74 Appscan Jobs

TitleSecurity Test Engineer Key Responsibilities Core Skills Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore

Software Engineer Associate Advisor - HIH - Evernorth Position Overview The Provider Technology Shared Services Engineering team is seeking a Software Engineer Associate Advisor for a Band 3 Contributor Career Track position. The Software Engineer Associate Advisor will play a critical role in system development within the broader Provider Technology Solutions and Engineering organization, significantly influencing Operations and Technology Product Management. This position will provide expertise in the engineering, design, installation, and startup of automated security testing solutions, including a self-service onboarding kit that enables users to begin utilizing the solution within minutes. The solutions developed will be accessible to individuals with minimal technical skills and will require no additional coding, ensuring zero maintenance is needed. As a member of our team, you will operate within a high-performance, high-frequency enterprise technology environment. This role entails collaborating closely with IT management and staff to identify automated solutions that leverage existing resources with tailored configurations for each security testing use case. The objective is to minimize redundancy in solutions while promoting an enterprise mindset focused on reusability and maintaining high standards, ultimately ensuring minimal future maintenance requirements. The Software Engineer Lead Analyst demonstrates significant creativity, foresight, and sound judgment in the conception, planning, and execution of security initiatives. Additionally, the Lead Analyst stays informed about the latest advancements in technology, including AI and machine learning, to enhance both existing and new automation solutions. These solutions are designed to optimize production costs while facilitating the addition or updating of features aimed at improving the overall software development lifecycle experiences. Responsibilities Provide comprehensive consultation to business unit and IT management, as well as personnel, regarding all facets of application development, security testing and automation solutions across diverse development, financial, operational, and computing environments. Responsible for performing vulnerability assessments, threat modeling, penetration testing, and team campaigns of the Provider's IT infrastructure and applications, while closely collaborating to identify, evaluate, and remediate potential weaknesses in provider systems utilizing automated methods. Provides strategic vision in architectural design and Security Test Automation guidance for the team, emphasizing a thorough evaluation of the quality attributes of a software system. This includes considerations for static, dynamic security tests rather than focusing solely on the functionality of individual features. Additionally, actively oversees and manages the design of supported automation solutions. Conduct comprehensive research and evaluation of all potential solutions to recommend the most efficient and cost-effective automation solution that can be reused with an enterprise mindset, facilitating scalability for both existing and new applications with minimal modifications. Ensures that engineering solutions are aligned with the overall Technology strategy while addressing all application requirements. Demonstrate industry-leading technical abilities that enhance product quality and optimize day-to-day operations. Understand how changes impact work upstream and downstream including various back end and front-end architectural modules. Enhance personnel effectiveness using heat matrices to prioritize Quality and Development Engineering resources on high-impact interfaces while identifying areas of lesser focus. Perform automated activities, including analysis of logs, memory, and disk artifacts, utilizing a variety of commercial and open-source security tools to respond to and triage security threats. Troubleshoot and optimize automated solutions and associated artifacts to ensure efficient operation within CI/CD pipelines and on local machines, reducing software and package dependencies or conflicts to improve cycle times. Execute on a strategy to hand over the automation solutions to every Agile teams for adoption and use within their areas of focus, requiring zero maintenance and minimal effort for any enhancements without delving into coding. Encouraging and building automated processes wherever possible. Recognized internally as a subject matter expert. Qualifications Required Skills: Lead and execute internal and external penetration tests against web applications, APIs, Desktop, networks, Windows and Unix variants to discover vulnerabilities. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation. Develop scripts, tools or methodologies to enhance . penetration testing processes. Experience in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.) Experience with network and server assessment tools (e.g. Nessus, Metasploit, Nmap, Nikto, etc.) Understanding of web application frameworks (React, Spring boot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of Windows and *nix-based operating systems. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell). Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Exploit development and validation skills. Ability to analyse vulnerabilities, appropriately characterize threats, and provide remediation recommendations. Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Required Experience & Education: A Bachelor's degree in Computer Science or a related field is required. 