92 Sonatype Jobs - Page 2

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. At Sonatype, we empower developers with best-in-class tools to build secure, high-quality software at scale. Our mission is to create a world where software is always secure and developers can innovate without fear. Trusted by thousands of organizations, including Fortune 500 companies, we are pioneers in software supply chain management, open-source security, and DevSecOps. We're looking for a Senior Devops Engineer to help us shape the future of secure software development. If you love solving complex problems, working with cutting-edge technologies, and mentoring engineering teams, we’d love to hear from you. What You’ll Do As a Senior Devops Engineer, you will play a critical role in designing, developing, and scaling Sonatype’s core products. You’ll work across the stack—building powerful backend services, intuitive frontend experiences, and robust cloud-native applications. You'll also provide technical leadership and mentorship, influencing engineering best practices across the team. Key Responsibilities You are an engineer who has 4+ years of experience running high availability systems and supporting infrastructure in customer-facing production environments. You are motivated by the opportunity to define repeatable practices for service delivery- via modular, reusable automation and a developer platform that enables self-service delivery of services. You will also participate in the governance controls that reduce risk and promote standardization across the organization. You will be a member of the Sonatype Developer Experience team, which has a wide range of responsibilities to drive service delivery excellence for Sonatype products and services that are customer-facing and customer-adjacent. You will refine a set of high level enablement practices - for instance, design review, service launch coordination, production readiness assessment, service level objective definition / review, incident management, and cost awareness- to support delivery teams at various phases of their service lifecycle and maturity. You will collaborate closely with Sonatype delivery teams to define product specific metrics and remediations through system analysis, testing, and fault troubleshooting. What We’re Looking For We’re seeking an experienced engineer who thrives in an agile, collaborative environment and enjoys tackling technical challenges. Minimum Qualifications Proficiency with a high-level programming language (eg: Python, Go), bash scripting and linux Proficiency in modern technical operating practices System architecture & design experience Continuous integration / continuous delivery (Jenkins, FluxCD and GitHub Actions) Infrastructure as Code (Terraform) Cloud services (AWS) and Kubernetes SRE principles & practices Experience with specific AWS offerings, including many of: ECS/EKS/ECR EC2, S3, RDS, VPCs IAM Policy Docs, Policies, Roles, and Instance Profiles Cloudwatch Logs Docker Containers and orchestration (ECS, EKS) Terraform and the use of Terraform modules Kubernetes cluster concepts and design Experience improving service observability: monitoring agents, metrics, logging and dashboards. Knowledge of OpenTelemetry and Prometheus and observability platforms similar to DataDog, Splunk, Dynatrace or Observe Comfortable participating in an on-call rotation with teammates to respond and triage production issue escalations during off-hours At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. At Sonatype, we empower developers with best-in-class tools to build secure, high-quality software at scale. Our mission is to create a world where software is always secure and developers can innovate without fear. Trusted by thousands of organizations, including Fortune 500 companies, we are pioneers in software supply chain management, open-source security, and DevSecOps. We're looking for a Staff Devops Engineer to help us shape the future of secure software development. If you love solving complex problems, working with cutting-edge technologies, and mentoring engineering teams, we’d love to hear from you. What You’ll Do As a Staff Devops Engineer, you will play a critical role in designing, developing, and scaling Sonatype’s core products. You’ll work across the stack—building powerful backend services, intuitive frontend experiences, and robust cloud-native applications. You'll also provide technical leadership and mentorship, influencing engineering best practices across the team. Key Responsibilities You are an engineer who has 8+ years of experience running high availability systems and supporting infrastructure in customer-facing production environments. You are motivated by the opportunity to define repeatable practices for service delivery- via modular, reusable automation and a developer platform that enables self-service delivery of services. You will also participate in the governance controls that reduce risk and promote standardization across the organization. You will be a member of the Sonatype Developer Experience team, which has a wide range of responsibilities to drive service delivery excellence for Sonatype products and services that are customer-facing and customer-adjacent. You will refine a set of high level enablement practices - for instance, design review, service launch coordination, production readiness assessment, service level objective definition / review, incident management, and cost awareness- to support delivery teams at various phases of their service lifecycle and maturity. You will collaborate closely with Sonatype delivery teams to define product specific metrics and remediations through system analysis, testing, and fault troubleshooting. What We’re Looking For We’re seeking an experienced engineer who thrives in an agile, collaborative environment and enjoys tackling technical challenges. Minimum Qualifications Proficiency