implemented. Audit the customer environment, perform Gap Analysis, and propose remediation plans to address the gaps using Automation tools. Suggest FinOps practices for resource and cost optimization. Investigate and develop skills in new technologies (Data and AI) and collaborate across the company. Experience Total minimum professional working experience of 10 years in IT domain . Minimum 8 years of experience in managing operations of the virtualized platform. Minimum of 5 years of Public Cloud (AWS/Azure/GCP) deployment and management experience 10 years of application integration and deployment experience with a minimum of 5 years of good hands-on experience with cloud services related to computing, network, storage, content delivery, security, deployment, and implementing Cloud and DevOps best practices. Extensive knowledge of various Cloud services at the SDK Level Experience hosting an application on the Public Cloud using Cloud services with IAAS offerings. Expertise in Infrastructure capacity sizing and costing of Cloud services to drive optimized solution architecture, leading to optimal infrastructure investment vs performance and scale. Experience with software and product development lifecycle (incl. coding, coding standards and reviews, source control, testing, debugging, build, deployment, and operations) Good experience in automating manual activities using a scripting language. Expert-level experience in writing infrastructure as code templates Experience in Cloud Native DevSecOps CI/CD components Hands-on experience using version control systems, build, and deployment tools. Good knowledge of Microservices Design and Architecture Provide hands-on technical support for business applications and processes. Balance of strategic and tactical skills and the ability to work on cross-functional teams. Ability to review deployment and delivery pipelines i.e., implement initiatives to minimize chances of failure, identify bottlenecks, and troubleshoot issues. Excellent time management and organizational skills Deep knowledge and experience in complex and large-scale projects Deep understanding of Application, Infrastructure, and security architecture and non-functional aspects like Performance, Scalability, Reliability, Availability, etc Technical skills: Extensive hands-on experience using AWS/Azure/GCP Cloud services: Networking, Windows/Linux virtual machines, Container, Storage, LB, Auto Scaling, Serverless Architecture, Managed DB services, DW, Data Factory, and Analytics Services . Must have expert-level hands-on experience in writing Infrastructure As Code templates using Terraform, CloudFormation/Azure Resource Manager templates/ GCP deployment manager . Must possess excellent knowledge of Configuration Management tools ( Ansible, Chef, Puppet ). Must have strong expertise in operating Linux/Unix environments and scripting languages like Python, Perl, Bash, and PowerShell . Expert in architecting and maintaining containerization and virtualization platforms like Docker, Kubernetes, AWS EKS, Azure AKS, GCP GKE, or OpenShift Experience with Version control systems like GitHub , AWS Code Commit, and Azure Repos Experience with CI/CD tools like Jenkins, GitLab, Bamboo, Circle CI, GitHub Actions, and Argo CD Experience with Cloud Native CI/CD tools: AWS Code Build/Pipeline/Deploy and Azure DevOps Experience with monitoring and observability tools like AppDynamics, Dynatrace, DataDog, Prometheus, Grafana, and NewRelic Familiar with Quality and Security Management tools like SonarQube, Snyk, Aqua Security, Fortify, CheckMarx, Selenium, JUnit, Qualys, Tenable and OWASP ZAP Strong understanding of one or more development platforms DotNet technologies, (C#), Java / JavaScript Familiarity with REST API/ Webservices/ Postman Familiarity with Data Ingestion, Analytics, and AI technologies Knowledge of integration techniques (System & network configuration) Knowledge of Databases ( Mysql, MS SQL, MongoDB ) would be a plus. Consulting & Pre-Sales Assist the sales, and pre-sales team in prospecting with relevant technical pitches and market Orange business-specific data. Support and organize technical responses to RFP / RFI’s Assist sales teams in responses to RFPs and technical requirements documents. Propose the Level Of Effort based on the Sales team-provided Scope Of Work for the implementation. Conduct detailed technical workshops with customers to define the “to-be” architecture and plan the migration roadmap together. Strong executive speaking and presentation skills - Formal presentations, whiteboarding, large and small group presentations. Soft skills: Demonstrate strong analytical and technical problem-solving skills by leveraging the latest trends in technologies. Handle ambiguity and be able to move forward with imperfect information and get things done in a rapidly changing environment. Must be comfortable working in an environment where ideas are challenged. Should possess good product instinct and excellent project management skills to push projects over the finish line with sound planning and persistent execution. Excellent communication, presentation, and conflict resolution skills Astute in aligning effort & resources to achieve desired results. Education and certifications: Bachelor’s degree, Software Engineering, or equivalent work experience Professional Cloud Certifications ( AWS/Azure/GCP) AWS Certified DevOps Engineer Professional preferred Azure DevOps Engineer ­­­­­­­­Certification preferred. Docket/Kubernetes certification preferred.