8 - 11 years of professional experience in security and penetration testing experience. At least 3 years of experience in Agile methodologies is required. Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to “think outside the box” Familiarity with an onshore/offshore operational model is essential. Demonstrated experience in the architecture, design, and development of large-scale enterprise application solutions is required. Desired Experience: Proficient in Security and Penetration Test Automation and automation methodologies. Proficient in triaging and identifying security issues, including root cause analysis, connection problems, and application bottlenecks. Providing coaching and guidance to team members. Location & Hours of Work < >Full-time position, working 40 hours per week. Expected overlap with US hours as appropriatePrimarily based in the Innovation Hub in Hyderabad, India in a hybrid working model (3 days WFO and 2 days WAH) Equal Opportunity Statement Evernorth is an Equal Opportunity Employer actively encouraging and supporting organization-wide involvement of staff in diversity, equity, and inclusion efforts to educate, inform and advance both internal practices and external work with diverse client populations. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Position Summary Softcell Global Technologies Pvt. Ltd. is seeking a Source Code Auditor with proven expertise in both manual and automated code review. The ideal candidate should be adept with modern SAST & DAST tools and collaborative platforms, understand secure software development practices, and be capable of identifying real-world vulnerabilities across multiple languages and frameworks. This role is critical in identifying security vulnerabilities, ensuring secure coding practices, and integrating security throughout the SDLC. Key Responsibilities Code Review (Manual + Automated) Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities. Perform automated static and dynamic code analysis using tools like SonarQube, Fortify, Veracode, Burp Suite, OWASP ZAP, DeepSeek, etc. Document findings with clear proof-of-concept and mitigation recommendations. Security Compliance & Best Practices Assess code for input validation, output encoding, SQLi, XSS, CSRF, auth flaws, and cryptographic implementations. Validate third-party libraries using Snyk, Dependency-Check, or WhiteSource. Ensure compliance with OWASP, PCI-DSS, HIPAA, or other relevant industry standards and coding benchmarks. Analyze code structure and maintainability, ensure modularity, proper separation of concerns, adherence to SOLID principles, and avoidance of anti-patterns or code smells. Documentation & Reporting Generate detailed audit reports with risk ratings and recommendations. Review project documentation such as changelogs, API docs (Swagger/OpenAPI), and code metadata. Enforce internal coding standards and audit policies. Collaboration & Reviews Conduct peer reviews using GitHub/GitLab, Crucible, or similar platforms. Assist development teams in understanding and resolving security issues. Participate in internal security training and secure coding awareness programs. Preferred Tools & Platforms SAST & Security Linters: SonarQube, Fortify SCA, Checkmarx, Veracode, etc DAST: OWASP ZAP, Burp Suite, Acunetix, Netsparker, AppScan, etc Manual Review & Collaboration: GitHub, GitLab, Bitbucket, Crucible, Review Board, Phabricator Dependency & License Scanning: Snyk, OWASP Dependency-Check, WhiteSource, Semgrep CI/CD & DevOps: Jenkins, GitHub Actions, GitLab CI, Burp Suite Enterprise Preferred Certifications OSWE – Offensive Security Web Expert CSSLP – Certified Secure Software Lifecycle Professional (ISC²) ECSP – EC-Council Certified Secure Programmer CREST CCT App – Certified Application Security Tester Secure Code Warrior / Microsoft Secure Code certifications Qualifications Minimum 2 years of experience in source code auditing Strong understanding of secure coding across Java, .NET, Python, PHP, JavaScript, etc. Bachelor’s degree in Computer Science, Cybersecurity, or related field. Excellent communication, documentation, and collaboration skills. Must be available in Mumbai for full-time onsite work. Additional Details Immediate Joiners Only Practical Skills Are a Must – Onsite face-to-face technical round (No virtual/remote interviews) Why Join Softcell? Work with cutting-edge tools and enterprise projects. Learn from industry experts and grow within a specialized cybersecurity team. Contribute to critical application security reviews across domains like finance, retail, healthcare, and government. About Company At Softcell Technologies, we bring over 30 years of expertise in delivering end-to-end IT infrastructure solutions to enterprises across India. With deep roots in security, cloud, data center, and engineering technologies, we empower organizations to meet complex IT challenges. Softcell is also a CERT-In empaneled organization, recognized for conducting official cybersecurity assessments across industries. Join us to work on high-impact security projects, lead technical engagements, and grow within a passionate cybersecurity team.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Title: Security Test Engineer Key Responsibilities: Core Skills : Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore PAN India About Virtusa Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 27,000 people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us. Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company, and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence. Virtusa was founded on principles of equal opportunity for all, and so does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

