43 Veracode Jobs

Role Summary: Designs and implements technical solutions for protecting the confidentiality, integrity and availability of sensitive information. Provides technical evaluations of client systems and assists with making security improvements. Provides technical support in the areas of vulnerability assessment, risk assessment, network security and security implementation. Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Conducts security product evaluations, and recommends products, technologies and upgrades to improve the client"™s security posture. Responsibilities : Customizes, validates, administers and supports a variety of enterprise wide information security platforms, systems, frameworks and applications, based on requirements provided by management; Develops implementation plans related to information security for systems, tools, platforms, and frameworks. Conducts security assessments of systems, tools, platforms, policies, procedures and frameworks. Creates designs and diagrams related to information security for systems, tools, platforms, and frameworks. Develops standard operating procedures for information security related to systems, tools, platforms, and frameworks. Leads audits and reviews designs for information security issues. Validates vulnerabilities identified during security testing, audits, and assessments, while reviewing for false positives. Understands large scale multi-tenant software products supporting multiple government agencies. Understands large scale software integrations of multiple software products. Acts as source for direction, training and guidance for less experienced information security engineers. Works with engineering teams to define and refine information security and systems management policies and settings. Evaluates new and emerging products, technologies and make recommendations to leadership concerning introduction of new technologies. Required Skills > 6 years of information security experience for state and/or federal agencies required. > 6 years of leading information security assessments, policy development, framework implementation, and tool implementation. Must have knowledge of one or more of the following productsBroadcom Identity Manager, Identity Suite and Single Sign On. Preferred Skills Undergraduate degree Certification from Information Security Program (CISM, CompTIA, GSEC, CISSP, etc.) Preferred. Preferred knowledge of one or more of the following productsDell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.

Role Summary: Provides ongoing systems administration support including installation, customization, maintenance and troubleshooting of hardware / software systems. Provides technical support and advises on the use of programming tools, database systems and networks. Provides support to address the availability and reliability issues on systems (Windows/Unix/Mainframe) across multiple locations. Evaluates and integrates new operating system versions, drivers and hardware. Operational responsibilities include remediation of daily incident tickets, system compliance responsibilities, system run enhancement testing and staging, policy / procedure enhancements and adherence, client contact coordination and operational recommendations. Monitors and tunes the system to achieve optimum performance levels in standalone and multi-tiered environments. Implements appropriate levels of system security. Prescribes system backup / disaster recovery procedures and directs recovery operations in the event of destruction of all or part of the operating system or other system components. Ensures 24x7 after-hour support. Responsibilities : Researches, evaluates, and recommends software packages in support of system architecture needs. Defines specifications and requirements for software package modification and customizations. Plans, coordinates, and manages installation, maintenance, and modification of software packages. Participates in software package performance, troubleshooting, and problem resolution. Provides coordination with software vendors. Provide requirements and advises for software packages to end users, administrators and technical support personnel for hardware and network design, documentation, troubleshooting, and technical training. Participates in establishing departmental policy with regard to data definition, data relationships, database design, database implementation, database operation, database security, and data accessibility. Perform database planning, administration, data standards, database security, and database documentation for software packages. Reviews the feasibility and advisability of proposed additions and modifications to the database. Install and customize software and hardware in order to manage, monitor, and otherwise support an enterprise system. Performs monitoring of network, hardware, and storage capacity, through the implementation of an inventory management system. Designs and implements integrations of software packages. Consults with software vendors to evaluate software and hardware for enterprise network management. Defines and manages the configuration of data on network software and hardware components. Monitor all attached devices in a complex LAN environment, such as workstations, servers, bridges, and multi-station access units, including analyzing performance, diagnosing performance problems, and performing load balancing. Understands large scale multi-tenant software products supporting multiple government agencies. Understands large scale software integrations of multiple software products. Required Skills > 6 years of designing application architectures for state and/or federal agencies required, > 6 years of designing application architectures that include incorporating industry standards such as MITA 3.5, HIPAA, NIST, and other applicable standards required Excellent knowledge of systems software / hardware, networks and operating systems. Exceptional knowledge of processes and tools utilized for system management, problem reporting, change management and support tools. Must have knowledge of one or more of the following productsIBM Decision Center, IBM Decision Server, Software AG webMethods, Broadcom/Software AG API Gateway. Preferred Skills Undergraduate degree Experience supporting on-prem data center and cloud for State and/or Federal agencies. Preferred knowledge of one or more of the following productsDell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.

Job Description: Experience: At least 6 years in static code analysis/SAST (Static Application Security Testing), secure coding, and software development. Technical Skills: Proficiency in static code analysis tools (e.g., SonarQube, Veracode, Checkmarx) and experience with secure code review of multiple programming languages, including: Java Python .NET/C# C/C++ Code Review Skills: Ability to read and understand source code across various programming languages and tech stacks, troubleshoot false positives, and confirm genuine issues. Secure Coding Knowledge: Strong understanding of secure coding practices, including OWASP Top 10, SANS 25, and CWE, applicable to cloud and non-cloud environments. Communication and Collaboration Skills: Excellent communication and interpersonal skills, with the ability to: Effectively explain complex technical concepts to non-technical stakeholders Collaborate with developers across multiple teams to drive remediation efforts Facilitate training and awareness programs for developers Work independently and as part of a distributed team

Microservices Developer (Java, Spring Boot, AWS ROSA) Design, develop, and deploy Java Spring Boot-based microservices on AWS ROSA platform Leverage Kong API Gateway and KPI Management Platform for API governance, observability, and traffic control

