110 Secure Coding Jobs - Page 3

Sr Specialist Software Engineer What’s the role all about? You will be a key contributor to developing a multi-region, multi-tenant SaaS product. You will collaborate with the core R&D team, using technologies like React, .NET/C# and AWS to build scalable, high-performance products within a cloud-first, microservices-driven environment. How will you make an impact? Take ownership of the software development lifecycle, including design, development, unit testing, and deployment, working closely with QA teams. Ensure that architectural concepts are consistently implemented across the product. Act as a product expert within R&D, understanding the product’s requirements and its market positioning. Work closely with cross-functional teams to ensure successful product delivery. Key Responsibilities: Lead the design and implementation of software features in alignment with product specifications and adhere to High-Level Design (HLD) and Low-Level Design (LLD) standards. Lead the development of scalable, multi-tenant SaaS solutions. Collaborate with Product Management, R&D, UX, and DevOps teams to deliver seamless, end-to-end solutions. Advocate for and implement Continuous Integration and Delivery (CI/CD) practices to improve development efficiency and product quality. Mentor junior engineers, share knowledge, and promote best practices within the team. Assist in solving complex technical problems and enhance product functionality through innovative solutions. Conduct code reviews to ensure adherence to design principles and maintain high-quality standards. Plan and execute unit testing to verify functionality and ensure automation coverage. Contribute to the ongoing support of software features, ensuring complete quality coverage and responsiveness to any issues during the software lifecycle. Qualifications & Experience: Bachelor’s or Master’s degree in Computer Science, Electronics Engineering, or a related field from a reputed institute. More than 11 years of experience in software development with a strong focus on backend technologies and a track record of delivering complex projects. Expertise in React, JavaScript, Typescript for front-end development. Experience working with public cloud platforms like AWS (mandatory). Hands-on experience with Continuous Integration and Delivery (CI/CD) practices using tools like Docker, Kubernetes, and other modern pipelines. Experience in .Net is good to have but NOT mandatory Experience in developing high-performance, highly available, and scalable systems. Working knowledge of RESTful APIs Solid understanding of scalable and microservices architectures, performance optimization, and secure coding practices. Exceptional problem-solving skills and the ability to work on multiple concurrent projects. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NiCE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NiCEr! Enjoy NiCE-FLEX! At NiCE, we work according to the NiCE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

What’s the role all about? You will be a key contributor to developing a multi-region, multi-tenant SaaS product. You will collaborate with the core R&D team, using technologies like .NET/C#, AWS, and Data to build scalable, high-performance products within a cloud-first, microservices-driven environment. How will you make an impact? Take ownership of the software development lifecycle, including design, development, unit testing, and deployment, working closely with QA teams. Ensure that architectural concepts are consistently implemented across the product. Act as a product expert within R&D, understanding the product’s requirements and its market positioning. Work closely with cross-functional teams (Product Managers, Sales, Customer Support, and Services) to ensure successful product delivery. Key Responsibilities: Lead the design and implementation of software features in alignment with product specifications and adhere to High-Level Design (HLD) and Low-Level Design (LLD) standards. Lead the development of scalable, multi-tenant SaaS solutions. Collaborate with Product Management, R&D, UX, and DevOps teams to deliver seamless, end-to-end solutions. Advocate for and implement Continuous Integration and Delivery (CI/CD) practices to improve development efficiency and product quality. Mentor junior engineers, share knowledge, and promote best practices within the team. Assist in solving complex technical problems and enhance product functionality through innovative solutions. Conduct code reviews to ensure adherence to design principles and maintain high-quality standards. Plan and execute unit testing to verify functionality and ensure automation coverage. Contribute to the ongoing support of software features, ensuring complete quality coverage and responsiveness to any issues during the software lifecycle. Qualifications & Experience: Bachelor’s or master’s degree in computer science, Electronics Engineering, or a related field from a reputed institute. More than 2 years of experience in software development with a strong focus on backend technologies and a track record of delivering complex projects. Expertise in C#, .NET for back-end development. Angular, Javascript, Typescript experience is an added advantage. Experience in developing high-performance, highly available, and scalable systems. Working knowledge of RESTful APIs Solid understanding of scalable and microservices architectures, performance optimization, and secure coding practices. Exceptional problem-solving skills and the ability to work on multiple concurrent projects. Experience working with public cloud platforms like AWS (preferred), Azure, and GCP. Proficiency in developing solutions that leverage both SQL and NoSQL databases. Hands-on experience with Continuous Integration and Delivery (CI/CD) practices using tools like Docker, Kubernetes, and other modern pipelines. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NiCE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NiCEr! Enjoy NiCE-FLEX! At NiCE, we work according to the NiCE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7701 Reporting into: Tech Manager, Engineering, CX Role Type: Individual Contributor