Requirements: Experience: 7+ Years Security Tools: Black Duck, Prisma Cloud, Qualys, Snyk, Coverity, SonarQube, Burpsuite (Anyone) DevOps Stack: Jenkins, Kubernetes, Helm, Docker Programming: Python, Shell, YAML, JSON (Good to have) Cloud Platforms: AWS, GCP (Understanding basics of Cloud) Vulnerability Management: Own end-to-end vulnerability lifecycle for a given Business Unit consisting of multiple enterprise level products. (SaaS & on-prem). Triage, track, Correlate and remediate vulnerabilities from tools like Black Duck, Prisma Cloud, Qualys, Jfrog Xray etc. Security Automation: Integrate security scanning tools into common tools. Develop dashboards and reports for compliance and leadership visibility. Write high level design to automate a few of the manual work. Collaboration & Governance: Work cross-functionally with product teams, and stakeholders. Contribute to security policies, standards, and best practices. Qualification: Bachelor’s degree in computer science, Engineering, or a related field Job Category: IT Support Job Location: Hyderabad Job Country: India

Key Responsibilities Engineering Excellence Responsible for designing, building, and optimizing the automation processes for provisioning infrastructure and applications – via infrastructure-as-code Standardize and streamline build and release pipelines – CICD Configure and administer platforms and services Support operational activities by ensuring platforms and infra for pipelines are optimal, recoverable, and easily scalable to meet the capacity demands Provide incident management oversight – root cause analysis, stakeholder communications, post-mortems, and manage preventative measures and resolutions Drive improvements in operational efficiency for all services Actively involved in deployments of platform and pipeline artefacts Ensure security, high availability, and disaster recovery are always front of mind Continuous monitoring of cost and risk – with a view to reducing and mitigating Ensure production and non-production environments stay in sync through the alignment of stable standards, code and configurations Identify relevant emerging trends and build compelling cases for adoption e.g. tool selection Involved in PoCs, prototypes and innovation spikes to seek directional outcomes Capabilities and Experience Essential Experience Proficient with CICD toolchains (e.g. Azure DevOps, Jenkins, Git, Artefactory etc.) Proficient in one or more scripting languages for automation (e.g. Linux Bash, PowerShell, Python) Proficient in provisioning platforms via Infrastructure-as-Code (IaC) techniques (e.g. Terraform, YAML, Azure Resource Manager (ARM)) Working experience configuring, securing and administering platforms in Azure; knowledge in Cloud infrastructure and networking principles (e.g. Azure PaaS, IaaS) Demonstrable knowledge of working with distributed data platforms (e.g. Azure ADLS, Data Lakes) Experience working with vulnerability management and code-inspection tooling (e.g. Snyk, SonarQube) Possess an “automation-first” mindset when building solutions; considerations for self-healing and fault-tolerant methods to minimize manual intervention and downtime Desirable Experience Experience building/maintaining an API-led event-driven architecture, e.g. using Azure Event Grid, Azure Functions Cluster image container management (e.g. Azure Container Registry) Good understanding of network configuration – DNS, Routing, VPN, Firewalls, Endpoint management Experience of including vulnerability management within the deployment pipelines – for package dependencies and containers Experience in implementing custom Data Observability, capturing telemetry to understand the health of data and pipelines better

Test Engineering involves bringing a modern, automation-first, and team-based approach to testing software and data services. The Core Principles align with Agile principles, empowering Test Engineer team members to promote Agile concepts through conversations, behaviors, and expectations. As a Test Engineer, you will utilize your expertise in software quality techniques and tools within a collaborative, team-based environment. You will collaborate to design optimal testing approaches, work across multiple tech stacks, and implement automation using various tools. As a quality champion, you will help the team maintain and improve velocity. Your experience and learning mindset enable you to take on new challenges, establish areas of expertise, and elevate the Quality Engineering capability. Working in an agile team-based environment, you will contribute to increasing team velocity, build reliable test automation, define acceptance criteria, facilitate defect triage, and produce quality metrics. A computer science-based mindset is required, and