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Spring Boot, Java Enterprise Edition, Microservices and Light Weight Architecture, Cloud Technologies Good to have skills : React.js Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. You will be responsible for creating efficient and scalable applications using Spring Boot and other relevant technologies. Your typical day will involve collaborating with the team to understand business needs, designing and implementing application features, and ensuring the applications meet quality standards and performance requirements. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work-related problems. Collaborate with the team to understand business needs and translate them into technical requirements. Design and develop high-quality software solutions using Java Enterprise Edition and Microservices architecture. Implement and maintain scalable and efficient applications using Spring Boot and Light Weight Architecture. Participate in code reviews to ensure code quality and adherence to best practices. Troubleshoot and debug application issues, identify bottlenecks, and propose solutions. Stay up-to-date with industry trends and technologies to continuously improve skills and knowledge. Assist in the deployment and maintenance of applications in production environments. Professional & Technical Skills: Must Have Skills:Strong Proficiency in Spring Boot, Java Enterprise Edition, Restful Services, Microservices and Light Weight Architecture. Must Have Skills:3+ years' experience in Java/functional programming with java 11+, Spring Boot, REST-API, Kotlin, GraphQL, grpc, Postman Must Have Skills:2+ years' experience and exposure to Applications Integration patterns, J2EE patterns, Microservices Patterns and Streaming Services Integrations [Like Kafka. MQSeries, RabbitMQ etc.), Caching Patterns and Frameworks Must Have Skills:Any Cloud Exposure with Knowledge of Dockers and Kubernetes Containers and Deployment exposure. Must Have Skills:Version Control Tools such as GitLab or similar, understanding of code branching strategies, deployment process including CI/CD exposure. Must Have Skills:Knowledge of Code Review Tools:SonarQube, PMD, Check Style, Veracode, Check Marx, OWASP-ZAP, Testing:JUnit, Mocking Frameworks, Postman or similar Nice to Have Skills:Front End Development Experience with React.js, JavaScript, including DOM manipulation, Object-Oriented concepts, design patterns. Additional Information: The candidate should have a minimum of 3 years of experience in Spring Boot. This position is based at our Bengaluru office. A 15 years full-time education is required. Qualifications 15 years full time education

Role Description The Engineer designs and develops application code, implements technical solutions, and configures applications in different environments in response to business problems. To meet the requirements of the business, the Engineer actively participates in the design and architecture of the application or its components, investigates and proposes appropriate technologies to be used, promotes re-usability of existing components and contributes to the creation of frameworks. Build reliability and resiliency into solutions through early testing, peer reviews and automating the delivery lifecycle. Engineer should have detailed understanding of professional software engineering and best practices for full SDLC including coding standards, code reviews, source control management, build processes, testing, and operation. Successful candidate should be able to work independently on medium to large sized projects with strict deadlines. Should be able to work in a cross-application, mixed-technical environment and must demonstrate solid hands-on development track record while working on an agile methodology. The role demands working along-side a geographically dispersed team. Your key responsibilities Employs agile development best practices and mind-set for design, architecture, coding, testing, managing source code, continuous delivery practices and quality reviews. Design and discuss your own solution for addressing user stories and tasks Develop and unit-test, Integrate, deploy, maintain and improve software Perform peer code review Actively participate into the squad activities and ceremonies e.g. daily stand-up/scrum meeting Apply continuous integration best practices in general (SCM, build automation, unit testing, dependency management) Collaborate with other squad members to achieve the Squad/Sprint objectives Report progress/update Agile team management tools (JIRA/Confluence) Manage individual task priorities and deliverables Responsible for quality of solutions the Candidate/Applicant provides Contribute to planning and continuous improvement activities, Support the PO, Analyst and Scrum Master Exposure to any unit testing framework (Junit/Mockito (Any Unit Test Frameworks). Should have experience of using source control and build tool like Git/Bitbucket, Maven etc. Excellent communication (Oral, Written) and teamwork skills. Experience with Continuous Integration and Continuous Deployment tools such as Jenkins and TeamCity are preferred Your skills and experience Minimum 5 years+ on professional software development experience using Big Data, Hadoop, Spark, Linux, Oracle, Java technologies. Experience in any cloud technologies. GCP preferrable. Strong understanding of technologies as under: Big Data, Hadoop, ETL tool Database Oracle, PL/SQL, SQL Server Automation Testing: JUnit, Mokito, Selenium Scripting: Python, Shell Scripts SCM: BitBucket Build Tools: Maven (Build Tool), ANT, Teamcity Practices: Code Quality, Sonar, Veracode, Security, DevOPS, Agile, CI & CD Scheduling: Control M SDLC Tools - JAMA, JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket Strong analytical skills. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organisations. Excellent team player and open-minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Knowledge of IT delivery and architecture including knowledge of Data Modelling and/or BA.