Dear Aspirant, Greetings from JTSi Technologies! We JTSi Technologies India Pvt Ltd, a US based IT Co in Kochi Infopark is urgently looking an Application Security Engineer for our operations in Kochi. The incumbent must be one with a strong understanding of application security principles and secure coding practices, common vulnerabilities and security testing methodologies. JTSi Technologies India Private Limited is a US based IT Co, with 20+ years into business. Our global offices are in Washington DC & New Jersey USA and our Indian HQ is in Bangalore. Details are as follows: Designation: Application Security Engineer (Consultant) Qualification: BE / B Tech / MCA Experience: Minimum 4 Years - 7 Years. Skillsets: Vulnerability Assessment, API, Code, Web & Cloud Security Remuneration: Salary ranges will be the best in the industry. Shift Time: Consultant / Part Time Freelancer Place of Posting: Infopark, Kochi. Roles and Responsibilities: Vulnerability Assessment - Identifying potential security weaknesses in applications through code reviews, penetration testing, and security assessments Designing and Implementing Security Architecture - Developing and integrating cybersecurity designs for systems and networks, ensuring they align with the organization's overall security strategy Secure Design and Development - Collaborating with developers to implement secure coding practices, secure architecture design, and secure development lifecycles (SDLC). API Security Design and Implementation - Design and implement secure API architectures by incorporating authentication, authorization (OAuth 2.0 JWT, etc.), and encryption mechanisms. Enforce API security best practices including rate limiting, input validation, logging, and auditing. Cloud and Container Security- Determine application security capability requirements and strategy (e. g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments) Able to assess cloud-native application architectures with a focus on security Security Testing - Conducting both static and dynamic security testing during and after application development to identify vulnerabilities Identity and Access Management - Implementing and managing systems for controlling access to data and applications, ensuring only authorized individuals can access sensitive information Incident Response - Responding to security incidents, investigating breaches, and implementing remediation steps Security Monitoring - Continuously monitoring applications for suspicious activity and potential security threats Security Tool Implementation - Utilizing and implementing security tools such as web application firewalls (WAFs) and other security technologies Skills and Qualifications: Strong understanding of application security principles, secure coding practices, common vulnerabilities (like XSS, SQL injection), and security testing methodologies Proficiency in one or more programming languages used in application development (e.g., Java, Angular, .Net, JavaScript). Familiarity with security tools like SAST, DAST, and WAFs Ability to analyse complex security issues and develop effective solutions Ability to clearly communicate security risks and recommendations to both technical and non-technical stakeholders Working effectively with developers, system administrators, and other security professionals. If you are interested or if any references kindly send us your recently updated resume to careers@jtsiindia.com and we will revert you with more details at the earliest. Thanks, and Regards, Recruitment Team JTSi Technologies India Private Limited Third Floor, Thapasya Building, Infopark, Kochi, Kerala - 682042. E Mail : careers@jtsiindia.com | Website : www.jtsiindia.com Contacts : 0484 4070368

Application Security Engineer Job Title : Application Security Engineer Location : Chennai, Hyderabad Bangalore Experience : 3-7 Role Summary: Ensures software applications are secure throughout the development lifecycle. Key Responsibilities: Conduct security assessments and penetration tests. Collaborate with developers on secure coding practices. Integrate security into CI/CD pipelines. Develop and maintain security standards Skills Required: Knowledge of SDLC and secure coding. Experience with tools like OWASP ZAP, Burp Suite. Familiarity with DevSecOps practices. Qualifications: Bachelors in Software Engineering or Cybersecurity. Certifications: CSSLP, OSWE, or CEH.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Spring Boot Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where your primary focus will be on reviewing and integrating all application requirements, particularly those related to security. Your typical day will involve collaborating with various teams to ensure that security considerations are embedded in the application architecture, providing insights that influence key decisions, and ensuring that the technical architecture aligns with security best practices. You will play a crucial role in shaping the security posture of applications, ensuring that they meet both functional and security requirements effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Spring Boot.- Good To Have Skills: Experience with application security frameworks and tools.- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with regulatory requirements related to application security. Additional Information:- The candidate should have minimum 7.5 years of experience in Spring Boot.