Title: Security Test Engineer Key Responsibilities Core Skills : Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore PAN India

Vulnerability Assessment & Penetration Testing & configuration review for network, web app, mobile app & thick-client app Configuration reviews for OS ,DB, Firewall, routers, Switches Prepare Threat Intelligence reports Cyber-attack simulations Required Candidate profile Vulnerability Assessment Penetration Testing (PT) Web App Security Knowledge of security assessment tools e.g, Nessus, Acunetix, Appscan, nmap, etc Knowledge of OS -Linux/ UNIX Perks and benefits +++ 10% Perf Bonus + Mediclaim + 30% Company Bonus

Job Summary 4 to 5 Years of experience in application development using Java , J2EE and Advance Technologies. Good understanding of fundamental architecture and design principles, object-orientation principles and coding standards. Ability to build extensible and scalable solutions. Strong analytical and problem-solving skills. Good verbal and written communication skills. Good knowledge in DevOps, CI-CD. Very good presentation and documentation skills. Ability to learn and adapt to new technologies and frameworks. Experienced in Agile methodology and Waterfall models. Understanding on source control, versioning, branching etc. Recommend future technology capabilities and architecture design considering business objectives, technology strategy, trends, and regulatory requirements. Business Understand the bank priorities on the strategic initiatives and on the new programs planned further. Processes Adhere to ADO principles and guidelines on all Program delivery. Compliance on ICS guidelines, Security and Data protection Compliant to SDF/TDA/ADO process and drive bank towards automating process areas removing redundancies Key Responsibilities Governance Must be aware of the Group’s regulatory framework and is expected to adhere based on the role. Must understand the oversight and controls related to Business Unit, Job Function and deliver. Regulatory & Business Conduct Display exemplary conduct and live by the Group’s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Lead the [India / CCIB CLDM ITO / Application Development, Support & Engineering to achieve the outcomes set out in the Bank’s Conduct Principles: [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] * Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. [Insert local regulator e.g. PRA/FCA prescribed responsibilities and Rationale for allocation]. [Where relevant - Additionally, for subsidiaries or relevant non -subsidiaries] Serve as a Director of the Board of [insert name of entities] Exercise authorities delegated by the Board of Directors and act in accordance with Articles of Association (or equivalent) Key Stakeholders CEE Hive ITO, CEE Engineering Team, Application Delivery, PSS, Testing Other Responsibilities Manage and handle all CCIB CLDM Objectives. Skills And Experience Java, J2EE, Spring Boot, Microservices Python, HiveQL OCP, Kubernetes PL/SQL Programming, RDBMS Devops Tools React JS Qualifications Technical Competence Good knowledge about Design Patterns and Principles, Microservices Architecture. Strong hands-on experience on CI-CD pattern with good knowledge on related tools like GIT, ADO, Jenkins, OpenShift, Kubernetes, Docker and automation test tool like JMeter, SoapUI. Good knowledge on API building (Web Service, SOAP/REST). Good knowledge on multi-threading and multi-processing implementations. Good knowledge in dependency injections like Spring DI/Blueprints and JSON libraries like Jackson/GSON Good knowledge in Linux Operating System (Preferably RHEL). Expertise in RDBMS solutions (Oracle, PostgreSQL) & NoSQL offerings (Cassandra, MongoDB, etc) Strong programming and hands-on skills in Java. Strong programming and hands-on skills in Python. Strong experience in open-source frameworks like Spring, Hibernate, Transaction Management and Apache Libraries (Camel/ActiveMQ/Commons). Good Understanding code quality tools like SonarQube, AppScan, AQUA. Strong experience on Unit testing and code coverage using JUnit/Mockito. Good to Have Experience in application development for Client Due Diligence (CDD), CRA, On-boarding, FATCA & CRS Good knowledge on Cloud native application development, and knowledge of Cloud computing services. CDD process awareness including AML, KYC and Screening Enhance and improve CDD related processes. About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together We Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term What We Offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Job Description: Familiarity with application security testing tools, and ticket tracking tools Experience of API testing Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams Support SDLC and agile environments with application security testing Skills and knowledge with Burp Suite,HCL Appscan and other application security testing tools Able to Identify and track issues, risks and action items Should have analytical and customer service skills Able to work in a team environment Able to provide effective on-site product support as needed Should have Strong business communication, positive attitude and willingness to learn essential skills Good to have Knowledge of Cloud security concepts. Required Experience Any relevant degree with minimum 5 years of experience as a Security Analyst or Engineer. Location: This position can be based in any of the following locations: Chennai Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday

Job requisition ID :: 81577 Date: Jun 21, 2025 Location: Chennai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Position Purpose The purpose of the position is to help with the information security topics mentioned in the direct responsibilities. Responsibilities Direct Responsibilities - Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. - Engaging with organization wide risk and control groups, including internal audit and territory control teams. - Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls. Contributing Responsibilities Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process Knowledge of single-sign-on security strategies (e.g. SAML, OAUTH2, SiteMinder etc.) Excellent understanding of authentication related mechanisms (Kerberos, One Time Passwords, PKI) Good understanding of cryptography and its practical uses within secure application development Familiarity with common security vulnerabilities (e.g. OWASP Top 10) Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them. Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Technical & Behavioral Competencies Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarize key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity, Sonatype, Blackduck Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. Excellent Inter personal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills Specific Qualifications (if required) - CEH, SSCP, OSCP certified. - Technical Graduate (Computer Science) Preferable. Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral & written Ability to share / pass on knowledge Active listening Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Analytical Ability Ability to develop and adapt a process Ability to develop and leverage networks Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Bachelor Degree or equivalent Experience Level At least 7 years

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security Responsibilities : Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools : Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (eg, PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech)

Job Description The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments, Red Team Assessment, Phishing, IoT, Cloud Pen testing (Azure and AWS, Google Cloud), Cloud Configuration Audit, Architecture Review. The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks. Well versed with OWASP Top Ten and WASC Threat Classifications. Expertise in Vulnerability Assessment and Penetration Testing of Web Applications. Business‐Logic based application testing. Penetration testing of Mobile applications and websites. Exploitation of the issues found and presenting the impact occurred. Source Code Reviews Well versed in Java Secure Code Review. Well versed in OWASP Code Review concepts & identifiers. Familiar With Popular Tools Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark, Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider. Exploit Toolkits: Metasploit, Exploit DB etc Understanding of the nature and sources of security vulnerabilities, how to identify and exploit Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks. Skills Mandatory Application Security Testing/Penetration Testing (Web-based, Thick client, web services, Mobile. Network Security Testing/Penetration Testing (Network, OS, Databases etc). Static Code Analysis/ Secure Code Review.

NAB is looking for Security Assurance Consultant to join our dynamic team and embark on a rewarding career journey Undertake short-term or long-term projects to address a variety of issues and needs Meet with management or appropriate staff to understand their requirements Use interviews, surveys etc. to collect necessary data Conduct situational and data analysis to identify and understand a problem or issue Present and explain findings to appropriate executives Provide advice or suggestions for improvement according to objectives Formulate plans to implement recommendations and overcome objections Arrange for or provide training to people affected by change Evaluate the situation periodically and make adjustments when needed Replenish knowledge of industry, products and field