Job Summary We are seeking a skilled Analyst with 4 to 5 years of experience to join our team in a hybrid work model. The ideal candidate will have expertise in Kubernetes Docker YAML PowerShell Veracode SONARQUBE Ansible and GIT. Experience in Asset & Wealth Management is a plus. This role involves day shifts with no travel requirements. Responsibilities Manage and optimize containerized applications using Kubernetes and Docker to ensure seamless deployment and scaling. Develop and maintain infrastructure as code using YAML and Ansible to automate processes and improve efficiency. Implement and manage continuous integration and continuous deployment (CI/CD) pipelines using GIT to streamline development workflows. Utilize PowerShell scripts to automate routine tasks and enhance system performance. Conduct security assessments using Veracode and SONARQUBE to identify vulnerabilities and ensure compliance with industry standards. Collaborate with cross-functional teams to integrate security practices into the software development lifecycle. Analyze and interpret data to provide actionable insights that drive business decisions and improve operational efficiency. Support the Asset & Wealth Management domain by leveraging technical skills to enhance system capabilities and performance. Troubleshoot and resolve technical issues promptly to minimize downtime and maintain service quality. Document processes and procedures to ensure knowledge sharing and continuity within the team. Stay updated with the latest industry trends and technologies to continuously improve skills and contribute to innovation. Provide technical guidance and support to team members to foster a collaborative and productive work environment. Contribute to the companys purpose by ensuring the delivery of high-quality secure and efficient solutions that positively impact society. Qualifications Possess strong expertise in Kubernetes Docker YAML PowerShell Veracode SONARQUBE Ansible and GIT. Demonstrate experience in Asset & Wealth Management is advantageous. Exhibit excellent problem-solving skills and the ability to work collaboratively in a hybrid work model. Show proficiency in automating processes and improving system performance through scripting and coding. Have a keen understanding of security practices and compliance standards in software development. Display effective communication skills to articulate technical concepts to non-technical stakeholders. Maintain a proactive approach to learning and adapting to new technologies and industry trends.

: Job TitleActimize Engineer, AVP LocationPune, India Role Description Technical Lead Anti Financial Crime (AFC) Case Management System Actimize & SAM What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Contributes and identifies and ensures server environments and deployment architecture Individual should be working on Acimize hands on AML, SAM, & Actone Case Management Solution Good understanding of hardware and software components, servers, code quality, security, etc. Hands on development as necessary to fill into coding, scripting, release management, software maintenance, etc. Ensures architectural changes (as defined by Architects) are implemented. Provides Level 3 support for technical infrastructure components (i.e., databases, middleware and user interfaces). Contributes to problem and root cause analysis. Integrates software components following the integration strategy. Verifies integrated software components by unit and integrated software testing according to the software test plan. Software test findings must be resolved. Ensures that all code changes end up in Change Items (CIs). Where applicable, develops routines to deploy CIs to the target environments. Supports creation of Software Product Training Materials, Software Product User Guides, and Software Product Deployment Instructions. Fixes software defects/bugs, measures and analyses code for quality. Collaborates with colleagues participating in other stages of the Software Development Lifecycle (SDLC). Identifies dependencies between software product components, between technical components, and between applications and interfaces. Identifies product integration verifications to be performed based on the integration sequence and relevant dependencies. Exposure to leading cloud solutions such as GCP, AWS would be an added advantage. Good understanding of infrastructure coding tools such as Chef, Terraform etc. Well verged with Networking concepts such as subnetting and firewalls Your skills and experience Strong understanding of technologies as under: VTL, JavaScript, AIS 4.29, ERCM 5.14 SQL ,Linux Automation BDD Cucumber ScriptingPython, Shell Scripts Server TechApache, Tomcat SCMBitBucket, Github Build ToolsTeamcity PracticesCode Quality, Sonar, Veracode, Security, DevOPS, Agile, CI & CD SchedulingControl M SDLC Tools - JAMA, JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket, ALM etc. 10+ Years of technology experience, continuous hands-on coding exposure, and ability to drive solutions At least 7 + Exp working on Actimize, AML, SAM & Fraud Solution Strong analytical skills. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organisations. Excellent team player and open minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Knowledge of IT delivery and architecture including knowledge of Data Modelling and/or BA. Experience with Test Driven Development (TDD) or Behavior Driven Development (BDD). Experience with unit and/or integration test tool chains and frameworks. (e.g. Wiremock, Mockito, PowerMock, Jasmine, Protractor etc.). Relevant Financial Services experience. Ability to work in a fast paced environment with competing and alternating priorities with a constant focus on delivery. Ability to balance business demands and IT fulfilment in terms of standardisation, reducing risk and increasing IT flexibility. Strong Actimize understanding with technical expertise and knowledge of below technologies Exposure to other technologies like UNIX, Job Scheduling (ExpControl-M) etc. Candidate is expected to have high desire to learn new technologies and implement various solutions in fast paced environment. Education Bachelor of Science degree from an accredited college or university with a concentration in Computer Science or Software Engineering (or equivalent) with a minor in Finance, Mathematics or Engineering. How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. - Grade Specific Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Skills (competencies) Verbal Communication

Databuzz is Hiring for DevSecOps Engineer-4+yrs-PAN India-Hybrid Please mail your profile to haritha.jaddu@databuzzltd.com with the below details, If you are Interested. About DatabuzzLTD: Databuzz is One stop shop for data analytics specialized in Data Science, Big Data, Data Engineering, AI & ML, Cloud Infrastructure and Devops. We are an MNC based in both UK and INDIA. We are a ISO 27001 & GDPR complaint company. CTC - ECTC - Notice Period/LWD - (Candidate serving notice period will be preferred) Position: DevSecOps Engineer Location: PAN India(Hybrid) Exp -4+ yrs Mandatory skills : A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming Strong passion and thorough understanding of what it takes to build and operate secure reliable systems at scale Strong passion and technical expertise to automate security functions via code Strong technical expertise with Application Cloud Data and Network Security best practices Strong technical expertise with multicloud environments including containerserverless and other microservice architectures Strong technical expertise with older technology stacks including mainframes and monolithic architectures Strong technical expertise with SDLC CICD tools and Deployment Automation Strong technical expertise with operating security for Windows Server and Linux Server systems Strong technical expertise with configuration management version control and DevOps operational support Strong experience with implementing security measures for both applications and data with an understanding of the unique security requirements of data warehouse technologies such as Snowflake Regards, Haritha Talent Acquisition specialist haritha.jaddu@databuzzltd.com

