10 Csrf Jobs

About TechMango: My name is Riyas Banu M, and I'm reaching out to you regarding an exciting opportunity with TechMango. You can connect with me on LinkedIn https://www.linkedin.com/in/riyasbanu-m-46381a34b/ Or Email: riyasbanu.m@techmango.net Founded in 2014, TechMango Technology Services is a leading software development company with a strong focus on emerging technologies. Our primary goal is to deliver strategic solutions that align with our business partners' technological needs. We specialize in providing custom software solutions using the best available technologies, ensuring quality delivery within defined timelines. Our services include analysis, design, architecture, programming, testing, and long-term technical support, all aimed at achieving ultimate customer satisfaction. Recognized as the Best Offshore Software Development Company in India, TechMango is driven by the mantra, "Clients' Vision is our Mission." We strive to be a technologically advanced and highly regarded organization, offering high-quality and cost-efficient services while fostering long-term client relationships. We operate in the USA (Chicago, Atlanta), UAE (Dubai), and India (Bangalore, Chennai, Madurai, Trichy, Coimbatore). For more information, please visit our website.https://www.techmango.net/ Senior Full Stack Engineer (.NET + UI) Experience: 5 to 15 Yrs Job Location : Chennai, Trichy, Madurai Mode : Work from office Shift Timing : 3 PM to 12 AM OR 4 PM to 1 AM We are hiring a Senior Full Stack Engineer with 5 -7 years; experience with strong expertise in C#, .NET, SQL, Git, and front-end technologies like Angular or React. The ideal candidate should have good English communication skills and a solid understanding of secure coding. principles to prevent common vulnerabilities such as SQL Injection, XSS, and CSRF. What is expected of you: As part of the job, you will be required to Participate in requirements analysis Write clean, scalable code using .NET programming languages Design and manage databases with SQL and interact with data through Entity Framework Build intuitive and responsive user interfaces using front-end frameworks like Angular or React. Test and deploy applications and system,Revise, update, refactor, and debug code Improve existing software use Git for version control and collaboration in a team environment. Develop documentation throughout the software development life cycle (SDLC) If your beliefs resonate with these, you are looking at the right place! Accountability Finish what you started Communication Context aware, pro-active, and clean communication Outcome High throughput Quality High-quality work and consistency Requirements: C# and .NET Framework Strong hands-on experience with object-oriented programming and enterprise-grade .NET applications. SQL Entity Framework Proficient in writing complex queries and working with ORM frameworks. UI Technologies Working experience with modern front-end frameworks such as Angular or React. Asynchronous Programming Understanding and Implementation of async/await patterns for performance optimization. Version Control Experience using Git, Bitbucket etc for source code management. Design Patterns Solid understanding and practical application of standard software design patterns. Unit Testing Experience with testing frameworks such as NUnit or xUnit to ensure code quality and reliability. Secure Coding Principles Awareness and application of secure coding practices to prevent vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), etc. Good to have skills: Exposure to Cloud Platforms, Azure, AWS, etc. Good Communication Skills Excellent knowledge of SDLC. Knowledge of Jira. Thanks & Regards, M.Riyas banu riyasbanu.m@techmango.net https://www.linkedin.com/in/riyasbanu-m-46381a34b/ Techmango Technology Services Pvt Ltd

At Juniper, we believe the network is the single greatest vehicle for knowledge, understanding, and human advancement the world has ever known, To achieve real outcomes, we know that experience is the most important requirement for networking teams and the people they serve. Delivering an experience-first, AI-Native Network pivots on the creativity and commitment of our people. It requires a consistent and committed practice, something we call the Juniper Way, About the Job:. Juniper Network’s Security Incident Response Team (SIRT) is the focal point for discovering and remediating product security vulnerabilities. The role of an Incident Manager (IM) is to drive security defects to resolution by understanding the software flaw, its impact, its proper resolution, and then communicating that to customers through Juniper Security Advisories. SIRT IMs are part of a global team that works closely with both the support and engineering organizations. The role requires understanding of secure software development and the consequences of security flaws. The successful candidate will have a passion for security and an ability to see problems with a security professional’s perspective, Responsibilities:. Juniper is seeking an experienced Security Incident Response Manager to join the Juniper SIRT, The SIRT IM is responsible for:. Investigating reports of potential vulnerabilities. Analyzing software flaws and working with engineering teams to ensure proper remediation. Authoring and presenting Security Advisories. Working with external security communities, security researchers, and customers. Managing the response to product security incidents. Requirements:. Should have 2-4 years of product security incident response experience, Familiarity with secure programming concepts and testing, Good understanding of web application security threats and defenses (SQL Injection, XSS, CSRF, etc,,), Good understanding of database security threats and defenses (cloud/container configuration, access control, authentication, misconfigured and abused privileges, logging and auditing), Familiarity with OWASP guidelines. Participation in a local OWASP chapter or similar security focused communities is a plus, Familiarity with Common Vulnerabilities and Exposure (CVE) systems, Coordinated Vulnerability Disclosure (CVD), Familiarity with the Common Weakness Enumeration (CWE) types and CERT Secure Coding Standards, Familiarity with the Common Vulnerability Scoring System (CVSS), Familiarity with agile software development/continuous integration/automation, Minimum of a Bachelor’s Degree in Engineering or Computer Science or Cybersecurity or similar, Excellent written and verbal communication skills. Should be able to produce a writing sample: A blog entry or other long-form post on a technical issue, comment on a mailing list or open source issue or other technical comment on social media, a self-written academic paper, Strong analytical and problem-solving skills, and the ability to work independently, Ability to collaborate across functional teams as well as external partners, researchers, and other security teams, Ability to track multiple issues in various states of progress, Desired Qualifications:. A strong ability to use scripting languages such as Perl, Python, TCL, and UNIX shell programming, Demonstrated experience (such as academic projects) in JavaScript, NodeDot js, Pug, PHP, Python, Java, C/C++, R, Rust, relational and NoSQL databases, Experience with HTML, CSS, JSON, XML file creation and management. Experience with AWS, Azure, GCP, Snowflake, Should be able to produce a sample code such as a project hosted on GitHub or personal site, Linux and/or FreeBSD experience along with the ability to read and understand multiple programming languages, Familiarity with routing and switching protocols and security firewalls, About Juniper Networks. Juniper Networks challenges the inherent complexity that comes with networking and security in the multicloud era. We do this with products, solutions and services that transform the way people connect, work and live. We simplify the process of transitioning to a secure and automated multicloud environment to enable secure, AI-driven networks that connect the world. Additional information can be found at Juniper Networks (www,juniperDot Net) or connect with Juniper on Twitter, LinkedIn and Facebook, WHERE WILL YOU DO YOUR BEST WORK?. Wherever you are in the world, whether it's downtown Sunnyvale or London, Westford or Bengaluru, Juniper is a place that was founded on disruptive thinking where colleague innovation is not only valued, but expected. We believe that the great task of delivering a new network for the next decade is delivered through the creativity and commitment of our people. The Juniper Way is the commitment to all our colleagues that the culture and company inspire their best work-their life's work. At Juniper we believe this is more than a job it's an opportunity to help change the world, At Juniper Networks, we are committed to elevating talent by creating a trust-based environment where we can all thrive together. If you think you have what it takes, but do not necessarily check every single box, please consider applying. We’d love to speak with you, Additional Information for United States jobs:. ELIGIBILITY TO WORK AND E-VERIFY. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire, Juniper Networks participates in the E-Verify program. E-Verify is an Internet-based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employers to electronically verify the employment eligibility of new hires and the validity of their Social Security Numbers, Information for applicants about E-Verify / E-Verify Informacin en espaol: This Company Participates in E-Verify / Este Empleador Participa en E-Verify. Immigrant and Employee Rights Section (IER) The Right to Work / El Derecho a Trabajar. E-Verify® is a registered trademark of the U.S. Department of Homeland Security, Juniper is an Equal Opportunity workplace. We do not discriminate in employment decisions on the basis of race, color, religion, gender (including pregnancy), national origin, political affiliation, sexual orientation, gender identity or expression, marital status, disability, genetic information, age, veteran status, or any other applicable legally protected characteristic. All employment decisions are made on the basis of individual qualifications, merit, and business need, Show more Show less

Key Responsibilities: F5 LTM (Local Traffic Manager) 1. Core Concepts Solid understanding of load balancing methods Layer 2 (L2) Strong grasp of networking protocols: TCP, HTTP, SSL/TLS Layer 3 (L3) Configuration and usage of virtual servers, pools, nodes, and monitors L2 2. Configuration & Management: Configure and manage traffic policies L2 Set up health monitors for backend server validation L2 Implement SSL offloading and SSL re-encryption L3 Use traffic analysis tools like tcpdump for troubleshooting L3 3. Advanced Features: Expert in writing and debugging iRules / iRule LX L3 Configure SNAT, NAT , and VLANs – L2 Set up High Availability (HA) and failover mechanisms – L2 Manage performance with caching, compression, and connection pooling – L3 F5 ASM (Application Security Manager) / WAF Skills – Mandatory for L3 1. Core Concepts Deep understanding of WAF principles and architecture – L3 In-depth knowledge of OWASP Top 10 vulnerabilities and mitigation – L3 2. Security Policy Management: Configure and fine-tune ASM security policies – L3 Traffic whitelisting and blacklisting – L2 Use Learning Mode to optimize protection rules – L2 3. Threat Mitigation Prevent common attacks: SQL Injection, XSS, CSRF – L3 Enable DDoS protection and Bot Defense – L2 Implement IP reputation and geo-blocking mechanisms – L2 4. Advanced Logging & Analysis Use ASM logs for in-depth analysis and monitoring – L2/L3 5. Performance & Scalability Ensure minimal latency while maintaining high-security enforcement – L2/L3 Troubleshoot resource utilization linked to WAF rules – L3 Scale ASM for high-traffic environments – L3 Candidate Profile: Strong hands-on experience with F5 LTM & ASM modules Ability to manage and secure enterprise-grade web applications Excellent troubleshooting and optimization skills Strong understanding of networking fundamentals and security principles Educational Qualification : Bachelor’s degree in any discipline (Engineering preferred)

Your Role and Responsibilities Product-Security Technology Centre is responsible for ensuring that IBM products are secure by conducting timely Security reviews, penetration testing and following SPbD practices. As a penetration tester you will perform security testing of IBM product and SAAS offerings in development and production environment. You will also closely work with IBM product development teams to strengthen the security posture of their products by participating in threat model, source code security testing and share best practices / lessons learnt for secure coding/design. Key responsibilities Plan the penetration test Select, design and create appropriate tools for testing Perform the penetration test on computer systems, networks, web-based and mobile applications Document your methodologies, findings Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from interaction with product teams , previous results , threat model and source code scanning inputs. Review your findings and feedback to development teams Analyse the outcomes and make recommendations for security improvements Carry out application, network, systems and infrastructure penetration tests Review physical security and perform social engineering tests where appropriate Evaluate and select from a range of penetration testing tools Keep up to date with latest testing and ethical hacking methods Deploy the testing methodology and collect data Report on findings to a range of stakeholders Make suggestions for security improvements Enhance existing methodology material Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Experience – 2 to 5 years in Cybersecurity Web Application Testing Basic understanding of HTTP Protocol HTTP Methods, Request/Response Headers, Cookies, TCP/IP connections over HTTP etc. Basic understanding of HTML/JavaScript Good Understanding of security vulnerabilities, OWASP Top 10 vulnerabilities Automated Testing Must have knowledge of at least one of IBM AppScan OR BurpSuite scanner. (Good to have knowledge of both the tools.) Should be able to configure automated scanner (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scan. Assessment of scanner results and intelligently identifying false positives from the scan results. Knowledge of Burp features mainly, Spider, Intruder, Scanner, Repeater and Extender. Manual Testing: Should be able to understand the above mentioned OWASP Top 10 categories to perform manual testing. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities. Preferred technical and professional experience Preferred Professional and Technical Expertise Webservice Testing SOAP/REST APIs testing. Configuring cURL commands and POSTMAN tool to capture the request in automated scanner. Network Testing Basic understanding of networking protocols such as TCP, UDP, DNS, DHCP etc. Basic understanding of network devices like router, switches, firewall/IDS/IPS etc.. Network scanning tools such as Nessus, Nmap, Metasploit etc. Exploitation and Post Exploitation of network vulnerabilities. Threat Model and Source code security scanning Perform/Participate in threat model creation/design or review Perform source code security scanning using (SAST) tools like Sonarqube, AppScan, Mend and other popular open-source tools. Security Certifications Any of the security certifications such as CEH, ECSA, EWPT, EWPTX, OSCP, GPEN, GWAPT etc

We are seeking a QA Test Engineer (Automation) who Conduct UIUX testing, vulnerability assessments, security testing on web applications & APIs.Develop and maintain automated test scripts using tools such as Cypress,Playwright, Selenium, or similar.

Role & responsibilities Be open to adopting new technologies and approaches on projects as they evolve, especially those relating to GenAI advancements. Stay at the forefront of the industry by staying abreast of the latest GenAI advancements and leveraging cutting-edge developments to fulfill migration projects. Participates as a software developer on small Agile teams, delivering software-based solutions for migrating and modernizing customer legacy applications to MongoDB. Follow existing best practice migration playbooks where applicable and be prepared to innovate to fill in gaps with creative solutions to solve challenges on each specific project. Actively participate in sprint grooming, planning, and showcases with ideas and suggestions. Take direction from the technical lead and project manager on projects, raising identified challenges and potential solutions to the team when applicable. Study the current state of each legacy application and the desired target state outlined by the customer and contribute to the planning, design, and solution from getting from source state to target state on each project. Be prepared to change project direction if customer or account team priorities change. Preferred candidate profile 8+ years of experience working as a software developer. Strong proficiency in Java. Experience building Enterprise grade application Java and Microservices (J2EE / JavaEE / Spring/ Spring boot). History of delivering high-cadence modern applications with applied Agile methodologies, test-first development approaches, adopting CI/CD pipelines and using Git version control. Strong experience in building applications that interact with relational databases using SQL,PL/SQL. Experience in Java security (JWT, CSRF, Method based security, RBAC).

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Summary We are looking for a skilled Front End Developer to join our team and contribute to developing web applications for our clients. The ideal candidate will have experience in front-end development, strong problem-solving abilities, and excellent communication skills. Key Responsibilities Design, develop, and maintain high-performance front-end applications using React and Angular. Collaborate with UX/UI designers, backend engineers, and product managers to deliver seamless user experiences. Optimize application performance, ensuring scalability, security, and cross-browser compatibility. Lead code reviews, mentor junior developers, and promote best practices in front-end architecture. Troubleshoot complex technical issues and implement effective solutions. Stay up to date with emerging trends in front-end development (e.g., Next.js, state management libraries, Ant Design). Skills Proficiency with the Ant Design (antd) component library and optimization practices (e.g., tree shaking). Knowledge of state management libraries (Redux, NgRx) and component libraries (Material-UI, Ant Design). Experience with cloud platforms (AWS, Azure) and serverless architectures is a plus Understanding of cybersecurity principles for front-end security (e.g., XSS, CSRF mitigation). Familiarity with Agile/Scrum methodologies. Qualifications 3-5 years of professional front-end development experience, focusing on React and/or Angular. Proficiency in TypeScript, HTML5, CSS3, and modern CSS frameworks (e.g., Tailwind, Sass). Strong understanding of RESTful APIs, GraphQL, and integration with backend services. Experience with version control systems (Git) and CI/CD pipelines. Familiarity with build tools (Webpack, Babel) and package managers (npm/yarn). Excellent problem-solving skills and attention to detail. Strong communication skills for collaboration with cross-functional teams.

Role Overview : The Application Security Senior Engineer will play a crucial role in safeguarding our applications and digital assets against security threats. With a primary focus on Vulnerability Assessment and Penetration Testing (VAPT), the role involves identifying, assessing, and mitigating security vulnerabilities across our application portfolio. This position requires a proactive mindset, strong technical skills, and the ability to collaborate effectively with cross-functional teams and support the security projects. Key Responsibilities : 1. Vulnerability Assessment and Penetration Testing (VAPT): - Conduct comprehensive security assessments of applications using industry-standard tools and techniques.- Perform manual testing and automated scans to identify vulnerabilities such as OWASP Top 10, SQL injection, XSS, CSRF, etc.- Analyze and interpret assessment findings, providing clear and actionable recommendations to development teams.- Support the security gating process with timely security assessment and reporting.- Provide guidance and assistance on secure software development life cycle.- Track identified vulnerabilities through to resolution, collaborating closely with development teams to ensure timely mitigation.- Provide detailed vulnerability reports and metrics to stakeholders, including risk assessments and remediation progress. 2. Support for Security Projects: - Actively participate in security projects and initiatives, providing expertise and guidance on application security best practices.- Perform Security Architecture review for existing and new security projects and guide on security best practices.- Collaborate with architects and developers to integrate security into the SDLC (Secure Development Life Cycle) and CI/CD pipelines. 3. Incident Response and Support: - Assist in incident response activities related to application security incidents.- Contribute to root cause analysis and lessons learned sessions to improve incident handling and prevention strategies. 4. Security Awareness and Training: - Develop and deliver training sessions on secure coding practices and application security awareness.- Promote a culture of security within the organization, advocating for continuous improvement and adherence to security policies. Requirements: Bachelors degree in Computer Science/Information Technology, or a related field. Minimum of 5 years of experience in application security, with a focus on VAPT and secure development practices. Proven experience with security assessment tools such as Burp Suite, Qualys, Nessus, etc. Strong understanding of web application architecture, including front-end, back-end, and APIs. Solid knowledge of OWASP guidelines and best practices for secure coding. Certifications such as CISSP, CEH, OSCP, or similar are preferred. Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders. Strong analytical and problem-solving skills, with attention to detail. Why join us? Impactful Work: Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry. Tremendous Growth Opportunities: Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development. Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated. Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com

Conduct security testing, including vulnerability assessments and penetration testing, on web applications, mobile applications, APIs, and infrastructure. Identify, exploit, and document security vulnerabilities and weaknesses in the systems. Required Candidate profile Experience: 2-3 years of hands-on experience in security testing, vulnerability assessment, and penetration testing. Relevant security certifications such as CEH , OSCP , or similar are mandatory.