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Solution Architecture Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where you will review and integrate all application requirements, focusing on security aspects. Your typical day will involve collaborating with various teams to ensure that security requirements are seamlessly integrated into the application architecture, providing critical input into final decisions regarding application security, and ensuring that the technical architecture aligns with security protocols and standards. You will play a vital role in safeguarding applications by ensuring that security is a fundamental component of the development process. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on application security best practices.- Conduct regular assessments of application security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Solution Architecture.- Strong understanding of application security frameworks and methodologies.- Experience with threat modeling and risk assessment techniques.- Familiarity with secure coding practices and application security testing tools.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 7.5 years of experience in Solution Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Strong knowledge of AWS services, including but not limited to Hands on AWS networking skills (e.g. VPC, subnets, NACL, Transit Gateway, Route tables. Load Balancer, Direct Connect gateway, Route53, etc). Thorough understanding of networking concepts, especially TCPIP, IP addressing and subnet calculation. Solid experience with AWS Security services IAM (identity, resource, and service control policies, permission boundary, roles, federation, etc.), Security groups, KMS, ACM/ACM-PCA, Network Firewall, Config GuardDuty CloudTrail, secrets manager, systems manager (ssm) etc. Good knowledge of various AWS Integration patterns, lambda with amazon EventBridge, and SNS. Any workload-related experience is a bonus, e.g. EKS, ECS, Autoscaling, etc Containerisation experience with Docker and EKS (preferred) Infrastructure as a Code and scripting: Solid hands-on experience with declarative languages, Terraform (& Terragrunt preferred) and their capabilities Comfortable with bash scripting, and at least one programming language (Python or Golang preferred). Sound knowledge of secure coding practices, and configuration/secrets management Knowledge in writing unit and integration tests. Experience in writing infrastructure unit tests; Terratest preferred Solid understanding of CI/CD Solid understanding of zero-downtime deployment patterns Experience with automated continuous integration testing, including security testing using SAST tools Experience in automated CI/CD pipeline tooling; Codefresh preferred Experience in creating runners, docker images Experience using version control systems such as git Exposed to, and comfortable working on large source code repositories in a team environment. Solid expertise with Git and Git workflows, working within mid to large (infra) product development teams General / Infrastructure Experience Experience with cloud ops (DNS, Backups, cost optimisation, capacity management, monitoring/alerting, patch management, etc.) Exposure to complex application environments, including containerised as well as serverless applications Windows and/or Linux systems administration experience (preferred) Experience with Active Directory (preferred) Exposure to multi-cloud and hybrid infrastructure Exposure to large-scale on-premise to cloud infrastructure migrations Solid experience in working with mission-critical production systems

Lead the design, development, and deployment of scalable, secure backend systems using Java, J2EE, and GoLang. Architect and implement robust RESTful APIs and microservices aligned with enterprise cloud-native standards. Collaborate closely with DevOps, QA, and frontend teams to deliver end-to-end product functionality. Set coding standards, influence architectural direction, and drive adoption of best practices across backend systems. Own performance tuning, monitoring, and high availability for backend services using tools like Prometheus, ELK, and Grafana. Implement security, compliance, and privacy by design principles in backend systems. Lead incident response and resolution of complex production issues across multi-cloud environments (e.g., AWS, Azure, OCP). Mentor and guide junior developers and contribute to team-wide knowledge sharing and skill development. Actively participate in Agile ceremonies and contribute to continuous delivery and process improvement. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 11+ years of backend software development experience focused on scalable, secure, cloud-native enterprise systems. Deep expertise in Java, J2EE, and GoLang for building distributed backend systems. Advanced experience in architecting and implementing RESTful APIs, service meshes, and inter-service communication. Expert in Postgres or equivalent RDBMS — data modeling, indexing, and performance optimization at scale. Proven track record with microservices architecture, including Docker, Kubernetes, and service deployment patterns. Expert-level familiarity with backend-focused CI/CD tooling (Jenkins, GitLab CI/CD, ArgoCD) and IaC tools (Terraform, CloudFormation). Strong knowledge of monitoring/logging tools such as Prometheus, Grafana, ELK, and Splunk, focusing on backend telemetry and observability. Experience deploying applications on cloud platformsAWS (EKS, ECS, Lambda, CloudFormation), Azure, or GCP. Familiarity with DevSecOps, secure coding practices, and compliance-aware architecture for regulated environments. Proficient in integration, load, and unit testing using JMeter, RestAssured, JUnit, etc. Leadership in backend architecture, performance tuning, platform modernization, and mentoring of technical teams. Effective cross-functional collaboration skills in multi-team, multi-region environments. Preferred technical and professional experience Deep understanding of backend architecture patterns including microservices, event-driven architecture, and domain-driven design. Experience implementing security and privacy by design principles in cloud-native backend systems. Hands-on expertise with cryptographic protocols and standards such as TLS, FIPS, and experience integrating with Java security frameworks (e.g., JCE, Spring Security). Strong grasp of secure coding practices, with experience identifying and mitigating OWASP Top 10 vulnerabilities. Exposure to designing and developing shared platform services or backend frameworks reused across products or tenants (e.g., in multi-tenant SaaS environments). Familiarity with API security patterns, including OAuth2, JWT, API gateways (e.g., Kong, Apigee). Prior experience working on compliance-oriented systems (e.g., SOC2, HIPAA, FedRAMP) or architecting for high-assurance environments. Proficiency with Shell scripting, Python, or Node.js for infrastructure automation or backend utilities.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to assess security risks, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive security assessments and work on developing strategies to mitigate potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies for vulnerability scanning and remediation.- Knowledge of compliance frameworks and regulations related to information security. Additional Information:- The candidate should have minimum 5 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a detail-oriented and proactive Application Security Analyst to join our security team. The ideal candidate will have hands-on experience with Black Duck software composition analysis and a strong background in conducting thorough source code reviews to identify and mitigate security vulnerabilities. This role involves collaborating closely with development teams to ensure secure coding practices and maintaining the security posture of applications throughout the SDLC.Key Responsibilities:- Perform security assessments and vulnerability analysis of applications using Black Duck to identify open-source component risks and compliance issues.- Conduct in-depth source code reviews to detect security flaws, including injection attacks, authentication weaknesses, insecure data handling, and other common vulnerabilities.- Collaborate with developers, DevOps, and QA teams to remediate identified security vulnerabilities and integrate security controls into development processes.- Develop and enforce security policies and best practices for secure coding and application security.- Support threat modeling, risk assessments, and security testing activities throughout the software development lifecycle (SDLC).- Stay updated with the latest application security trends, vulnerabilities, tools, and mitigation techniques.- Provide security training and awareness sessions for development teams.- Create clear and concise documentation on findings, recommendations, and remediation strategies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Knowledge of risk assessment methodologies and security compliance requirements.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 2 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify potential vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and methodologies.- Experience with security testing tools and frameworks.- Knowledge of application security standards and compliance requirements.- Familiarity with threat modeling and risk assessment techniques. Additional Information:- The candidate should have minimum 3 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Job Summary Seeking a WAF Management and Governance Lead to oversee the security, operational integrity, and compliance of Web Application Firewall (WAF) systems. The ideal candidate will be responsible for ensuring robust protection against web-based threats, optimizing security policies, and governing WAF implementations across enterprise environments. WAF Administration Lead the deployment, configuration, and ongoing management of Web Application Firewall solutions. Security Policy Development Define, implement, and refine WAF rulesets to mitigate risks such as SQL injection, cross-site scripting (XSS), and other web threats. Governance & Compliance Ensure WAF policies align with regulatory and industry security frameworks (e.g., OWASP, PCI-DSS, GDPR). Threat Monitoring & Mitigation Collaborate with cybersecurity and internal teams to analyse threat patterns and adjust WAF settings for optimal protection. Performance Optimization Evaluate WAF impact on application performance and optimize configurations without compromising security. Incident Response Support investigation and response to security incidents related to web applications. Stakeholder Collaboration Work with IT, security, and application development teams to integrate WAF security seamlessly. Reporting & Metrics Establish key security performance indicators and provide regular governance reports. Experience 9+ years in web security, including WAF deployment and governance. Technical Expertise Hands-on experience with leading WAF platforms (e.g., AWS WAF, F5, Cloudflare WAF, Akamai Kona Security). Security Knowledge Strong understanding of OWASP top 10 threats, secure coding practices, and web security protocols. Knowledge of DevSecOps practices and security automation. Compliance Awareness Familiarity with regulatory requirements impacting web security governance. Communication Ability to convey security risks and technical details to non-security stakeholders effectively. Certifications such as CISSP, CEH, CCSP, AWS Security Specialty or equivalent. Experience in DevSecOps, automation, and integrating WAF into CI/CD pipelines. Knowledge of cloud security architectures and API security governance. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Who are we? FalconX is a pioneering team of operators, investors, and builders committed to revolutionising institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever-evolving cryptocurrency landscape. Who is on the team? We are entrepreneurs. Many in our company have been founders or have aspirations to eventually start their own company. We take these ambitions and experiences to bring a solutions-oriented mindset to the problems we encounter day-to-day. We have been fortunate to have learned from mentors and peers at institutions such as Google, LinkedIn, JUMP Trading, Citadel, PEAK6 Investments, Goldman Sachs, JP Morgan, Harvard Business School, Carnegie Mellon, IIT, IIM +more. The team you would report to all have technical backgrounds in Application Security and Product Security. They cover a wide variety of products that fall within Cryptocurrency, High-Frequency Trading, and AI systems. In this role, youll dive deeply into these product lines and provide guidance as well as implementation when needed. Responsibilities : Engineer systems and internal security tools to improve application security across all of FalconX via SSDLC improvements; Interface with the rest of Engineering on the security of Falconxs software products (Cryptocurrency; High Frequency Trading; AI systems). Youll provide guidance / recommendations / and drive the Engineers to implement your recommendations. Review and provide eng-design / architectural guidance for application systems Occasional Vulnerability Management Occasional Pentesting Educate and Train Engineers on Application Security fundamentals Execute and improve security reviews and consulting processes with runbooks and automation. Knowledge, Skills & Abilities : Strong software engineering skills in Python, Golang or Ruby. You have a past of writing production-grade code and can comfortably interact with SWEs throughout FalconX. Bonus points if you have a background of security exposure in the contexts of cryptocurrency, high-frequency trading system, or AI development Proven impact in two or more of the following AppSec domains: AppSec Education and Training, API Security, Implementation of a SSDLC, App-Layer Pentesting (BurpSuite), Manual / Automated Secure Code Reviews (SAST Tools, DAST Tools), Application Security Architecture and Design, Implementation of Security Controls (Encryption; MFA / RBAC Permissions; etc), OWASP Top Ten, BSIMM / OpenSAMM Proficiency in threat modeling risks to product applications / associated infrastructure and driving the implementation of preventative controls in partnership with Engineering. Technical Project Management Strong familiarity with what a secure SDLC should look like and tools / techniques to implement an SSDLC Ability to collaborate with internal and external stakeholders while prioritizing tasks and work independently under minimal supervision. Vulnerability management, incident response Qualifications : Minimum of 6+ years of direct experience as a Software Engineer / Software Architect in Python, Ruby, Go, etc Minimum of 6+ years of direct experience in Product or Application Security as a hands-on-keyboard AppSec or ProdSec Engineer / Consultant Practical experience performing detailed application-layer risk assessments, performing secure code reviews, doing eng-design reviews with Engineers Exceptional written and verbal communication skills Strong technical curiosity within the spaces of Cryptocurrency, AI, and High Frequency Trading Systems

Dear Candidate, We are hiring a Software Security Engineer to secure applications throughout the software development lifecycle. Ideal for developers with a strong grasp of secure coding and threat modeling. Key Responsibilities: Identify and remediate application-level vulnerabilities Conduct code reviews, static/dynamic analysis, and fuzz testing Collaborate with developers on secure architecture and coding practices Develop security tools, libraries, and automated scans in CI/CD pipelines Required Skills & Qualifications: Experience with secure coding in Java, Python, C/C++, or JavaScript Familiarity with OWASP Top 10, SAST/DAST tools (e.g., SonarQube, Veracode) Understanding of authentication, authorization, and secure APIs Bonus: Knowledge of bug bounty platforms or offensive security techniques Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

We are hiring an experienced Senior Java Developer with 610 years of hands-on expertise in building, maintaining, and scaling enterprise-level web applications. The ideal candidate should have deep proficiency in Java, J2EE, Spring Boot , and experience working with REST/SOAP APIs , microservices, and secure coding practices. This is a high-impact role involving end-to-end SDLC, team collaboration, and performance optimization. Key Responsibilities: Drive end-to-end software development lifecycle: analysis, design, development, testing, deployment & support. Design and build scalable, secure web applications using Java, J2EE, Spring Boot, REST/SOAP APIs . Collaborate with cross-functional teams: UI/UX, QA, DB, DevOps. Participate in architectural reviews, requirement analysis, and high-level design. Ensure secure coding practices and compliance with PCI, OWASP standards. Lead and mentor a team of 5–10 developers ; conduct code reviews. Document technical design and ensure alignment with best practices. Work on multi-tier, microservices-based architecture . Technical Skills Required: Core Java (Java 7/8/11), J2EE Spring Boot, Spring Framework RESTful and SOAP Web Services Hibernate / ORM tools Servlets, JSP SQL & PL/SQL, DB Design Web/Application Servers (WebSphere, Tomcat) Microservices Architecture Basic understanding of UI Frameworks (ReactJS/Angular) Secure Coding Practices (e.g., PCI DSS, OWASP) Version Control (SVN, Git) Defect Management (e.g., Jira) JMS or EJB (good to have) Desirable: Experience in Agile/Scrum methodology Familiarity with DevOps tools and CI/CD pipelines Experience leading small to mid-sized teams Soft Skills: Excellent verbal and written communication Strong analytical & problem-solving mindset Team leadership and motivational skills Detail-oriented and quality-focused

Key Responsibilities: 1. Design and implement responsive web layouts that provide an optimal user experience across devices. 2. Uphold and instill secure coding practices within the team to maintain the security and integrity of our applications. 3. Utilize advanced front-end frameworks and architectural patterns to build efficient and reusable UI components. 4. Spearhead the design, development, and implementation of component-based UI architectures. 5. Incorporate advanced build systems, ensuring efficient linting, minification, code splitting, and more. 6. Drive unit testing best practices with industry standard frameworks ex ViTest and integrate continuous integration and continuous deployment pipelines (CI/CD). 7. Collaborate and communicate effectively within a distributed team environment. 8. Mentor, guide, and inspire team members, fostering a culture of excellence and continuous learning. 9. Coordinate with stakeholders, ensuring clear communication and timely delivery of tasks. 10. Lead root cause analysis for incidences and ensure the timely resolution of technical issues. 11. Serve as the team's technical expert, guiding on solution approaches and best practices. 12. Participate actively in planning and project management to ensure team alignment and effective execution. Requirements: Technical: 1. 8-10 years of hands-on experience in building world-class UI for Web/Mobile. 2. Mastery over Javascript, with a keen understanding of its nuances and emerging trends. 3. Deep experience with front-end frameworks such as ReactJS, Redux, Redux saga, Shadcn, Zustand. 4. Deep expertise in Typescript and Node.js 5. Expertise with build systems like Webpack, rollup and code refactoring tools like SonarCube 6. Familiarity with unit testing best practices using libraries like the testing library, Jest, Vitest, cypress. 7. Proficient understanding of Git and Git CI/CD 8. Demonstrated ability to optimize web performance. 9. Awareness of DevOps and Agile methodologies. 10. Exceptional written and verbal communication skills. 11. Strong analytical, troubleshooting, and problem-solving abilities. 12. Experience in remote or distributed team environments. 13. Experience working with micro-frontends Soft Skills: • An evangelist, with software not just as a profession but a calling. • Excellent problem-solving abilities and strong communication skills. Advanced verbal and written communication skills including the ability to explain and present technical concepts to a diverse set of audiences. Comfortable working directly with both technical and non-technical audiences Good judgment, time management, and decision-making skills Strong teamwork and interpersonal skills; ability to communicate and thrive in a cross-functional environment A guardian against technical debt, ensuring our legacy remains pristine. Willingness to work outside documented job description. Has a whatever is needed” attitude. Qualifications

Responsibilities Responsive UI Development: Design and implement responsive, device-agnostic web layouts for a seamless user experience. Secure Coding: Enforce security best practices in front-end development and ensure team-wide adoption. Component Architecture: Develop efficient, reusable UI components using advanced front-end frameworks and patterns. Technical Leadership: Spearhead component-based architecture, act as a solution architect, and guide development strategies. Build & Tooling: Optimize build systems (e.g., Webpack, Rollup) with modern techniquescode splitting, linting, and minification. Testing & CI/CD: Drive adoption of unit testing (ViTest, Jest, Cypress) and integrate CI/CD workflows. Team Collaboration: Communicate clearly within a distributed team and coordinate with stakeholders to ensure timely delivery. Mentorship: Coach and inspire peers, nurturing a culture of excellence, collaboration, and learning. Incident Resolution: Lead root cause analysis and ensure quick resolution of critical technical issues. Project Ownership: Participate in sprint planning and project delivery, ensuring strong alignment across functions. Technical Requirements 810 years of experience in building modern UI for web and mobile. Expert-level proficiency in JavaScript, TypeScript, and Node.js. Hands-on experience with frameworks: ReactJS, Redux, Redux-Saga, Zustand, Shadcn. Proficient with modern build systems: Webpack, Rollup; and quality tools: SonarQube. Strong grasp of testing libraries: Testing Library, Jest, Vitest, Cypress. Skilled in version control and CI/CD using Git and GitHub Actions (or similar tools). Experience with micro-frontend architectures. Proven ability to optimize front-end performance at scale. Familiarity with Agile, DevOps, and working in distributed teams. Preferred Qualifications Bachelor's or Master’s degree in Computer Science or related field. Experience building cloud-based, scalable, and maintainable frontend platforms. Knowledge of microservices/micro-frontends. Prior work in the energy, utilities, or industrial automation sector. Experience developing configuration dashboards or similar platforms.

Location: Bengaluru, India Onsite Reports To: Executive Manager (Krushangi Chandekar) About ITCart Private Limited (iTCart): ITCart Private Limited isnt just a company its a global movement redefining how industries think, operate, and thrive in the age of Artificial Intelligence Headquartered in Bengaluru, Indias Silicon Valley, and spanning across innovation hubs in the USA, UK, KSA, UAE, and LATAM, ITCart stands at the forefront of AI-powered digital transformation We dont follow trends; we create them With a relentless focus on AI-driven disruption, ITCarts Patent-pending AIX Framework serves as the backbone of a new era of efficiency, innovation, and scalability This proprietary technology isnt just a tool its a paradigm shift From automating complex workflows to unlocking hyper-personalized insights with Generative AI, our solutions empower enterprises to leapfrog from legacy systems to future-ready ecosystems, Position Overview We are looking for a Senior Backend Developer with deep experience in building, optimizing, and maintaining scalable backend systems for multi-tenant SaaS platforms This is a hands-on, full-time role focused on system logic, API development, database optimization, security compliance, and backend integrations, The ideal candidate is an all-rounder with exposure to DevOps, cloud deployment, and API architecture, but has a core strength in backend engineering and platform scalability, Key Responsibilities Develop and maintain modular backend services and RESTful/GraphQL APIs Write clean, secure, and well-documented code using NodeDot js, Python, or equivalent Manage PostgreSQL/MongoDB databases with a focus on data modeling, indexing, and query performance Optimize server performance, caching (Redis), rate-limiting, and background job queues (Celery, RabbitMQ) Integrate authentication (OAuth2, JWT), SSO (Google/Microsoft), and RBAC-based access controls Collaborate with frontend, DevOps, and product teams to ship secure, scalable, and testable features Participate in architectural discussions and code reviews; own end-to-end delivery of backend modules Write unit, integration, and performance tests to ensure code stability Follow CI/CD practices and maintain environments through GitHub Actions or Jenkins pipelines Contribute to developer documentation and maintain API standards across projects Key Performance Indicators (KPIs) Sprint Delivery Accuracy 90% API Response Time Production Error Rate Code Review Score 4 5/5 Unit Test Coverage 85% Backend Downtime 0 1% Monthly Key Result Indicators (KRIs) Backend features deployed per quarter Critical bug fixes and production support turnaround timeSuccessful API handoffs to frontend/mobile teams Uptime and performance benchmarks met Peer feedback and mentorship impact Mandatory Technical Qualifications: 58 years of experience in backend development for cloud-based platforms Proficiency in NodeDot js, Python, or Go with experience building scalable microservices Strong knowledge of SQL/NoSQL (PostgreSQL, MongoDB), Redis, and ORM frameworks API architecture (REST/GraphQL), Swagger/OpenAPI standards Familiarity with Git workflows, CI/CD, Docker, Kubernetes basics Strong understanding of authentication (OAuth2/JWT), session handling, and secure coding practices Preferred Skills: AWS experience (EC2, RDS, CloudWatch) Exposure to pub/sub and message queues (Kafka, RabbitMQ) Experience with ElasticSearch, Prometheus, and log monitoring Knowledge of container orchestration and DevOps automation tools Soft Skills & Culture Fit Strong analytical and problem-solving ability Team-oriented with a passion for mentorship Willing to experiment, learn, and adapt to fast-paced environments Comfortable working across time zones with distributed teams

We're hiring a Kotlin & Java Backend Developer with expertise in microservices, DevOps, and test automation. Experience with ML, OCR tools, and secure coding practices is a strong plus. Hybrid in Chennai/Hyderabad. Required Candidate profile Experienced Backend Developer with 5+ years in Kotlin and Java, RESTful APIs, microservices, and DevOps. Strong testing, CI/CD, and secure coding skills. ML/OCR exposure is a bonus.

Roles and Responsibilities : Conduct code reviews to identify potential security vulnerabilities and provide recommendations for remediation. Collaborate with development teams to implement secure coding practices and ensure compliance with industry standards (e.g., CISA). Develop and execute test plans to validate the effectiveness of implemented controls, identifying areas for improvement. Provide guidance on risk management strategies, including assessment, mitigation, and monitoring of identified risks. Job Requirements : 7-15 years of experience in IT services & consulting with a focus on cyber security, control testing, or related fields. Certifications such as CISSP or CISA are highly desirable; equivalent experience may be considered. Strong understanding of software development life cycles, including design patterns, coding standards, and testing methodologies. Experience with conducting audits/assessments using various frameworks (e.g., ISO 27001) is an asset.

