144 Veracode Jobs - Page 3

As a Software Engineer - .Net at Barclays, you will be responsible for independently producing requirements breakdown, writing user stories, and managing the delivery in accordance with Business requirement design. You will ensure all requirements traceability is factored into design/code/test deliverables. Additionally, you will identify and manage necessary controls/RAIDS and assist in diagnosing system problems encountered during various phases. Documenting functional specifications and changes and maintaining the application knowledge repository will also be part of your responsibilities. To be successful in this role, you should have a strong understanding of OOPs and Design Patterns. K...

Java Springboot Microservices Java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus. About The Role Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications. 1. Applies scientific methods to analyse and solve software engineering ...

Could you be the full-time Threat and Vulnerability Management Analyst in Bangalore were looking for? Your future role Take on a new challenge and apply your ethical hacking expertise in a cutting-edge field. Youll work alongside talented, collaborative, and forward-thinking teammates. You'll play a key role in safeguarding our organization's assets and enhancing our security program. Day-to-day, youll work closely with teams across the business (such as infrastructure, application owners, and third-party vendors), analyze threat intelligence reports, and develop remediation plans, among other impactful responsibilities. Youll specifically take care of vulnerability assessments, penetration ...

Your future role Take on a new challenge and apply your cybersecurity expertise in a cutting-edge field. Youll work alongside collaborative, innovative, and forward-thinking teammates. You'll play a critical role in protecting Alstoms digital assets and ensuring the organizations security posture remains robust. Day-to-day, youll work closely with teams across the business (Design Authority, Solution Architects, IS Design, IS&T Operations, and more), support cross-functional service owners, and engage with internal and external stakeholders to manage risks effectively and drive operational excellence. Youll specifically take care of developing and maintaining security metrics programs, leadi...

Role & responsibilities Candidate should have experience in GCP from Cloud security(Pure GCP profiles not required). Use below info identifying correct profiles GCP Security Specialist: Skills: AppSec (SAST, DAST), Network Security, GPC Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like: Native GCP security services, Burp Suite, CheckMarx, Vracode, fortify, Qualys. Certification: Google cloud "Professional Cloud Security Engineer" + -MANDATORY 1.GCP Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to GCP Provide technical oversight and assistance for the exec...

Role & responsibilities Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, secu...

Job Purpose As a Senior DevSecOps Engineer, you will be responsible for integrating security into the development, deployment, and maintenance of our software products, ensuring the highest standards of security and reliability. Key Activities / Outputs • Develop and implement security solutions throughout the software development lifecycle, from design to deployment and maintenance, using methodologies such as STRIDE, DREAD, CVSS, and the OWASP ASVS. • Work closely with developers, IT operations, and security governance and operations teams to ensure security is integrated into all aspects of the development pipeline. • Automate security processes and tools to enable continuous integration,...

As a Full Stack Engineer specializing in TypeScript, Angular, and Node.js with over 10 years of experience, you will be responsible for developing web services and applications using cutting-edge technologies. Your expertise in Angular 15+, CSS, HTML5, and Micro Services will be crucial in driving business transformation and creating exceptional stakeholder experiences. You must have a solid understanding of web technologies and extensive experience in building Micro Services and RESTful web Services using frameworks such as Nest, Express, or Nx. Your proficiency in setting up CI/CD pipelines and working with SQL databases like PostgreSQL, Oracle, or MySql will be essential for the successfu...

You are a skilled CyberSecurity Business Analyst specializing in IAM & Secrets Management, sought to join a dynamic cybersecurity team. Your primary responsibility will be managing and enhancing Identity & Access Management (IAM) controls with a major focus on Secrets Management, access governance, and compliance reporting within a highly regulated environment. Your key responsibilities will include defining and enhancing secrets management controls across machine-to-machine authentication systems, supporting IAM operations by maintaining access governance for credentials, keys, and tokens, and providing subject matter expertise on secrets and credential management tools and best practices. ...

You will be responsible for performing automated testing of running applications and static code (SAST, DAST). Additionally, you will conduct manual application penetration tests on various platforms such as web applications, internal applications, APIs, internal and external networks, and mobile applications to identify and exploit vulnerabilities. Experience in mobile application testing, Web application pen testing, application architecture, and business logic analysis would be advantageous. You will need to utilize application tools like AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux to carry out security tests and should be capable of explainin...

As a Lead Full Stack Engineer at Barclays, you will play a pivotal role in driving the evolution of the API First digital strategy, facilitating innovation and operational excellence. Your main responsibility will be to utilize cutting-edge technology to develop and manage robust, scalable, and secure APIs that ensure the seamless delivery of digital solutions. To excel in this position, you must possess advanced proficiency in full-stack development, with hands-on experience in Core Java, JPA/Hibernate, Spring framework, and enterprise caching solutions. Additionally, you should have a strong grasp of Spring ecosystem technologies such as Spring Boot, Spring-JMS, and Spring-Data. Your demon...

You will be joining Beyond Key, a Microsoft Gold Partner and a Great Place to Work-certified company that prioritizes the happiness of both team members and clients. Established in 2005, Beyond Key is an international IT consulting and software services firm known for delivering cutting-edge services and products to meet the global needs of their clients across various regions such as the United States, Canada, Europe, Australia, the Middle East, and India. With a team of over 350+ skilled software professionals, Beyond Key creates and designs IT solutions tailored to their clients" requirements. For more information, visit https://www.beyondkey.com/about. As a Snowflake DevOps Engineer with...

Looking for a AWS devops Engineer with all skills are mandatory AWS YAML Powershell (varacode or blackduck)

As an IT Security Senior Analyst, you will be responsible for performing penetration testing (PT), SAST, and articulating findings in an easily comprehensible manner to asset owners. Collaborative skills are essential for this role. Your key responsibilities will include building a Secure Development Lifecycle (SDLC) by embedding SAST, SCA, DAST, and penetration testing into the development pipeline. You will conduct penetration testing of various component types such as web applications, APIs, mobile applications (iOS + Android), and infrastructure (server + network). Additionally, you will run SAST & DAST scans, analyze tool results, provide remediation support, and review open-source comp...

Job Responsibilities • Support asset development, process establishment. • Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing andanalysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. • Reporting/Dashboarding/Retesting and participation in conference calls with clients to review assessment results and consult with the clients on remediation options. • Partici...

Support asset development, process establishment. Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as HCL AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. Mandatory: 5+ years of strong Application Security experience in S-SDLC Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing Hands on experience into Mobile appl...

Roles & responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Experience in one or more of the following is a plus: mobile application testing, Web application pen testing, application architecture, and business logic analysis. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF ...

Java Springboot Microservices Java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus. About The Role Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications. 1. Applies scientific methods to analyse and solve software engineering ...

Role & responsibilities Design, configure, and maintain CI/CD pipelines using GitHub Actions, Bamboo, Harness, Jenkins, or equivalent. Administer Atlassian suite: Jira, Confluence, Bamboo, and Bitbucket for planning, repo management, and documentation. Implement, debug, and enhance build tools and deployment workflows (Maven, Gradle, MSBuild, NodeJS, etc.). Manage code quality and security scans via SonarQube, Veracode, and similar tools. Handle artifact repositories such as Nexus, JFrog Artifactory, NuGet, and ProGet. Create and maintain automation scripts in PowerShell, Python, Bash/Shell, and Salt/Ansible for provisioning and administrative tasks. Maintain and monitor observability tools ...

Description VB and/or C# .NET experience at least 5+ years must know some memory management APIs and working with Web APIs Entity Framework and understanding how objects work with EF Familiarity with configurations, .NET versions etc is a plus 2 years on Javascript with angular . We have angular 18 1 year Azure Dev Ops experience. Must know CI/CD structure Experience with HTML (basically how it will work in tandem with the code) 1-2 years exp SQL queries, and dynamic queries formed in .net. familiar with SQL Stored procedures and functions, transactions Familiar with XML files Plus or good to have: Veracode experience Experience with nuget packages and publishing Oauth and MFA knowledge In V...

Dear Candidate , We are seeking a Full Stack Developer to design, develop, and maintain scalable web applications. The ideal candidate will have expertise in both front-end and back-end technologies, working closely with cross-functional teams to deliver high-quality software solutions. Key Responsibilities: Design, develop, and maintain web applications with a focus on performance, scalability, and security. Develop and integrate user-facing elements using modern front-end frameworks (React, Angular, Vue.js). Build and maintain server-side logic, databases, and APIs using back-end technologies (Node.js, Python, Java, .NET, etc.). Implement and maintain databases, including SQL (PostgreSQL, ...

o Experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux Perform automated testing of running applications and static code (SAST, DAST).

As a Web Application Security Tester at Lennox, you will be responsible for performing Dynamic Application Security Testing (DAST) on APIs and web applications using both manual and automated methods. Your role will involve analyzing DAST scan results, identifying and prioritizing vulnerabilities based on risk, and participating in triage sessions with application teams to explain and document vulnerabilities. You will also conduct deep API security testing to uncover issues like BOLA, logic flaws, and abuse scenarios, as well as perform red teaming, adversary emulation, and use offensive security tools as needed. In addition to DAST, you may also be required to conduct Static Application Se...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software...

About the position: F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and code security program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform. You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities: We collaborate with software architects, security defenders, Operations, SRE, compliance speciali...