Job Title: Application Security Engineer SAST & DAST Experience Required: 3 to 8 Years Location: Hyderabad / Bangalore / Chennai / Mumbai / Pune / Kolkata / Gurgaon Mode of Interview: MS Teams (12 rounds) Notice Period: 0 to 30 Days Job Overview: We are looking for an experienced Application Security Engineer specializing in SAST & DAST to join our growing team. The ideal candidate will be responsible for integrating security throughout the software development lifecycle (SDLC), implementing and managing security tools, and driving security best practices across the organization. Key Responsibilities: Implement and manage application security testing activities throughout the development, deployment, and maintenance phases. Perform Static Application Security Testing (SAST) using tools like Checkmarx and Fortify . Execute and manage Dynamic Application Security Testing (DAST) tools such as AppScan and WebInspect . Conduct secure code reviews in languages including Java, .NET, Swift, Objective-C . Integrate security tools in DevOps pipelines and CI/CD environments (e.g., Jenkins, TeamCity, Bamboo, Chef, Puppet). Apply OWASP Top 10 , SANS Secure Coding Practices , and Security Engineering Principles during development and assessment. Analyze, triage, and report vulnerabilities using CVSS scoring and determine business impact. Perform penetration testing for web, mobile, and desktop applications. Implement mobile security testing techniques, including bypassing SSL pinning , root detection , reverse engineering , and manifest analysis . Work with containerized environments such as Docker and Kubernetes . Utilize at least one scripting language (e.g., Python, Bash, PowerShell) for automation or security tooling. Required Skills & Experience: Strong experience with SAST and DAST tools (Checkmarx, Fortify, AppScan, WebInspect) Familiarity with OWASP Top 10 , secure coding practices, and vulnerability remediation Proficient in secure code review for Java, .NET, Swift, Objective-C Solid understanding of DevSecOps practices and security toolchain integration Hands-on experience with CI/CD tools (Jenkins, TeamCity, Bamboo, etc.) Experience with container security in Docker/Kubernetes environments Knowledge of CVSS scoring and vulnerability risk assessment Understanding of mobile application security techniques and concepts Experience with scripting in Python, Bash, or equivalent Preferred Qualifications: Security certifications (e.g., CEH, OSCP, GWEB, GWAPT, Security+ ) Exposure to cloud environments (AWS, Azure, GCP) from a security standpoint Familiarity with automated testing tools like Selenium Experience working in Agile and DevOps environments Interested Candidates can share your updated resume to subashini.gopalan@kiya.ai

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

About The Role : Job TitleDevOps Engineer, VP LocationPune, India Role Description Corporate Banking (CB) is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. At CB Platform Automation Tooling team, we develop and manage CI/CD, monitoring, and various automation solutions as a service, running thousands of builds daily for more than 90 development teams across the Corporate Bank division of Deutsche Bank. Our environment currently relies on Linux-based stack, open-source tools such as Jenkins, Helm, Ansible, Docker/Podman, as well as other popular tools like OpenShift and Terraform. We're scaling globally to fit our customer needs our engineering team expands and will now be distributed over three Deutsche Bank Technology Centers in US, Germany, and India. As a DevOps/Platform Engineer, you will be responsible for designing, implementing, and supporting reusable engineering solutions, as well as building and promoting a strong engineering culture. Deutsche Banks Corporate Bank division is a leading provider of cash management, trade finance and securities finance. We complete green-field projects that deliver the best Corporate Bank - Securities Services products in the world. Our team is diverse, international, and driven by shared focus on clean code and valued delivery. At every level, agile minds are rewarded with competitive pay, support, and opportunities to excel. You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities What Youll Do Develop, maintain, and continuously improve the shared CI/CD, automation, and monitoring components keeping focus on quality and user experience Perform the engineering assessments of the platform users' pipelines and approaches Contribute to introduction of modern industry practices into the teamwork and promoting them among the development teams Assist the development teams with their ongoing activities, issues, and adopting our solutions Take the long-term responsibility for your tools and projects, contribute to their sustainable development, testing, and maintenance Your skills and experience Skills Youll Need Deep understanding of common development tasks and problems. Background in Development, Quality Assurance, or SRE is a plus Solid technical background in software development processes and hand-on experience with the tools that we use: Application developmentSpring Boot, Kotlin/Java VCSGit, Bitbucket, GitHub CI/CDJenkins, TeamCity, GitHub Actions Build toolsJib, Maven, Gradle, NPM DevSecOpsSonarQube, JFrog Xray, Veracode Deployments, configuration, and infrastructure managementDocker, Helm, Ansible, Terraform, Liquibase Monitoring & SREPrometheus, Grafana, New Relic, Splunk ScriptingGroovy, Python Hands-on experience with container-based environments (Minikube, Kubernetes, OpenShift). Knowledge of GCP is a plus Strong communication and collaboration skills, readiness to take ownership of your tasks Proactive mindset, attention to details, and constant wish to improve Expectations It is the Banks expectation that employees hired into this role will work in the Cary office in accordance with the Banks hybrid working model. Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Role : Product Security Architect Responsibilities Prepare, publish, and institutionalize security best practices and guidelines across products Ensure adoption and compliance, Review product security requirements and security design documentation Participate in reviews throughout the product development cycle, Provide solutions for vulnerabilities and ensure reusable solutions are available across products Work with Product Security Champions to mitigate or document vulnerabilities and obtain exceptional approvals if necessary, Conduct threat modeling design reviews and signoffs Help mitigate WAF blockers during UAT/Production phases and work with Product Security Champions for product fixes, Maintain product-wise scanning status reports and conduct periodic audits on security processes followed by product development teams, Evaluate tools, technologies, and processes needed for secure product development as part of DevSecOps Continuously improve product security and processes, Review third-party products and work with the Externally Obtainable Product (EOP) review team for approvals, Provide training and coaching on best practices, WAF analysis, and threat modeling to Product Security Champions Knowledge, Skills And Abilities 10-18 years of hands-on experience as a Software Architect with Dot net , RDBMS and full stack application design and development Good knowledge of OWASP and other industry standards, Extensive experience working as Product Security Architect with software engineering experience Good knowledge of cloud security architecture, design , Cloud-Native Security, Cloud Security Posture Management , Data Security in the Cloud (Advanced Concepts),Zero Trust Architecture in the Cloud,Multi-Cloud and Hybrid Cloud Security,Security for AI/ML in the Cloud Good knowledge of OS, network security, firewalls, routers, IDS/IPS, data encryption, and related tools/technologies, Build application security architecture for products/services developed using containers Knowledge of containers, network isolation, secure engineering practices, and identity and access management is preferred, Experience using tools such as Veracode, Acunetix, Sonarqube and others Provide solutions for managing these DAST, SAST and Pen Test vulnerabilities, Experience with Azure Cloud and Azure DevOps, CI/CD integrations Understanding and Implementing the Security Shift Left Concept Job Requirements Bachelors Degree in computer science, Information Science, Software Engineering, or related discipline, or equivalent work experience, Minimum of 10+ years of software development experience and 5+ years of experience as Software Architect with deep knowledge on Product Security Preferred to have Industry industry-recognized Security certification such as CCSP, CASP etc Preferred to have any industry certification on Security Preferred to have healthcare industry experience