Who we think will be a great fit. A passion for information security with a hacker mindset! Self-motivation and Proactiveness Communication skills What we need... We want people with preferably two or more, of the following: 1. Web Application Security Testing. Knowledge about BURP Suite, manual and automated SQLi Bypass filters that detect SQLi, XSS, etc. People who don't think Injection means only SQLi but SSTI, SSJI, ORMi [HQLi], LDAPi, Eli, XMLi etc. 2. Network Infrastructure Testing. Ability to write custom scripts and wrappers. Knowledge of tools like Responder, Ettercap, tcpdump, Empire, etc.not just Nmap and Nessus Have good knowledge about PowerShell scripting and AD/DC infrastructure. 3. Mobile App Testing. Root/jailbreak and Certificate pinning bypass without any automated tool Dynamic instrumentation using Frida De-obfuscation of APK/IPA file 4. IoT Testing. MQTT attacks Fuzzing of IoT devices Firmware extraction 5. Cloud Testing. A good understanding of the cloud infrastructure that includes AWS, Azure and Google cloud. Have a good understanding of microservices architecture. 6. Secure Code Review. Ability to visualize and compile applications without any compiler (in your mind). Has the ability to learn a new programming language on-the-go. Preferred candidate profile : Candidates with relevant professional experience will be given preference.

About Zeta Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015. Our f lagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech , careers.zeta.tech , Linkedin , Twitter The Role As part of the Risk & Compliance team within the Engineering division at Zeta, the Application Security Manager is tasked with safeguarding all mobile, web applications, and APIs. This involves identifying vulnerabilities through testing and ethical hacking, while also educating developers and DevOps teams on how to resolve them. Your primary goal will be to ensure the security of Zeta's applications and platforms. As a manager, you'llbe responsible for securing all of Zeta’s products. In this individual contributor role, you will report directly to the Chief Information Security Officer (CISO). The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI/CD pipeline to enhance continuous security integration. Responsibilities Guide Security and Privacy Initiatives: Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development. Ensure Secure Application Development: Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices. Project Scope Management: Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance/maintenance. Drive Internal Adoption and Visibility: Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization. Security Engineering Expertise: Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization. Team Leadership and Development Make decisions on hiring and lead the hiring process to build a skilled security team. Define and drive improvements in the hiring process to attract top security talent. Mentor and guide developers and QA teams on secure coding practices and security awareness. Security Tool and Gap Assessment: Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities. Stakeholder Liaison: Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team. Bug Bounty Program Management: Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively. Own Security Posture: Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained. Skills Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) across web, mobile, API, and network/Infra environments. Deep understanding of the OWASP Top 10 and their respective attack and defense mechanisms. Strong exposure to Secure SDLC activities, Threat Modeling, and Secure Coding practices. Experience with both commercial and open-source security tools, including Burp Suite, AppScan, OWASP ZAP, BEEF, Metasploit, Qualys, Nipper, Nessus andSnyk. Expertise in identifying and exploiting business logic vulnerabilities. Solid understanding of cryptography, PKI-based systems, and TLS protocols. Proficiency in various AuthN/AuthZ frameworks (OIDC, OAuth, SAML) and the ability to read, write, and understand Java code. Experience with Static Analysis and Code Reviews using tools like Snyk,Fortify,Veracode, Checkmarx, and SonarQube. Hands-on experience in reverse engineering mobile apps and using tools like Dex2jar, ADB, Drozer, Clang, iMAS, and Frida/Objection for dynamic instrumentation. Experience conducting penetration tests and security assessments on internal/external networks, Windows/Linux environments, and cloud infrastructure (primarily AWS). Ability to identify and exploit security vulnerabilities and misconfigurations in Windows and Linux servers. Proficiency in shell scripting and automating tasks with tools such as Python or Ruby. Familiarity with PA-DSS, PCI SSF (S3, SSLC), and other security standards like PCI DSS, DPSC, ASVS and NIST. Understanding of Java frameworks like Spring Boot, CI/CD processes, and tools like Jenkins & Bitrise. In-depth knowledge of cloud infrastructure (AWS, Azure), including VPC/VNet, S3 buckets, IAM,Security Groups, blob stores, Load Balancers, Docker containers, and Kubernetes. Solid understanding of agile development practices. Active participation in bug bounty programs (HackerOne, Bug Crowd, etc.) and experience with hackathons and Capture the Flag (CTF) competitions. Knowledge of AWS/Azure services, including network configuration and security management. Experience with databases (PostgreSQL, Redshift, MySQL) and other data storage solutions like Elasticsearch and S3 buckets. Preferred Certifications: OSCP, OSWE, GWAPT, AWAE, AWS Certified Security Specialist, CompTIA Security+ Experience And Qualifications 12 to 18 years of overall experience in application security, with a strong background in identifying and mitigating vulnerabilities in software applications. A background in development and experience in the fintech sector is a plus. Bachelor of Technology (BE/ B.Tech ), M.Tech , or ME in Computer Science or an equivalent degree from an Engineering college/University. Life At Zeta At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals. is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta Zeta is an equal opportunity employer. At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities. Show more Show less