a technology-based education is beneficial. Responsibilities: - Develop and evolve test plans for complex applications. - Deconstruct business requirements into tests optimizing coverage and risk (95% target test coverage). - Create reliable test automation (95% target test automation). - Implement automation for new business functionality using test automation frameworks. - Assess testability of user stories and provide advice on acceptance criteria, non-functional requirements, and the definition of done. - Collaborate closely with engineering teams, demonstrating strong debugging skills. - Share knowledge with the team and recommend new tools/processes to enhance productivity and quality. Qualifications: - 3+ years of experience as a Test Engineer or similar role. - 1+ year of experience in Java, Python, or JavaScript development (intermediate - advanced level). - 3+ years of experience with Test Automation frameworks (e.g., Selenium, Junit, Nunit, Robot, etc.). - Experience developing functional tests (e.g., integration, interface/API testing, and unit testing). - Familiarity with web service technologies (e.g., XML, REST, SOAP). - Bachelor's degree in engineering, computer science, computer engineering, or equivalent work experience. Preferred Qualifications: - Experience in non-functional tests (performance testing, load testing, stress testing, security testing, etc.). - Strong technical individual contributor with modern quality engineering tools experience. - Familiarity with black-box and white-box testing. - Knowledge of various deployment strategies (Blue/Green, Canary, A/B, etc.). - Experience with BDD and TDD. - Proficiency in Code Quality tools (e.g., SonarQube). - Familiarity with Security Scanning tools (e.g., Snyk, BlackDuck). - Experience with CI tools (e.g., Jenkins, GitLab, CircleCI). - Passion for product quality and reliability, along with excellent communication and problem-solving skills. If you need a reasonable accommodation due to a disability to use our search tools or apply for a career opportunity, review the Accessibility at Citi. View Citi's EEO Policy Statement and the Know Your Rights poster.,

Responsibilities Design, implement, and optimize secure CI/CD pipelines across hybrid environments (cloud/on-prem). Operationalize DevSecOps frameworks with embedded controls for static/dynamic code analysis, secrets management, and runtime policy enforcement. Implement Infrastructure as Code (IaC) practices using tools like Terraform, Ansible, CloudFormation. Integrate cybersecurity tools and telemetry (e.g., SAST, DAST, SCA, EDR, vulnerability scanners) across the development lifecycle. Govern DevOps platform tools (e.g., Jenkins, GitHub Actions, Azure DevOps, ArgoCD) with secure configurations and traceability. Partner with cybersecurity teams to ensure regulatory alignment (IEC 62443, NIST CSF) via automated controls and compliance-as-code. Enable release velocity and rollback confidence through blue-green deployments, canary testing, and automation QA. Drive performance monitoring and incident response readiness through log aggregation, alerting, and dashboarding (e.g., Prometheus, Grafana, ELK). Coach DevOps engineers, implement sprint KPIs, and lead tool evaluations for emerging automation and security tooling. Preferred Qualifications Education: Bachelor’s degree in Computer Science, Engineering, or a related technical discipline. Master’s degree preferred (in Cybersecurity, Systems Engineering, or DevOps Automation). Certifications (preferred): DevOps: Certified Jenkins Engineer, GitHub Actions, Azure DevOps Expert, or similar. IaC / Automation: HashiCorp Terraform Associate, Red Hat Ansible Automation. Security Tooling: Practitioner-level training in SAST/DAST/SCA/EDR (e.g., Aqua Security, Snyk, SonarQube). Cloud Security: AWS Security Specialty, Azure Security Engineer, or CCSP. Compliance: Awareness training in IEC 62443 or NIST CSF is desirable. Qualifications Key Requirements 8 + years of technology experience with strong focus on DevOps, cybersecurity integrations, and infrastructure automation. Expertise in building and governing CI/CD pipelines and cloud-native deployment workflows. Proven knowledge of tools such as Jenkins, GitHub Actions, ArgoCD, Terraform, Vault, and container security platforms. Hands-on experience with security tools integration (e.g., Checkmarx, SonarQube, Aqua, Snyk, Prisma Cloud). Familiarity with compliance and security frameworks (e.g., NIST, ISO 27001, IEC 62443) in OT/IT environments. Experience working with OT/ICS environments or industrial networks is preferred. Strong scripting and automation skills (Python, Shell, Go, etc.). Ability to work in cross-functional, Agile-driven teams and mentor engineers in secure software delivery practices.