with a high-level programming language (eg: Python, Go), bash scripting and linux Proficiency in modern technical operating practices System architecture & design experience Continuous integration / continuous delivery (Jenkins, FluxCD and GitHub Actions) Infrastructure as Code (Terraform) Cloud services (AWS) and Kubernetes SRE principles & practices Experience with specific AWS offerings, including many of: ECS/EKS/ECR EC2, S3, RDS, VPCs IAM Policy Docs, Policies, Roles, and Instance Profiles Cloudwatch Logs Docker Containers and orchestration (ECS, EKS) Terraform and the use of Terraform modules Kubernetes cluster concepts and design Experience improving service observability: monitoring agents, metrics, logging and dashboards. Knowledge of OpenTelemetry and Prometheus and observability platforms similar to DataDog, Splunk, Dynatrace or Observe Comfortable participating in an on-call rotation with teammates to respond and triage production issue escalations during off-hours At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

Job Description Senior Associate, Information Security Analyst At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators and champions of inclusion, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Senior Associate, Information Security Analyst to join our WEALTH SERVICES ENGINEERING SDG team. This role is located in CHENNAI, TN. In this role, you’ll make an impact in the following ways: Actively contribute to the organizational Vulnerability Management program Perform Design reviews and provide approvals to initiatives Perform Dynamic, Static scans and Software Composition Analysis for a specified inventory of applications Perform Ethical Hacking for a specified inventory of applications Provide metrics on Vulnerability reduction and Scan progression Prepare reports for Senior Management on the current risk posture of the organization Provide support to audits and client queries on the Vulnerability Management process, procedures and its execution Provide support to Application Managers and Developers during each Sprint To be successful in this role, we’re seeking the following: Bachelor’s or Master’s degree in Computer Science Engineering, OR Electronics and Communications Engineering, OR related discipline 3 to 7 years of work experience in Application Security domain is required. Should be able to identify security flaws in design, source code and deployed applications with ease Should have working knowledge of tools such as Microsoft Threat Modeler, HCL AppScan, OpenText Fortify, Sonatype Nexus IQ, Portswigger Burp Suite, OpenText WebInspect Strong written communication skills Should have prior experience working in and as a team Should keep pace with current vulnerability trends by researching on industry standards and best practices At BNY, our culture speaks for itself, check out the latest BNY news at: BNY Newsroom BNY LinkedIn Here’s a Few Of Our Recent Awards America’s Most Innovative Companies, Fortune, 2025 World’s Most Admired Companies, Fortune 2025 “Most Just Companies”, Just Capital and CNBC, 2025 Our Benefits And Rewards BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)

Company Description Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid. Make an impact with a purpose-driven industry leader. Join us today and experience Life at Visa. Job Description Cybersecurity – Product Security Engineering team prides itself in keeping Visa systems up and secure, catering to the 24*7 needs of the business. The team uses Java, Angular, Python, AI/ML in building new age solutions that helps Visa Products more secure and provide proactive security measures. We are looking for a SW Engineer who is a highly motivated experienced individual contributor. They will be responsible for innovative planning, designing, developing effective solutions in accordance with industry standards on best web development practices. As part of the team, you will be required to own key modules, perform code reviews, design reviews and suggest best practices, implement design and development standards. The role is a consultant who has the passion to solve problems, factor old codes, learn and pick up new technologies like generative AI, , LLM, On-prem/Cloud models. The role will also be required to lead implementations on key modules. Essential Functions: Design and develop the build, deployment pipelines for multiple products Implement the quality gates in the build and deployment pipeline Help build the docker containers, manage them on Kubernetes, manage the docker images, build artifacts, promotions to different environments Take care of the end-to-end observability framework for the different products Managing Jenkins pipeline, source code repository, antifactory and different environments. Work with the development teams, operations team and other stack holders to help with any new enhancements required from DevOps point of view. Challenge the status quo and propose new and better ways of solving the problems. Build working relationships with global and virtual teams on software development Automate infrastructure provisioning and configuration management Ensures release quality and integrity through validation processes. Troubleshoots issues arising during build, deployment, or post-release process. Collaborates with other teams to streamline and automate the release process. Manages all environments including development, testing, staging, and production. Continually working on improvements to the release and environment management process, incorporating feedback from all stakeholders. This is a hybrid position. Hybrid employees can alternate time between both remote and office. Employees in hybrid roles are expected to work from the office 2-3 set days a week (determined by leadership/site), with a general guidepost of being in the office 50% or more of the time based on business needs. Qualifications Basic Qualifications: Bachelor’s degree, OR 3+ years of relevant work experience. Preferred Qualifications: 2 or more years of work experience. Proven experience in DevSecOps/release management, software development, or system administration. Experience with DevOps tools and release management. Strong knowledge of software development life cycles, continuous integration, and delivery methodologies. Proficiency in version control systems like Git, build tools like Jenkins, Maven and relevant DevOps tools like Kubernetes, Docker, etc,. Proficiency in security and quality integrated tools like Checkmarx, SonarQube and SonaType etc., Proficiency in Automation of UI & API functionalities using Selenium – TestNG or similar frameworks Experience with languages such as Java, Groovy, Python. Handson Experience creating Ansible playbooks, Jenkins pipelines, GitHub Actions workflows. Excellent problem-solving skills and attention to detail. Strong communication and collaboration abilities. Bachelor or Master’s Degree in Computer Science, or related technology/engineering discipline. Additional Information Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. About The Role We are seeking a skilled Information Security Engineer to join our team and play a crucial role in securing our digital assets. This role offers an exciting opportunity to work with cutting-edge security tools, collaborate with global teams, and contribute to strengthening our cybersecurity framework. Key Responsibilities Conduct vulnerability scans, analyze results, and support remediation efforts. Manage security incidents, including response, resolution, and prevention. Proactively protect digital assets, mitigating risks before breaches occur. Implement, configure, and upgrade security tools and systems. Evaluate, integrate, and configure security technologies to enhance protection. Collaborate with technical teams, product managers, and third-party vendors on security initiatives. Respond to cybersecurity alerts, monitor logs, and manage security events. Perform technical risk assessments on software, tools, and third-party integrations. Identify vulnerabilities in infrastructure and provide risk-based recommendations. What We’re Looking For 8+ years of experience in software development or security engineering. 7+ years of experience in DevOps and security operations. 7+ years handling incident response and escalation. Strong understanding of vulnerability management and scanning tools. Familiarity with common security frameworks, protection methods, and DevSecOps. Experience with SAST, DAST, SCA, or related security testing tools. Hands-on experience conducting security reviews (architecture, source code, infrastructure). Experience deploying automated/custom vulnerability scans. Knowledge of cloud and infrastructure security principles. Bonus Skills (Good To Have) Knowledge of web application security (e.g., OWASP Top 10). Understanding of security architecture principles. Familiarity with threat modeling frameworks and security assessments. Relevant certifications such as: SANS Certifications: GSEC, GCIH, GCLD, GCID, GMON (ISC)² Certifications: CISSP, CC, SSCP, CCSP, CAP, CSSLP Why Join Us? Work with a global team at the forefront of cybersecurity. Exciting career growth opportunities with industry-leading experts. Work-from-home flexibility with a strong work-life balance. Continuous learning & certification support to advance your skills. At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale. As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains. Sonatype is a leader in software supply chain management, helping organizations develop secure and high-quality applications faster. Our products empower development teams to automate security, compliance, and governance across the software lifecycle. We are looking for a Full Stack Principal Software Engineer to join our growing team in India. This role is for someone who thrives in designing and building scalable applications, leading technical strategy, and mentoring teams while working with modern front-end and back-end technologies. Responsibilities Architect & Develop: Design and implement scalable, high-performance software solutions for Sonatype’s platform. Full Stack Development: Build and maintain front-end applications using modern frameworks (React, Angular, Vue.js ) and back-end services using Java, Spring Boot, and cloud-native technologies. Technical Leadership: Provide technical guidance, conduct code reviews, and mentor engineers to improve software quality and performance. Scalability & Security: Ensure software solutions adhere to best practices for security, scalability, and performance. Cloud & DevOps: Deploy and manage applications on cloud platforms (AWS, Azure, GCP) using Kubernetes, Docker, and CI/CD pipelines. Collaboration: Work cross-functionally with product managers, UX designers, and other engineers to deliver customer-centric solutions. Required Skills 10+ years of experience in full-stack development with expertise in Java, Spring Boot, and modern front-end frameworks. Strong experience with microservices architecture and cloud-based development. Deep knowledge of front-end technologies such as React.js , Angular, TypeScript, JavaScript, HTML, CSS. Experience with database technologies like PostgreSQL, MySQL, MongoDB. Hands-on experience with Docker, Kubernetes, CI/CD tools (Jenkins, GitHub Actions, ArgoCD, etc.). Strong understanding of API design, GraphQL/REST, and authentication protocols (OAuth, JWT, SAML). Experience leading development teams, mentoring engineers, and driving technical decisions. Excellent problem-solving skills and ability to work in an agile, fast-paced environment. Fluency in English - spoken and written Preferred Qualifications Experience with Sonatype products (e.g., Nexus Repository, Lifecycle). Knowledge of DevSecOps practices and software security best