Role & responsibilities Experience: At least 6 years in static code analysis/SAST (Static Application Security Testing), secure coding, and software development. Technical Skills: Proficiency in static code analysis tools (e.g., SonarQube, Veracode, Checkmarx) and experience with secure code review of multiple programming languages, including: Java Python .NET/C# C/C++ Code Review Skills: Ability to read and understand source code across various programming languages and tech stacks, troubleshoot false positives, and confirm genuine issues. Secure Coding Knowledge: Strong understanding of secure coding practices, including OWASP Top 10, SANS 25, and CWE, applicable to cloud and non-cloud environments.

About The Role : Job TitleSenior Engineer, AVP LocationPune, India Role Description Technology Engineer within Archiving Tech product family to take on the responsibility of developing the product code, implement technical solutions and configures applications in different environments in response to business problems. The engineer is expected to focus on requirements of the business and proposes the technical design of the application or its components, investigates and proposes appropriate technologies to be used, creates re-usable frameworks and drives standardization where possible in line with banks standard and solutions. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Hands on experience in application development / enhancement / bug fixing Ability to overcome technical challenges . Ensures development happens for all Software Components in accordance with Detailed Software Requirements specification, the functional design and the technical design document. Verifies the developed source code by reviews (4-eyes principle). Contributes to quality assurance by writing unit and functional tests. Contributes to problem and root cause analysis. Integrates software components following the integration strategy. Ensures that all code changes end up in Change Items (CIs). Where applicable, develops routines to deploy CIs to the target environments. Collaborates with colleagues participating in other stages of the Software Development Lifecycle (SDLC). Your skills and experience To excel in this role, you should possess strong understanding of technologies as under: Expert level in Oracle PL/SQL Highly proficient in SQL Should be comfortable to work with linux, python scripting & any scheduling tool preferably BMC Control-M Proven experience in data engineering, data modelling & building data pipelines Good understanding of Conceptual, logical & physical data model building Exposure to working with Agile Methodologies. SDLC Tools - JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket Exposure to Java, SpringBoot, J2EE, REST APIs, Microservices will be added advantage. CloudExposure to any public cloud preferably GCP. Strong analytical skills. 10+ Years of technology experience, continuous hands-on coding exposure, and ability to drive solutions. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organizations. Excellent team player and open minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Relevant Financial Services experience. Ability to work in a fast paced environment with competing and alternating priorities with a constant focus on delivery. Ability to balance business demands and IT fulfilment in terms of standardization, reducing risk and increasing IT flexibility. Candidate is expected to have high desire to learn new technologies and implement various solutions in fast paced environment. How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Ideally, looking for a combination of Development and Application Security experience. Job Summary: We are seeking a skilled Application Security Engineer to join our Information Security team. The ideal candidate will have a minimum of four (4) years of experience in application security and a strong background in software development , particularly in .NET, C#, Angular, and React . This role is crucial in ensuring the security of our applications by working closely with development, DevOps, and security teams to identify, remediate, and prevent security vulnerabilities throughout the software development lifecycle (SDLC). Key Responsibilities: Conduct application security assessments, including code reviews, penetration testing, and threat modeling to identify vulnerabilities. Work closely with developers to integrate secure coding practices and provide guidance on remediating security issues. Implement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools. Develop and enforce security policies, procedures, and best practices for application security. Assist in the design and review of security architecture for new and existing applications. Collaborate with DevOps teams to integrate security into CI/CD pipelines using DevSecOps principles . Research emerging threats, vulnerabilities, and security trends to proactively mitigate risks. Support incident response efforts related to application security breaches. Provide security training and awareness to development teams. Document security findings, mitigation plans, and security controls. Minimum Requirements (Must-Have) 4+ years of experience in application security with a focus on secure software development. Strong background in software development , with hands-on experience in .NET, C#, Angular, and React . Hands-on experience with SAST, DAST, Software Composition Analysis (SCA), and penetration testing tools (e.g., Burp Suite, Checkmarx, Veracode, Fortify, SonarQube ). Solid understanding of OWASP Top 10, SANS 25, and secure coding practices . Experience with threat modeling, risk assessment, and vulnerability management . Knowledge of API security, authentication, and authorization mechanisms (OAuth, JWT, SAML, etc.). Familiarity with container security, Kubernetes security, and cloud security best practices (AWS, Azure, GCP). Experience working in Agile and DevSecOps environments , integrating security into CI/CD pipelines. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to work collaboratively across teams.