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud.You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What you will be doing: Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, andnotification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of theSDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What we'll want you to have: You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for DASTBurp Suite, OWASP Zap, Invicti, AppScan SAST/SCAFortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface ManagementOWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful securityinitiatives. Understanding of software development; how applications and systems are designed, built, and break is critical. UnderstandDevSecOpscultural mindsets, and an engineering-focused approach to solvingcomplexsecurity problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes. The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

At Dario, Every Day is a New Opportunity to Make a Difference. We are on a mission to make better health easy. Every day our employees contribute to this mission and help hundreds of thousands of people around the globe improve their health. How cool is that? We are looking for passionate, smart, and collaborative people who have a desire to do something meaningful and impactful in their career. We are looking for a talented Senior Software developer to take responsibility for DarioHealth solutions and products. As a senior Backend developer, you will Join a growing Agile team of experienced developers building production applications, backend services, data solutions and platform infrastructure. Responsibilitie Development high scale cloud-based solutions in Health area Development in cutting edge technologies Position will be involved in design and implementation of low latency, high availability and high-performance services Development in very dynamic environment which provides ability to learn and implement new technologies Create RESTful APIs that provide unprecedented access to data via client apps. Produce efficient and a fully tested, and documented code. Be part of a talented and motivated Agile team, therefore a commitment to collaborative problem solving, sophisticate design, and the creation of quality products are essential Requirement 4+ years’ experience in back-end development 2+ years in NodeJS, Javascript ES6 Strong proficiency in Python with experience in any of the REST API development Framework – Big advantage Expertise in using AI development tools – Big advantage Experience in MongoDB, PostgreSQL, MySQL or equivalent Strong experience with creating REST and RESTful services Strong understanding of microservices, event-driven architectures, serverless and container technologies (Lambda, Docker), and container orchestration platforms such as Kubernetes, OpenShift, or equivalent Familiarity with CI/CD pipelines and related tools for unit testing (e.g. JUnit), static and dynamic code scanning (e.g. AppScan, Fortify), and build tools such as Jenkins. Familiarity with AWS SDKs Experience with AWS services such as EKS, RDS, API GW Experience in google cloud, Firebase services AWS Certified Developer/Solution Architect - Big Advantage Experience scaling up a B2B2C and B2C solutions - Big Advantage ***DarioHealth promotes diversity of thought, culture and background, which connects the entire Dario team. We believe that every member on our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and to discover, design and deliver solutions. We are passionate about building and sustaining an inclusive and equitable working and learning environments for all people, and do not discriminate against any employee or job candidate.​*** Show more Show less

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. We are looking for a Sr. QA Engineer position within our Product team. We are looking for candidates with 4-8 years of experience who possess the following skills: Manual and Automation Testing DevOps (a plus) Proficiency with JIRA and Git Expertise in Test Case Planning and Execution. Location: Remote/Hybrid. Key Responsibilities: Develop and execute test plans and test cases Identify, record, document, and track bugs Perform thorough regression testing when bugs are resolved Collaborate with cross-functional teams to ensure quality throughout the software development lifecycle Continuously improve testing processes and methodologies Preferred Qualifications: Experience with continuous integration/continuous deployment (CI/CD) pipelines Familiarity with performance and security testing Strong analytical and problem-solving skills Excellent communication and teamwork abilities. Show more Show less