Cyber Manager Joining Maersk will embark you on a great journey with career development in a global organisation. You will gain broad business knowledge of the companys activities globally, as well as understand how the complexity of IT supports the transport and logistics business. At Maersk we value the diversity of our talent and will always strive to recruit the best person for the job we value diversity in all its forms, including but not limited to: gender, age, nationality, race, sexual orientation, disability or religious beliefs. We are proud of our diversity and see it as a genuine source of strength for building high performing teams. The purpose of this role is to assist in delivering a DevSecOps transformation across Maersk by driving the processes, behaviours and culture necessary to enable successful implementation. You will be a key member of the team charged with delivering the tools, training, and methods necessary to support secure software development, and incentivising secure behaviour across the developer community and broader organisation. Were looking for a software developer who is passionate about security, who will work with our multi-disciplinary team to evangelize the importance of secure coding and design and deliver supporting initiatives. You will work with stakeholders across Maersk to assess the success of interventions and enable continuous improvement. In this role you will be exposed to a wide and challenging range of business issues through regular engagement with stakeholders across Maersk. You will work and communicate across geographical and cultural borders that will enable you to build a strong professional network. We will provide you with opportunities to broaden your knowledge and strengthen your technical and professional foundation. Key responsibilities: Identifying, analysing, and capturing requirements related to secure software development practices across Platforms and Enterprise brands. Designing and delivering user-centered interventions to enable secure software development awareness and practices. This will include writing actionable guidelines, developing and delivering application security training and awareness materials, and identifying opportunities to streamline and automate secure development practices. Collaborating with Developers to identify and develop good DevSecOps practices and assisting in embedding them as business as usual. Developing understanding of DevSecOps best practice in other sectors and extrapolating to Maersk initiatives as appropriate. Primary internal stakeholders Maersk Technology Organization including new platforms Maersk Brands & Supporting Function teams Other Cyber Security functions Primary external stakeholder Maersk customers Maersk suppliers Regulatory bodies Required experience & skills: Who we are looking: Software development experience Knowledge of application security principles and the ability to translate technical concepts to a diverse set of stakeholders. Excellent communication skills: the ability to effectively communicate with both technical and non-technical personnel. Excellent stakeholder management and interpersonal skills. Highly organized, with the ability to manage conflicting priorities and multiple tasks Able to work in a multi-disciplinary, collaborative environment. Strong presentation and storytelling skills. Strong self-starting and can-do attitude Experience: At least four years experience in software development. Experience implementing application security within CI/CD pipelines is strongly preferred. Strong stakeholder management experience with the ability to identify differing stakeholder views and build consensus. Experience working in an agile environment. Experience in an IT Operations environments along with an understanding of how it supports critical business outcomes is strongly preferred

Hello Visionary! We know that the only way a business thrive is if our people are growing. That’s why we always put our people first. Our global, diverse team would be happy to support you and challenge you to grow in new ways. Who knows where our shared journey will take you We are looking for Product and Solution Security Expert (PSSE) How do you craft the future Smart BuildingsWe’re looking for the makers of tomorrow, the hardworking individuals ready to help Siemens transform entire industries, cities and even countries. Get to know us from the inside, develop your skills on the job. You’ll make a difference by: 1. Integration with SDLC: Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Perform security code reviews and analyze vulnerabilities during different SDLC phases. Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. 2. Security Activities: Develop and implement security protocols, guidelines, and best practices for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. 3. Stakeholder Interaction: Work closely with key stakeholders, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical stakeholders. Foster a security-aware culture within the development teams and across the organization. 4. Security Tools and Technologies: Implement and manage security tools such as static and dynamic analysis tools, intrusion detection systems, and vulnerability scanners. Stay updated with the latest security tools, trends, and best practices to enhance the organization's security posture. 5. Incident Response: Assist in the development and implementation of incident response plans and procedures. Participate in security incident investigations and provide expertise in resolving security breaches. 6. Training and Awareness: Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security. You’ll win us over by: 1. Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. 3. Certification Preferred: Certified Secure Software Lifecycle Professional (CSSLP). Experience: Proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key stakeholders and supporting security activities within software products. You’ll win us over by: Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. Minimum 5 years of experience in cybersecurity, with a focus on application security. We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Create a better #TomorrowWithUs! This role, based in Pune, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow Find out more about the Digital world of Siemens here[1] www.siemens.com/careers/digitalminds Find out more about Siemens careers at[2] www.siemens.com/careers