Role: AWS DevOps Architect Lead Exp.: 15+ years Job Description: Overall, 15+ years of experience with 5 years of hands-on experience in deployment automation using IaC, Configuration management, Orchestration, Containerization, and running a complete CI/CD pipeline on both cloud and on-prem. Thorough understanding and hands-on skills in the below Infrastructure as Code: Terraform, AWS CloudFormation, Puppet. Source control: GitLab, GitHub. CI/CD: Jenkins, GitLab CICD. Containerization/Orchestration: Kubernetes, AWS ECS, AWS EKS, Docker. CDN: Akamai, AWS CloudFront. Monitoring: AWS Cloud watch, New Relic. Security: AWS Code Guru, Guard Duty, Security Hub, Snyk, Veracode, Rapid7. Programming/Scripting: Python, Shell scripting Good understanding of networking, security rules, firewalls, WAF, API gateways, and auto-scaling principles. Hands on experience using AWS (VPC, Subnets, ALB/NLB, RDS, ECS, SQS, Cognito, Lambda, Memcached ) is required. Understanding of Programming concepts and best practices is required. Experience dealing with production incidents in multi-tier application environment is required. Experience managing production workloads with Site Reliability Engineering best practices. Good understanding of various deployment strategies (Rolling updates, Blue/Green, Canary) Strong exposure on DevSecOps testing methods SAST, DAST, SCA is preferred.

Role & responsibilities Proficient in using static code analysis tool Veracode. Updated scan statuses and escalated issues to management as necessary, ensuring swift resolution. Collaborated with cross-functional teams to address security concerns and implement proactive measures. Assisted in the development and execution of vulnerability management strategies. Conducted beginner-level web application security and penetration testing through manual testing techniques. Gained practical experience in information security practices and principles. Assisted in compliance efforts related to PCI, GLBA, SOX, and other regulatory standards. Developed beginner-level Windows and Unix skills, enhancing the ability to work with diverse technology stacks. Improved communication and written documentation skills through daily interactions and reporting. Displayed beginner-level leadership qualities, taking initiative and demonstrating a commitment to team success. Implemented security scanning tools (e.g., SAST, DAST, SCA) within CI/CD pipelines to identify and mitigate security vulnerabilities in code and dependencies. Managed artifact repositories, including using tools like JFrog Artifactory, for storing and versioning binary artifacts produced during the build process. Successfully integrated Static Code Analyzer into CI/CD pipelines, enhancing code quality. Gained knowledge of public cloud platforms such as AWS, Azure, and GCP, facilitating seamless integration and deployment. Provided remediations to developers based on the output of security scanning reports. Ensured compliance with security and licensing policies by using tools like JFrog Xray. Good Knowledge in TCP/IP Networking, SSL, Active Directory, SSO, VPN's, DNS Familiar with industry security policies/ standards such as OWASP Top 10. Having good understanding of cloud computing, virtual hosting, basic cloud services and best practices for cloud-native applications is valuable. Good with basics of Core Java, C, and HTML Preferred candidate profile vB Tech Computers or any Equaling Qualification Vulnerability Management Regulatory Compliance (PCI DSS, ISO 27001, etc.) Network Security Testing Vulnerability Scanners (JFrog X-Ray) Penetration Testing (Burp suite) Static Code Analysis (Veracode) Governance Risk and Compliance (GRC) Systems Scripting (Python, Ruby, bash) REST and SOAP Web Service APIs Cybersecurity Best Practices Communication Documentation

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirements around vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications: BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems.

Dear Candidate , We are seeking a Full Stack Developer to design, develop, and maintain scalable web applications. The ideal candidate will have expertise in both front-end and back-end technologies, working closely with cross-functional teams to deliver high-quality software solutions. Key Responsibilities: Design, develop, and maintain web applications with a focus on performance, scalability, and security. Develop and integrate user-facing elements using modern front-end frameworks (React, Angular, Vue.js). Build and maintain server-side logic, databases, and APIs using back-end technologies (Node.js, Python, Java, .NET, etc.). Implement and maintain databases, including SQL (PostgreSQL, MySQL) and NoSQL (MongoDB, Firebase). Ensure responsive design and cross-browser compatibility for optimal user experience. Develop and integrate RESTful and GraphQL APIs for seamless data exchange. Implement authentication and authorization using JWT, OAuth, and session-based authentication. Write clean, maintainable, and efficient code following best coding practices. Troubleshoot, debug, and optimize application performance. Collaborate with UI/UX designers, DevOps teams, and other developers to improve application functionality. Participate in code reviews, mentor junior developers, and contribute to technical discussions. Key Skills & Qualifications: Front-End Skills: Proficiency in HTML, CSS, JavaScript, and TypeScript . Expertise in React.js, Angular, Vue.js , or other modern front-end frameworks. Experience with state management libraries like Redux, Context API, Vuex, etc. Knowledge of responsive design and front-end performance optimization. Back-End Skills: Experience with Node.js, Python, Java, .NET, Ruby on Rails , or similar. Knowledge of server-side frameworks such as Express.js, Spring Boot, Django, or Flask. API development and integration using RESTful and GraphQL services. Understanding of authentication and security best practices (OAuth, JWT, encryption). Database & Cloud: Hands-on experience with SQL databases (PostgreSQL, MySQL) and NoSQL databases (MongoDB, Firebase, DynamoDB). Cloud platform experience ( AWS, Azure, Google Cloud ). Knowledge of containerization and orchestration tools ( Docker, Kubernetes ). DevOps & Tools: Familiarity with CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI/CD). Version control with Git and experience with platforms like GitHub, GitLab, or Bitbucket. Experience with unit testing and test-driven development (TDD) using Jest, Mocha, JUnit, or similar. Soft Skills: Strong problem-solving and analytical skills. Ability to work in a fast-paced, agile development environment. Excellent communication and teamwork skills. Passion for learning and staying updated with new technologies. Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