practices. Familiarity with serverless computing (AWS Lambda, Azure Functions). Contributions to open-source projects or active participation in the software development community. Why Join Sonatype Impactful Work: Shape the future of secure software development. Innovative Environment: Work with cutting-edge technologies and a passionate team. Career Growth: Opportunities for leadership and technical advancement. Join us at Sonatype India and be part of a mission-driven company revolutionizing software supply chain security! Things that we are proud of 2023 Forrester Leader in SCA #1 ranked SCA 2022 Frost & Sullivan Technology Innovation Leader Award: Sonatype earned Frost & Sullivan’s 2022 Global Technology Innovation Leadership Award in Development and Operations (DevOps) Security. NVTC 2022 Cyber Company of the Year: Sonatype was named Commercial Cyber Company of the Year and a Capital Cyber Award-winner by the Northern Virginia Technology Council (NVTC) 2022 Annual Peer Award: Sonatype’s Nexus Lifecycle won a PeerSpot Silver Peer Award as a leading Enterprise Technology solution in the Software Composition Analysis category. 2022 Best in Biz Award: Sonatype CEO Wayne Jackson was recognized as a Silver Winner in the Best in Biz Awards' Executive of the Year category. Tech Ascension Awards: Sonatype was named the Best DevOps Security Solution for Nexus Lifecycle and Nexus Firewall (Software Composition Analysis). BuiltIn Best Places to Work: Sonatype was named to the Washington DC 100 Best Places to Work list and Washington DC Best Midsize Places to Work list. Company Wellness Week - We shut down company operations for a week to enable all employees to spend time pursuing personal growth and enjoying much needed and deserved rest. Diversity & Inclusion Working Groups Parental Leave Policy Paid Volunteer Time Off (VTO) LI-AL1 At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the world’s most innovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as they provide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days are the same. Your Role Perform static application security testing on source code using Fortify. Perform software composition analysis using Sonatype IQ Assist with scan onboarding and troubleshooting Integrate tools into Jenkins pipelines Collaborate with teams to remediate high/critical findings Generate and analyse SCA scan result Automate reporting and dashboards Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. Your Profile Deep understanding of Source code review, SCA and SBOM Hands-on experience with SAST and SCA tool Fortify SCA, Sonatype IQ. Good understanding of secure coding practices for languages such as Java, .NET ,JavaScript,Python,etc. Strong knowledge of OWASP Top 10, CWE, and secure software development lifecycle (SSDLC). Familiarity with CI/CD pipelines and integrating security tools in DevOps. (Jenkins, GitHub) Security certifications such as OSCP, GWAPT, eWPTX, CEH, CRTP will be an added advantage. What Will You Love Working At Capgemini Every Monday, kick off the week with a musical performance by our in-house band - The Rubber Band. Also get to participate in internal sports events, yoga challenges, or marathons. At Capgemini, you can work on cutting-edge projects in tech and engineering with industry leaders or create solutions to overcome societal and environmental challenges. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. You will have the opportunity to learn on one of the industry's largest digital learning platforms, with access to 250,000+ courses and numerous certifications. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

📍 Location : Pune / Hyderabad 🧠 Experience : 5–7 Years 💼 Type : Permanent 📄 Job Description We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management , access governance, and compliance reporting in a highly regulated environment. 🔐 Key Responsibilities 🔑 IAM & Secrets Management Define and enhance secrets management controls across machine-to-machine authentication systems. Support IAM operations by maintaining access governance for credentials, keys, and tokens. Provide subject matter expertise (SME) on secrets and credential management tools and best practices. 📊 Control Monitoring & MI Reporting Work with IAM Control Owners to define and track KPIs/KCIs/KRIs. Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders. 🔄 Risk, Governance & Compliance Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001. Identify cybersecurity exposure risks and support remediation planning. Implement strong governance processes for continuous compliance and risk reduction. 🤝 Stakeholder Management Collaborate with business units, IT, cybersecurity, and operations teams across global regions. Provide support during audits and external reviews. Lead cross-functional teams to define IAM standards, policies, and procedures. 📈 Continuous Improvement & Documentation Recommend improvements for IAM and Secrets Management efficiency, security, and scalability. Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents. ✅ Required Skills & Experience 5–7 years in Cybersecurity, IAM, or Access Governance roles. Strong knowledge of IAM controls, credential governance, and secrets management frameworks. Hands-on experience in: Application Security tools: MicroFocus Fortify (SAST/DAST), Checkmarx, Black Duck/Sonatype IQ, Veracode, Synopsys Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs). Familiarity with project management and governance frameworks. Excellent communication and presentation skills. Certifications such as CISSP, CISM, or other IAM-related credentials are preferred. 📌 Mandatory Skills Application Security – MicroFocus Fortify (SCA, SAST, DAST) Application Security – Open Source Tools (Black Duck, Sonatype IQ) Application Security – Veracode, Synopsys, Checkmarx IAM Governance, KPIs/KCIs, Risk Management Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)