Test Engineering is how we bring a modern, automation-first, and team-based approach to testing software and data services. Our Core Principles align with Agile principles and seek to empower our Test Engineer team members to have conversations, establish behaviors, and set expectations that promote Agile concepts. As a Test Engineer, you will bring your expertise in software quality techniques and tools to a collaborative, team-based environment. You will dive into the technical details, collaborating to design an optimal testing approach. You will work across multiple tech stacks and implement automation using a variety of tools. As a champion of quality, you will enable the team to maintain and improve velocity. Your growing experience and learning mindset enable you to take on a variety of new challenges and establish areas of expertise. You will have opportunities to share your knowledge and help us continually elevate the Quality Engineering capability. As a Test Engineer, you should have experience working in an agile team-based environment where you consistently added velocity to the team. You confidently use code to build reliable, trusted test automation. You will be expected to help define clear acceptance criteria, facilitate defect triage, and produce quality metrics. You may have built deep expertise in a particular area of modern software quality, or you may have a breadth of experience across technology solutions. Your learning mindset enables you to take on new challenges to expand and deepen your skills across a wide variety of technology stacks. A computer science-based mindset is needed; a technology-based education is helpful. Responsibilities: Develop and evolve test plans for complex applications. Deconstruct business requirements into tests that optimize for coverage and risk (95% target test coverage). Create trusted test automation with high reliability and relevancy (95% target test automation). Work with test automation frameworks to implement automation for new business functionality. Assess and advise on testability of user stories, including acceptance criteria, non- functional requirements, and the definition of done. Work closely with engineering teams and demonstrate strong debugging skills. Share what you learn with your team and other members of the organization, such as recommending new tools/processes needed to enhance productivity and quality. Qualifications: 3+ years of experience workingas a Test Engineer or similar role 1+ year of experience with Java, Python or JavaScript development (intermediate - advanced level) 3+ years of experience working with Test Automation frameworks (e.g., Selenium, Junit, Nunit, Robot, etc.) Experience developing functional tests (e.g., integration, interface/API testing and unit testing) Experience with web service technologies (e.g., XML, REST, SOAP) Bachelor's degree in engineering, computer science, computer engineering, or equivalent work experience Preferred Qualifications: Experience developing non-functional tests (i.e., performance testing, load testing, stress testing, security testing, etc.) Strong technical individual contributor - experienced with modern quality engineering tools Experience with black-box and white-box testing Knowledge of various deployment strategies (i.e., Blue/Green, Canary, A/B, etc.) Experience with BDD and TDD Experience with Code Quality tools (e.g., SonarQube) Experience with Security Scanning tools (e.g., Snyk, BlackDuck) Experience with CI tools (e.g., Jenkins, GitLab, CircleCI) Passion for excellence in product quality and reliability Excellent communication and problem-solving skills ------------------------------------------------------ Job Family Group: Technology ------------------------------------------------------ Job Family: Technology Quality ------------------------------------------------------ Time Type: Full time ------------------------------------------------------ Most Relevant Skills Please see the requirements listed above. ------------------------------------------------------ Other Relevant Skills For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View Citi’s EEO Policy Statement and the Know Your Rights poster.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.