About The Role : Job TitleDevOps Engineer, VP LocationPune, India Role Description Corporate Banking (CB) is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. At CB Platform Automation Tooling team, we develop and manage CI/CD, monitoring, and various automation solutions as a service, running thousands of builds daily for more than 90 development teams across the Corporate Bank division of Deutsche Bank. Our environment currently relies on Linux-based stack, open-source tools such as Jenkins, Helm, Ansible, Docker/Podman, as well as other popular tools like OpenShift and Terraform. We're scaling globally to fit our customer needs our engineering team expands and will now be distributed over three Deutsche Bank Technology Centers in US, Germany, and India. As a DevOps/Platform Engineer, you will be responsible for designing, implementing, and supporting reusable engineering solutions, as well as building and promoting a strong engineering culture. Deutsche Banks Corporate Bank division is a leading provider of cash management, trade finance and securities finance. We complete green-field projects that deliver the best Corporate Bank - Securities Services products in the world. Our team is diverse, international, and driven by shared focus on clean code and valued delivery. At every level, agile minds are rewarded with competitive pay, support, and opportunities to excel. You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities What Youll Do Develop, maintain, and continuously improve the shared CI/CD, automation, and monitoring components keeping focus on quality and user experience Perform the engineering assessments of the platform users' pipelines and approaches Contribute to introduction of modern industry practices into the teamwork and promoting them among the development teams Assist the development teams with their ongoing activities, issues, and adopting our solutions Take the long-term responsibility for your tools and projects, contribute to their sustainable development, testing, and maintenance Your skills and experience Skills Youll Need Deep understanding of common development tasks and problems. Background in Development, Quality Assurance, or SRE is a plus Solid technical background in software development processes and hand-on experience with the tools that we use: Application developmentSpring Boot, Kotlin/Java VCSGit, Bitbucket, GitHub CI/CDJenkins, TeamCity, GitHub Actions Build toolsJib, Maven, Gradle, NPM DevSecOpsSonarQube, JFrog Xray, Veracode Deployments, configuration, and infrastructure managementDocker, Helm, Ansible, Terraform, Liquibase Monitoring & SREPrometheus, Grafana, New Relic, Splunk ScriptingGroovy, Python Hands-on experience with container-based environments (Minikube, Kubernetes, OpenShift). Knowledge of GCP is a plus Strong communication and collaboration skills, readiness to take ownership of your tasks Proactive mindset, attention to details, and constant wish to improve Expectations It is the Banks expectation that employees hired into this role will work in the Cary office in accordance with the Banks hybrid working model. Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Senior information security engineer Job Name: Senior information security engineer Job Role: Sr. IT Security Engineer Industry:IT, Software, Bpo Job Location:Udaipur (Rajasthan) Experience:5- 10 yearSkills:Team Handling, information security controls, VPN, Cloud Server Salary:Best in the Industry Education:BCA, MCA, B.tech(CS/IT) Job Summary: Looking for Sr.information security engineer. Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time. About The Role :: Should have strong work exposure in the IT Security department. having work exposure in the IT security environment to identify cybersecurity gaps in systems, processes, and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage, and deploy devices including firewalls, IPS, and IDS to improve our ability to prevent and detect intrusions in real-time.To develop and maintain the information security policy and accompanying standards, procedures, and guidance. Research and stay informed of potential information security threats, breaches, industry trends, emerging technologies, and response alternatives. Conduct research and provide insight to identify, assess, and deploy security technology solutions and partners including but not limited to encryption, firewalls, authorization, authentication, intrusion detection, and gateway security controls. To develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed. Engage in regular assessment of the current IT security environment to identify cybersecurity gaps in systems, processes and controls and evaluate the potential risk exposure. Work with IT management to develop opportunities for improvement. Architect, configure, manage and deploy devices including firewalls, IPS and IDS to improve our ability to prevent and detect intrusions in real-time. Monitor and proactively recommend solutions for correcting issues related to security technology performance and capabilities of vendors. Collaborate on critical technology projects to ensure that security issues are addressed throughout the project life cycle. Develop and implement recommendations for security technology solutions, which may include technology for encryption, firewalls, authorization, authentication, intrusion, detection, and gateway security controls. Work in an advisory role in application development or acquisition projects to assess security requirements and implement controls as planned. Perform day- to- day security log review and analysis in adherence to company requirements and industry security best practices. Do static scanning (code, open-source libraries) and dynamic scanning. The log reviews include:operating systems, databases, applications, networks and security applications. Work with auditors to demonstrate processes and ensure appropriate levels of access are applied throughout the information lifecycle. Lead the design, development, and delivery of security training programs. 24x7 on-call availability as required. Knowledge of trends and developments in technology relating to security and risk management. Strong understanding of information security controls, risks and threats. Strong knowledge of enterprise security technologies, e.g., Virtual Private Network (VPN), Encryption, Firewalls, Intrusion Detection/ Prevention, and Anti- Virus. Working knowledge of Linux, Windows,Cloud Server, and other enterprise- wide applications. Knowledge of information security standards (ISO, SOC), data privacy laws, computer crime laws, and federal data protection laws, etc. Knowledge of vulnerability analysis tools, OWASP Zap, Veracode, Qualys, Sonarqube, Acunetix, Burp Suite, etc. Knowledge of information security audit and assessment methodologies, policies, standards, procedures and best practices. Ability to conduct risk management assessments; provide assistance in identification, prioritization and remediation of information systems vulnerabilities. Strong technical depth and passion for security. Experience working with 3rd party vendors and service providers.

About Position / Position Summary The Boeing Company is currently seeking a high performing versatile software developer to join the BCA Business Success, Manufacturing & Quality product division. The M&Q product team provides comprehensive software solutions to rapidly access and visually transform complex engineering and manufacturing product data. Responsibilities include development and integration for a variety of Commercial off the Shelf (COTS) and in house software application supporting our engineering/manufacturing teams. Job requires working within a diverse team of skilled and motivated co-workers to collaborate on results. Other qualities for this candidate are a positive attitude, self-motivated, the ability to work in a fast-paced, demanding environment, and the ability to adapt to changing priorities. Good communication skills are needed both verbally and written, to Interact with peers and customers. Job requires the ability to work well with others on a team as well as independently. Job requires working within a diverse team of skilled and motivated co-workers to collaborate on results. Other qualities for this candidate are a positive attitude, self-motivated, the ability to work in a fast-paced, demanding environment, and the ability to adapt to changing priorities. This role will be based out of Bengaluru, India. Position Responsibilities: Understands and develops software solutions to meet end user's requirements. Ensures that application integrates with overall system architecture, utilizing standard IT lifecycle methodologies and tools. Develops algorithms, data and process models, plans interfaces and writes interface control documents for use in construction of solutions of moderate complexity. Job requires the ability to work well with others on a team as well as independently. Job requires working within a diverse team of skilled and motivated co-workers to collaborate on results. Employer will not sponsor applicants for employment visa status. Basic Qualifications (Required Skills/Experience): More than 8 years of experience in Dot Net applications NET and .NET CORE with angular or Blazor expertise. Handling WCF services, WPF applications and Windows services. Working knowledge of Pipeline/Build tools such as GIT, Maven, Jenkins, Artifactory, Veracode, Sonar Have experience in ALM tools (GitLab, TFS, Gradle, Maven, Jenkins, Docker, Pivotal Cloud Foundry (TANZU)). Knowledge about Oracle/MS SQL Experience building distributed / service oriented / micro service-style and cloud based architecture Working exposure with Agile (Scrum & XP ) and DevOps is a must Develop, test, and maintain web applications that meet industry, customer, safety, and regulation standards. Review, analyze, and translate customer requirements into initial design of software products. Develop, maintain, enhance, and optimize software products and functionalities for systems integrations. Develop, document, and maintain architectures, requirements, algorithms, interfaces and designs for software products. Participate in the agile software development lifecycle including planning, reviews, and supporting customer meetings. Implement current and emerging technologies, tools, frameworks, and changes in regulations relevant to software development. Develop, establish, monitor, and improve software processes, tools, and key performance metrics that align with organization goals and industry benchmarks. Preferred Qualifications (Desired Skills/Experience): Knowledge about other programming languages like Python, JavaScript, etc. is preferred. Familiar with WPF Telerik views. Typical Education & Experience: Education/experience typically acquired through advanced education (e.g. Bachelor) and typically 8+ Plus years' related work experience or masters degree with 6 + years of experience with an equivalent combination of education and experience.

Seeking 8 contract resources in Hyderabad and Bangalore for performing SAST (Static application security testing), SCA (Software Composition Analysis) and DAST (Dynamic application security testing) to perform identification and remediation of vulnerabilities in Applications. About the Job: This position is a Contractor at Senior Specialist Cyber Security role for performing Application Security Testing in Cyber Security Organization. This profile will be passionate in preventing risk by performing remediation validation of vulnerabilities identified during the testing process. While doing so they will also be identifying vulnerabilities in the applications of the enterprise by configuring scan settings for effective vulnerability enumeration, Identify and document findings, approve false positives and define/document approved mitigations used by AppSec Testers. Roles and Responsibilities: • Perform SAST/SCA/DAST scans using industry vulnerability scanner • SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWEs as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. • DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. • This person will be primarily tasked to execute scan retest by performing revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. • During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities. • Tester must ensure results from scanner are present in Vulnerability reporting platforms and visible to approved app users. • Perform manual validation and false-positive analysis on the automated scan results. • Provide remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Primary / Mandatory skills: Overall - 8+ years of IT experience • 7+ years of application security Experience • 5+ years of Application Security testing Experience • Bachelor's degree required. • Deep familiarity with the OWASP Top 10 and other security concerns for web applications • Deep Understanding of OWASP Application Security Verification Standards (ASVS) • Deep understanding of SAST, DAST, SCA Scanning practices • Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. • Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools. • Understanding of SAST, DAST tools and dependency scanning tools • Experience working/integrating with secret management systems. • Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.) • Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications. • Strong documentation skills • Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required) • Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team. • Proven ability to communicate, collaborate, and present effectively with team. Mandatory Skill - Must Have - Application security & testing Good to have - SAST + DAST.