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. Job Summary: We are looking for a UI Lead (UI & ReactJs /Angular) in our AppScan Product team (Remote Location) with 12+ years of experience who possess the following skills: We are seeking a highly skilled and experienced UI Lead to drive the front-end development of AppScan on Cloud , a cutting-edge application security platform. The ideal candidate should have deep expertise in modern UI frameworks and cloud-based architectures, while also perform leadership activities such as mentoring, code reviews, and stakeholder collaboration. Required Skills & Qualifications: 12–16 years of experience in front-end development, with at least 3 years in a lead role. Expertise in ReactJs, Angular, or Vue.js (Angular preferred). Strong proficiency in JavaScript, TypeScript, HTML5, CSS3, and modern build tools. Experience with cloud platforms (AWS, Azure, or GCP) and CI/CD pipelines. Experience working with QA teams, understanding of test automation frameworks and manual testing processes. Familiarity with AppScan or other application security tools is a plus. Excellent problem-solving, communication, and leadership skills. Key Responsibilities: Technical Design, develop, and maintain scalable, responsive, and intuitive user interfaces for AppScan on Cloud. Implement best practices in UI/UX design, performance optimization, and accessibility. Work with RESTful APIs, microservices, and cloud-native technologies. Ensure cross-browser compatibility and responsive design across devices. Collaborate with backend developers, DevOps, and QA teams to deliver high-quality releases. Leadership Lead and mentor a team of UI developers, fostering a culture of innovation and excellence. Conduct code reviews and enforce coding standards and best practices. Collaborate with product managers, designers, and stakeholders to align UI development with business goals. Guide and support QA teams (manual and automation) in understanding UI workflows, test coverage, and automation strategies. Drive technical discussions, architecture decisions, and roadmap planning. Preferred Qualifications: Experience with containerization (Docker, Kubernetes). Knowledge of accessibility standards (WCAG). Exposure to Agile/Scrum methodologies. Contributions to open-source projects or technical blogs. Show more Show less

Greetings from "HCL Software" "HCL Software”: - Is a Product Development Division of HCL Tech: That operates its primary Software business. At HCL Software we Develop, Market, Sell and Support over 20 Product families in the areas of Customer Experience, Digital Solutions, Secure DevOps, Security & Automation. We have offices and labs around the world to serve thousands of customers. Our mission is to drive customer success with our relentless product innovation at more than 20,000 organizations in every region of the world - including more than half of the Fortune 1000 and Global 2000 companies. We are looking for a Sr. QA Engineer position within our Product team. We are looking for candidates with 4-8 years of experience who possess the following skills: Manual and Automation Testing DevOps (a plus) Proficiency with JIRA and Git Expertise in Test Case Planning and Execution. Location: Remote/Hybrid. Key Responsibilities: Develop and execute test plans and test cases Identify, record, document, and track bugs Perform thorough regression testing when bugs are resolved Collaborate with cross-functional teams to ensure quality throughout the software development lifecycle Continuously improve testing processes and methodologies Preferred Qualifications: Experience with continuous integration/continuous deployment (CI/CD) pipelines Familiarity with performance and security testing Strong analytical and problem-solving skills Excellent communication and teamwork abilities. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations Job Description & Summary: Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: · Good interpersonal skills (written and oral communication) and ability to articulate complex issues · Ability to communicate technical · information clearly and concisely, commensurate with the audience · Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. · Good communicator (written and verbal) and listener. · Must be a team player and motivated self-starter with ability to work independently with limited supervision. · Must be assertive, methodical and detail oriented Technical Experience: · Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing · Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities · Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools · Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. · Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) · Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets · Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools · Map out a network, discover ports and services running on the different exposed network and security devices · Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. · In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. · Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage · Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 2-10 Years Education qualification: B.Tec Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master of Business Administration, Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SailPoint IdentityIQ Optional Skills SoCs Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools like Tenable Nessus, Qualys, IBM AppScan etc Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP)

About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools like Tenable Nessus, Qualys, IBM AppScan etc Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP)