152 Dast Jobs

Conduct Vulnerability Assessments: Identifying potential weaknesses in applications and systems using automated tools and manual techniques. Perform Penetration Tests: Simulating attacks to evaluate the effectiveness of security controls and identify exploitable vulnerabilities. Analyze Findings: Interpreting assessment and testing results to determine the severity and impact of identified vulnerabilities. Report Findings: Documenting vulnerabilities, providing detailed reports with remediation recommendations, and tracking the closure of identified issues. Collaborate with Teams: Working with developers, IT, and security teams to implement security measures and address identified vulnerabilities. Stay Updated: Keeping abreast of the latest security threats, vulnerabilities, and industry best practices. Test Various Application Types: Performing security assessments on web applications, mobile applications, APIs (REST, SOAP, XML, JSON), and potentially cloud-based services. Understand Security Standards and Frameworks: Familiarity with OWASP, NIST, ISO 27001, PCI DSS, and other relevant standards is crucial. Use Security Testing Tools: Proficiency in tools like Burp Suite, OWASP ZAP, Nmap, Nessus, AppScan, Acunetix, Veracode, CheckMarx, etc. Responsibilities: The responsibilities cover the full range of testing work, from websites, mobile apps, and infrastructure testing to social engineering. In this role, the candidate is expected to: test software and hosted platforms, to identify vulnerabilities Carry out penetration testing of web applications, mobile applications, and internal infrastructure analyze code to assess its level of security and to find specific vulnerabilities Manage the security testing process perform complex simulated attacks on networks or systems Stay updated with the latest threats/vulnerabilities produce written technical reports along with an executive summary to a professional standard Research potential vulnerabilities formally brief clients and colleagues Understanding the role of AIML in cybersecurity Qualification: Minimum 3 to 5 years hands-on experience in SAST, DAST, VAPT Certifications like CEH, CompTIA Security+, and OSCP will be considered and added advantages. Familiarity with SAST, DAST, and IAST tools Understanding of Red/Blue teaming and threat hunting

About the Role: Grade Level (for internal use): 10 The Team Security Testing Team in the Quality Engineering space plays a crucial role in safeguarding business operations by identifying vulnerabilities and ensuring robust protection against cyber threats. Through meticulous testing practices, we enhance the security posture of applications, thereby reducing the risk of data breaches and financial loss. By integrating security measures early in the development lifecycle, the team helps streamline processes, minimize disruptions, and ultimately contribute to greater business efficiency and resilience. S&P Global Ratings is the worlds leading provider of independent credit ratings. Our ratings are essential to driving growth, providing transparency, and helping educate market participants so they can make decisions with confidence. We have more than one million credit ratings outstanding on government, corporate, financial sector and structured finance entities and securities. We offer an independent view of the market built on a unique combination of broad perspective and local insight. We provide our opinions and research about relative credit risk; market participants gain independent information to help support the growth of transparent, liquid debt markets worldwide. What is in it for you Serve as a highly technical security expert to bring security transformation to both new and legacy applications in quality engineering space. Using a wide range of cutting-edge technology to innovate while testing. An ever-challenging environment to hone your existing skills in Security Testing, Automation, Python Programming, Bash scripting etc. Being a part of an organization which values Culture of Urgency and Shift Left approaches. Gain the opportunity to apply your strategic thinking alongside technical skills to safeguard our systems defending against emerging cyber threats. A plenty of skill building, knowledge sharing, and innovation opportunities. Building a fulfilling career with a global financial technology company. Responsibilities This role will involve designing and executing security tests, identify vulnerabilities, and drive remediation strategies while collaborating with cross-functional teams in an Agile environment. Understand the applications security requirements and identify & document the scope of the test. Develop and maintain security testing automation using tools like Burp Suite, ZAP, or similar tools. Integrate security testing into CI/CD pipelines. Automate processes and workflows using Python to minimize manual work. Collaborate with development, QE, and DevOps teams to investigate security incidents, perform root cause analysis, and validate security fixes. Oversee results and logs to analyze, prioritize, and initiate remediation for findings identified by security tools during SAST, DAST, SCA, artifact scanning, container scanning, etc... Prepare detailed reports summarizing test results, logs, findings, and recommendations for strengthening overall security of an application. Create and track security metrics, KPIs, and KRIs to measure operational effectiveness. Prepare comprehensive reports for senior management on security performance and strategic initiatives. Work independently, providing recommendations, and leading the accomplishments of the tasks from inception to completion. Demonstrate outstanding flexibility and leadership with proper communication of security testing result interpretation and explanation to audience. Participate in Daily Stand-up Calls, works closely with the Agile Manager to know the deliverables and commitments of each release. Actively taking part in resolving critical security issues and coming up with solutions to mitigate the same. Basic Qualifications Bachelor's or masters degree in Electronics and Communication, Computer Science, Cybersecurity, or related fields. 6 to 9 years of IT experience with relevant professional experience of Minimum 4 years in the field of Cyber Security Testing. Should have strong hands-on experience in security testing, penetration testing, and vulnerability assessment. Strong experience in web, API, and cloud security testing. Clear understanding of security vulnerabilities, exploits, and mitigation techniques Strong grasp of the OWASP Top 10 vulnerabilities and effective mitigation strategies. Hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, Wireshark, Nessus, OpenSSL and Crypto validation tools. Proficiency in SAST/DAST tools and security frameworks like OWASP Top 10, CIS Benchmarks, and CVSS. Hands-on experience with Selenium, Pytest, and RestAssured API Testing using Python. Strong hands-on experience with scripting and programming languages including Python, PowerShell, Bash for security tasks. Familiarity with RESTful APIs, webhooks, and integration of third-party security tools and services via automation. Knowledge of DevSecOps practices and integrating security in CI/CD pipelines. Self-motivated and driven to stay updated with the latest security trends, technologies, and best practices, maintain high level of accuracy in security assessments. Ability to analyze and communicate complex cybersecurity and technical challenges to technical and non-technical users, leaders, and stakeholders. Experience collaborating with cross functional global and remote teams with diverse backgrounds. Should be able to work under a competitive time frame and deliver. Should be a very fast learner and have the excellent problem-solving ability. Should have excellent written and verbal communication skills. Nice to have Skills: Security Certifications like CISSP, CEH, CISM, OSCP or CompTIA Security+ shall be having the preference. Hands-On experience in building AI-powered security tools, chatbots, and agent-driven automation pipelines. Knowledge on Agentic AI frameworks, LLMs, and orchestration libraries like LangChain, crewAI or RAG-based architectures. Grade10 LocationHyderabad Shift time11am to 8pm / 12pm to 9pm IST Hybrid Modeltwice a week work from office About S&P Global Ratings At S&P Global Ratings, our analyst-driven credit ratings, research, and sustainable finance opinions provide critical insights that are essential to translating complexity into clarity so market participants can uncover opportunities and make decisions with conviction. By bringing transparency to the market through high-quality independent opinions on creditworthiness, we enable growth across a wide variety of organizations, including businesses, governments, and institutions. S&P Global Ratings is a division of S&P Global (NYSESPGI). S&P Global is the worlds foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help many of the worlds leading organizations navigate the economic landscape so they can plan for tomorrow, today.For more information, visit www.spglobal.com/ratings Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. S&P Global has a Securities Disclosure and Trading Policy (the Policy) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policys requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----

Required Skills & Experience: 6+ years of experience in DevSecOps, DevOps, or security engineering. Strong hands-on expertise with SAST tools (e.g., SonarQube, Fortify, Checkmarx). Deep knowledge of DAST tools (e.g., OWASP ZAP, Burp Suite, AppSpider). Experience with CI/CD tools : Jenkins, GitLab CI, Azure DevOps, GitHub Actions, etc. Proficient in container security (e.g., Docker, Kubernetes, image scanning). Experience of infrastructure as code (Terraform, Ansible, etc.) and secure cloud deployment. Experience with cloud security (AWS, Azure, or GCP). Strong scripting and automation skills (Python, Bash, etc.). Solid understanding of secure SDLC and OWASP Top 10

Software development support for Windows App Store and automated installation tooling. Responsibilities include creation and maintenance of automation policies for application deployments. Required education Bachelor's Degree Required technical and professional expertise 5+ years of experience in software development. 3+ years of working experience with JAVA/Python/JavaScript/C++ Knowledge with SQL Database implementations Knowledge of SAST/DAST/IAST vulnerability scanning tools such as Mend, SonarQube, Contrast, etc. Preferred technical and professional experience Experience in cloud technologies. Good Communication skills.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModellingAbility to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools. Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify

Role & responsibilities Title: OpenShift Engineer Location: Work location: Gurgaon (Building 5), Bengaluru (Rome North, Bagmane Park) Shift timing: 16*7 support from India, 2 shift (Mon: 7AM to 4PM, Eve: 1:30 PM to 10:30 PM) Vendor Rate range - 1500 - 1700 / hr Seeking for an OpenShift Engineer (Bold are mandatory skills with hands-on experience): Mandatory Skills - Red Hat OpenShift (Hands-on experience MUST) , Jenkins, GitHub Actions with demonstrated skills in creating CI/CD pipelines, Kubernetes, Docker, Helm, Open Shift, EKS experience, security scanning & DevSec Ops SAST, DAST, SCA tools (Snyk, Sonatype, GitLab, Mend & etc.), Linux, Automation, scripting (ansible, bash, groovy), OpenShift Administrator role Note - Do not share production Support profiles please. JOB DESCRIPTION---- (1)Performing administration and operations of overall Red Hat OpenShift solutions for customers, including development of solution designs, implementation plans and documentation. (2)Perform development of IT automation products and service offerings. Assesses the provided automation architecture and or proof of concept and selects best methods for implementation of said architecture and creates appropriate automated tests to validate functionality. (3)Perform assessment of workloads for fit into one of several cloud deployment form factors IaaS, PaaS, Serverless Functions etc. and guides infrastructure teams in implementing creative solutions on public cloud infrastructure, as well as helps application teams to move to target form factor. (4)Evaluating and implementing orchestration, automation, and tooling solutions to ensure consistent processes and repetitive tasks are performed with the highest level of accuracy and reduced defects (5)Analyzing platform usage metrics to determine if platform needs to be expanded to meet the computational needs of existing and new hosted applications and, if so, planning and executing engineering tasks as required (6)Experience and good knowledge on Jenkins, GitHub Actions with demonstrated skills in creating CI/CD pipelines. (7)Experience with Docker containerization and clustering (Kubernetes, Docker, Helm, Open Shift, EKS experience). Knowledge on YML with ability to create Docker Files for different environments and resources. (8)Administering source code (GitHub/GitLab, etc.) & artifact/packages/images management (Nexus/JFrog, etc.) tools. (9)Having knowledge on security scanning & DevSecOps SAST, DAST, SCA tools (Snyk, Sonatype, GitLab, Mend & etc.) (10)Hands-on experience in provisioning Infrastructure as Code (IaC). (11)Experience with Linux, Automation, scripting (ansible, bash, groovy). Desirable experience: Splunk ELK Node.js Java, JBoss, WAS Ansible Puppet Cloud management and administration Continuous delivery experience/DevOps/Agile In-depth working knowledge on Jenkins, Sonarqube, Docker and Openshift. Strong Knowledge of Openshift (Hands on or practical knowledge) along with the Devops, should have worked on multiple projects and able to explain. Knowledge of AZURE Should have knowledge of Admin role as well Good Ansible configuration management experience, RHEL, Jenkins, CI/CD Openshift Administrator role Jenkins, GitHub Actions with demonstrated skills in creating CI/CD pipelines Kubernetes, Docker, Helm, Open Shift, EKS experience Note: Please do not share any production Support profiles who's more inclined towards DevOps, and have very limited exp on OpenShift , most of the profiles we are getting of Support & Devops not of OpenShift, No experience in CI/CD pipelines, jenkins, dockers, doesn't have much knowledge of Openshift Administrator role , more of Support profile than Administrator role, doesn't have hands on experience in Devops technologies, Does not have experience of creating CI/CD pipelines and DevOps knowledge, mostly worked on supporting the OpenShift cluster, Not worked on Docker Kubernates, Majorly, Cloud Ops role , Candidate is more into Monitoring the Dashboard alerts Adding more points as per the feedback of Panels to get more clarity on JD , DevOps Guy more into Red Hat OpenShift Engineer (Bold are mandatory skills with hands-on experience): Primary skill & must require skills - Red Hat OpenShift-means Red Hat Linux. If candidate should already work on DevOps but candidate current working project should be on Red Hat OpenShift then only, we can be able to consider profiles. Deploying the applications into Red Hat using Jenkins GitHub Actions with demonstrated skills in creating CI/CD pipelines tools. CI/CD pipelines & Deploying in Red Hat OpenShift is must it would be either using Jenkins/GitHub. Candidate should be experienced in CI/CD tools & when candidate should be able to be creating CI/CD pipelines. Having knowledge on security scanning & DevSecOps SAST, DAST, SCA tools (Snyk, Sonatype, GitLab, Mend & etc.) Containerization using Docker, Kubernetes should be there. Experience with Linux, Automation, scripting (ansible, bash, groovy). when candidate will be able to create CI/CD pipelines to deploy any applications into open shift - GitHub will be the 1st part and second will be Jenkins and 3rd comes scanning the applications i.e security scanning tools i.e., is called DevSecOps. Candidate should be experienced in DevSecOps SAST, DAST, SCA tools (Snyk, Sonatype, GitLab, Mend & etc). Preferred candidate profile

You will be responsible for conducting application security reviews for Web, Mobile (Android and iOS), and API technologies. Your role will involve assessing and identifying potential vulnerabilities in the technology being developed before implementation. You should have expertise in application security testing methodologies such as SAST, DAST, and MAST, with experience in web application, API security, and mobile application security testing according to industry standards like OWASP top 10, SANS top 25, etc. It would be beneficial to have knowledge of programming and scripting languages such as Java, JavaScript, Angular, Spring Boot, Kotlin, and Swift. Familiarity with tools like Burp Suite, Postman, SoapUI, Checkmarx, Netsparker, Nexus IQ, Kryptowire for security testing and analyzing scanned reports is essential. Moreover, a strong understanding of application security tooling and experience in driving automation within the delivery environment is required. You must hold industry-recognized Information Security and Cyber Security qualifications such as CISSP, CISA, OSCP, GIAC GPEN, GIAC GMOB. A deep understanding of security industry trends, major vulnerabilities, and security threat landscape is crucial. Knowledge of Zero Trust security principles and practical implementations is necessary. While a degree is desirable, it is not mandatory. Experience in supporting major programs, security architecture, creating security designs, and displaying positive leadership behaviors related to risk management and mitigation is expected. Proficiency in collaboration tools like SharePoint, Teams, Confluence, and JIRA is advantageous. Hands-on experience in working with DevOps and Agile teams to incorporate security in the software development lifecycle is a key requirement. Additionally, experience in application risk assessment, threat modeling, and working closely with delivery teams for security risk remediation is important. About the Company: Purview is a leading Digital Cloud & Data Engineering company with headquarters in Edinburgh, United Kingdom and a presence in 14 countries including India, Poland, Germany, USA, UAE, Singapore, Australia, among others. The company provides services to Captive Clients and top-tier IT organizations, delivering solutions and resources to clients worldwide. Company Information: Purview Services 3rd Floor, Sonthalia Mind Space Near Westin Hotel, Gafoor Nagar, Hitechcity, Hyderabad Phone: +91 40 48549120 / +91 8790177967 Gyleview House, 3 Redheughs Rigg South Gyle, Edinburgh, EH12 9DQ Phone: +44 7590230910 Email: careers@purviewservices.com Login to Apply!,

KPMG entities in India are professional services firm(s) affiliated with KPMG International Limited, established in August 1993. Our professionals leverage the global network of firms, understanding local laws, regulations, markets, and competition. With offices across India, in cities like Ahmedabad, Bengaluru, Mumbai, and more, we offer services to national and international clients across various sectors. Our focus is on delivering rapid, performance-based, industry-focused, and technology-enabled services, showcasing our understanding of global and local industries and the Indian business environment. As a Security Code Reviewer at KPMG in India, your primary responsibilities will include performing manual security code reviews for common programming languages such as Java and .NET. You will also be tasked with conducting automated testing of running applications and static code using tools like SAST and DAST. Additionally, you will be required to perform manual application penetration tests on various platforms like web applications, internal applications, APIs, and networks to identify and exploit vulnerabilities. The ideal candidate should have at least 6 months of formal programming experience in Java or C#, and possess 4 to 8 years of overall experience in the field. It would be advantageous to have one or more major ethical hacking certifications such as GWAPT, CREST, OSCP, OSWE, or OSWA. Providing technical leadership and guidance to team members, communicating effectively with both technical and non-technical audiences, and collaborating with Cyber teams to develop new testing techniques are also key aspects of this role. Moreover, having a minimum of three years of recent experience working with security testing tools like AppScan, NetsSparker, Acunetix, Checkmarx, BurpSuite, and others will be beneficial. This position offers equal employment opportunities and encourages individuals with a passion for cybersecurity to apply and contribute to our dynamic team at KPMG in India.,

About One One's mission is simple - to help customers achieve financial progress. One is creating simple solutions to assist customers in saving, spending, borrowing, and growing their money all in one place. The U.S. consumer today deserves better, as millions of Americans are unable to access credit, build savings or wealth, and are managing their financial lives through multiple disconnected apps. Approximately a quarter of U.S. adults are unbanked or underbanked, and about 80% of fintech users rely on multiple accounts to manage their finances. One is unique as it is backed by a preeminent fintech investor (Ribbit) and the world's largest retailer (Walmart), maintaining the speed and independence of a startup while employing a strong and growing collection of world-class talent. This presents an opportune moment to build a business that aids people in achieving financial progress. Come build with us! The Role As an Application Security Engineer at One, you will be responsible for ensuring that One delivers secure and reliable applications at scale. Your role involves partnering with engineers to integrate security into the product from the ground up, developing engineering tools and workflows to test and validate artifacts, and actively creating security frameworks. You will champion modern Application Security Engineering at One, directly impacting the security of all products. Additionally, you will provide subject-matter expertise to product teams on security best practices, optimize secure coding practices, utilize offensive security techniques to strengthen our environment, and enhance overall security practices. Responsibilities - Ensuring the quality and security of applications and products by guiding their development through the Secure Development Lifecycle (SDLC) process. - Conducting SAST/DAST and penetration testing on core application services, web applications, and mobile applications. - Developing, maintaining, and extending an in-house application security and penetration testing automated testing framework. - Creating secure libraries, hardening existing libraries and frameworks, and eliminating vulnerabilities. - Enforcing SDLC practices through Infrastructure-As-Code (IaC) policies whenever possible. - Collaborating closely with Engineering teams to validate the security posture of new features before production deployment. - Triaging and validating security vulnerabilities, acting as a subject-matter expert in AppSec for the Engineering team. - Refactoring and deploying secure libraries and frameworks across the code repository. - Training engineers, architects, code reviewers, and others on secure coding practices. - Contributing to application threat models and maintaining awareness of vulnerabilities in application technologies. - Working with Security and other engineering teams to maintain a security architecture that provides controls across all platforms to mitigate risk. - Providing expertise on code-level security concerns during product development. Requirements - 5+ years of experience in security engineering, DevSecOps, and application development. - Strong knowledge of CVSS, MITRE ATT&CK, and OWASP Top 10. - Proficiency in TypeScript and practical understanding of AWS core services. - Experience with modern application architecture, deployment practices, and secure software development frameworks. - Familiarity with Library/API/Framework development and integrating security scanning tools with CI/CD. - Expertise in security vulnerabilities, cryptography, and security evaluation tooling. - Exposure to technologies like AWS, iOS, Android, Vault, Kubernetes, React, GraphQL, and Datadog. - Understanding of regulatory compliance concerns (GLBA, CCPA, PCI). - Triple H Factor: Humble, Hungry, and Honest with an act-like-an-owner mentality. What it's like working @ One - Competitive compensation. - Benefits effective from day one. - Early access to a high-growth fintech startup. - Generous stock option packages. - Employer Provident Fund contributions. - Comprehensive health insurance for you and your family, including mental health support. - Flexible time off programs, monthly transport allowance, work-from-home stipend, and a hybrid working model. Leveling Philosophy One follows a flat titling structure to scale the company thoughtfully and avoid inequities. Internal titles reflect specific functional responsibilities and additional descriptors for clarity within the organization. Employees are compensated based on experience and internal level within One. Inclusion & Belonging,

Job Description As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. Provide security guidance and best practices to engineering teams throughout the software development lifecycle. Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. Perform security assessments, including threat modeling and architecture reviews for new features and applications. Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. Deliver secure coding training and resources to engineering teams to foster a security-first culture. Things You Will Need to Be Successful in This Role Typically requires a minimum of 5 years of related experience with a Bachelors degree; or 3 years and a Master’s degree; or a PhD without experience; or equivalent work experience. Proficiency with code scanning tools. Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. Strong analytical skills to interpret scan results and prioritize remediation efforts. Certifications (Preferred): CSSLP or relevant security certifications. Excellent communication and collaboration skills to work effectively with cross-functional teams. A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle.

Responsibilities : Conduct security assessments for web, Android, and iOS applications. Identify and remediate vulnerabilities across the platform such java and java script Promote a security-first culture and drive security integration in the SDLC. Maintain and update security policies, standards, and procedures. Support ISMS design, implementation, and maintenance. Assist with ISO 27001 and PCI DSS certification and audits. Manage third-party risk programs, including vendor assessments and ongoing monitoring. Maintain vendor risk register and track remediation actions. Collaborate with internal teams to prepare for audits and ensure compliance. Adapt to new technologies, languages, and frameworks as needed. Requirements : Minimum 3 years of experience in Application Security. CEH and OSCP Certification Strong knowledge of security frameworks - Owasp top10 , secure coding, and threat modeling. Deep understanding of SDLC application security threats (e.g., XSS, SQL Injection, CSRF, buffer overflows, business logic flaws, brute force). Strong understanding of Java, Java script and python Experience with security tools (Static Code Analysis, DAST, Penetration Testing) Hands-on experience with security assessments in microservice architectures. Familiarity with authentication flows, payment gateway integration, and business logic security. Experience supporting ISO 27001 and PCI DSS compliance. Ability to work independently in a fast-paced environment. Passionate and practical approach to security challenges Strong Problem Solving and analytical skills. Accustomed to dealing with ambiguity in a fast-paced environment Proven ability to collaborate successfully across cross functions..

Responsible for implementing the product build requirements & creating the installers Design and implement secure CI/CD pipelines that incorporate security checks at every stage, from code commit to deployment. Automate repetitive security tasks Required Candidate profile Demonstrable experience building and maintaining secure CI/CD pipelines. Knowledge of common security vulnerabilities, attack vectors, and mitigation techniques. Proficiency in Python/Shell

Note : 6 months contract with Vlink based on performance contract can be extended Roles & responsibilities Perform automated testing of running applications and static code (SAST, DAST). Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Experience in one or more of the following is a plus: mobile application testing, Web application pen testing, application architecture, and business logic analysis. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, and Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Job Description:Mandatory technical & functional skills Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in the development of web applications and/or APIs. should be able to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred: GWAPT, CREST, OSCP, OSWE, OSWA

About The Role Project Role : Tech Delivery&Op Excellence Practitioner Project Role Description : Understand how to deliver value to clients, and use that commercial competency to apply methods or certifications appropriately. Attention to detail and deep expertise allow them to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Must have skills : Governance Risk Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Tech Delivery & Op Excellence Practitioner, you will understand how to deliver value to clients and apply methods or certifications appropriately. Attention to detail and deep expertise allow you to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Key responsibility:- Risk and Compliance senior Analyst works with the Application service delivery organization and other compliance related functions to help:- Perform audits/reviews to assess risks in Application development and maintenance service environment- Manage risk in Application development and maintenance service to an acceptable level - Increase the level of awareness of and compliance with policy and process related matters - Support successful completion of various external compliance certification programs and internal compliance assessments- Introduce continual improvement including lessons learned from matters requiring intervention- This successful candidate for this role will be a member of a dedicated team operating a Controls and Compliance function, which will perform audit style reviews of Application Development & Maintenance Services outsourcing engagements covering compliance matters and operational service management and service delivery good practice.Must-Have Skills/ Qualifications:- Minimum of 1-year experience in Auditing principles and practices (sample qualifications*:CISA, ISO 27001 Lead Auditor)- Minimum of 1-year experience in Application security/audit roles in Application development & maintenance service industry(sample qualifications*:EC-Councils CASE (Certified Application Security Engineer), CEH(Certified Ethical Hacker), - Agile Methodology( Certified Scrum Master), DevOps Certification, CMMI for Development- Knowledge of secure SDLC models, secure coding standards, OWASP Top 10, threat modeling, SAST(Static Application security testing), DAST (Dynamic Application security testing), single sign on, Encryption - Minimum of 1-year experience in Operational compliance requirements)- Contract Management / Service Reporting(including Service Level Agreements and Operational Level Agreements)- Risk management or assessment (sample qualification*:CRISC)- Knowledge of cloud environment and services (sample qualification*:Microsoft Azure/AWS/Google Certifications)- Team and stakeholder managementNice-to-Have Skills/ Qualifications:- Data privacy and protection (sample qualifications*:CIPM, CIPT, CIPP)- CISSP*, CISM*, CISA*, CCSK*, CCSP*- SOC1 and SOC2 (SSAE16 / ISAE3402) awareness- Business Continuity and Disaster Recovery awareness (ISO 22301) Professional Attributes:1:Good communication2:Teamwork3:Problem Solving Capabilities4:Work Planning and Management 5:Quick Learner6:Eager to take on responsible task7:Dedicated and Focused Educational Qualification:1:MBA-Information Security/ IT2:BE/B-Tech with CS/IT/related domain3:BSc- IT Additional Information:(i.e., travel, overtime %)1:Occasional within country travel 2:Flexibility in working hours Qualification 15 years full time education

Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development / Production / CSIRT / Production Security teams. The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator. WM IT Risk and Security Manager o Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development. o Coordinate with APAC WM security actors, including India-based resources. o Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture o Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process. o Periodic reporting of security status to WM CISO APAC and WM Global CISO o Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication. o Ensure the regular reporting for management follow-up IT Security Compliance (delegation on WM APAC scope) o Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets. o Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes. o Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) o Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements o Ensure the compliance with the Third-party Technology risks and Cloud security. o Identify the process gaps and provide solutions. Application Security o Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. o Identify and implement the latest security standards for internet facing and internal assets. o Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing SAST, Dynamic Acceptance Security Testing DAST and Software Composition Analysis SCA). Perform Security risk assessments and reviews to be presented to respective committees. Ensure the adequate security level for all WM GAIM applications, whatever the IT project managers location and hosting provider. Production Security Oversight (delegation on WM APAC scope) o Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance. o Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress. o Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents. CyberSecurity Program (delegation on WM APAC scope) o Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program. Contributing Responsibilities Coordination with IT Security actors o Reporting line to the WM GAIM Global CISO : alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard) o Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope. o Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production. o Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group. Technical & Behavioral Competencies Cybersecurity / Technical Value-added Competencies Cybersecurity Governance : framework (NIST / CIS framework), Security incident management, Logging & Detection (SIEM ELK products) DevSecOps : CI/CD toolchain knowledge of various tools o Source code management: sonarQuabe, bibucket, github/gitlab o Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan) o Automation/orchestration: Ansible tower, Jenkins Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security) Vulnerability Management o Nexpose, Nessus Ethical Hacking Knowledge o Kali Linux knowledge (metasploit, nmap) Specific Qualifications (if required) Qualifications and Experience 10 years' experience in information security evaluation and design of technical architectures Functional as well as technical knowledge of the applications used within BNP Paribas Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies Team management experience is a must Preferred Master level in Computer science and Information Security Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Decision Making Ability to deliver / Results driven Transversal Skills: Ability to set up relevant performance indicators Ability to develop and adapt a process Ability to manage a project Ability to develop others & improve their skills Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Master Degree or equivalent

As a DevOps/SRE Engineer at Optum, a global organization dedicated to improving health outcomes through technology, your role will be pivotal in building and maintaining the cloud infrastructure to ensure reliability, scalability, and security of applications and services. You will work collaboratively with cross-functional teams to implement and automate CI/CD pipelines, manage cloud resources, and enhance development and deployment processes. Your responsibilities will include designing, implementing, and maintaining CI/CD pipelines using tools like Azure DevOps, Jenkins, and Git. Automating infrastructure provisioning and management through Ansible, Terraform, and Azure Cloud Native services will be a key aspect of your role. Collaboration with development teams to optimize application performance and scalability will also be crucial. Monitoring and alerting solutions using tools such as Dynatrace, Splunk, and Kibana will be part of your tasks. You will conduct security testing and vulnerability assessments utilizing SAST and DAST tools, troubleshoot and resolve production issues to ensure high availability and reliability of systems, and continuously enhance processes, tools, and infrastructure for increased efficiency. Staying abreast of industry trends and best practices in DevOps, SRE, and cloud technologies, identifying issues, recommending solutions, and complying with company policies and directives will be essential. The role requires a Bachelor's degree in Computer Science, Engineering, or related field, along with 3-6 years of experience in a similar role. Solid experience with Azure DevOps, Jenkins, Ansible, Terraform, Azure Cloud Native services, SAST and DAST tools, Git, Github, monitoring and logging tools, CI/CD pipelines, and automation workflows are necessary qualifications. Proven troubleshooting, communication, collaboration, and problem-solving skills are crucial. The ability to work both independently and in a team environment is also required. In this role, you will have the opportunity to make a significant impact on the communities served by advancing health equity on a global scale. Join us at Optum to contribute to caring, connecting, and growing together.,

Strong knowledge of ASP.NET Web Forms, Windows services, C# SQL Server 2008.Hands-on experience Azure DevOps, CICDworking with DevOps Net Framework 4.x and aboveWebAPI, WCF, Microsoft reporting tool (RDL) SSRSIIS SQL designDevSecOps tests: SAST, DAST

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards.Themanageroftheapplicationsecurityprogramwillberesponsible for - 1. To Integratesecuritytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP

Job Tittle - Security Test Engineer Job Type: Full-time EXP 5+ Years Location - Gurgaon Roles & Responsibilities: Perform Security Assessments: Conduct various types of security testing, including: 1. Penetration Testing : Perform black-box, gray-box, and white-box penetration testing on web applications, APIs, mobile applications (iOS/Android), and network infrastructure. 2. Vulnerability Assessments : Utilize automated and manual techniques to identify security weaknesses. 3. Static Application Security Testing (SAST) : Analyze source code to identify potential vulnerabilities. 4. Dynamic Application Security Testing (DAST) : Test applications in a running state and vulnerabilities. 5. Interactive Application Security Testing (IAST) : Combine elements of SAST and DAST for comprehensive testing. 6. Configuration Reviews : Assess the security posture of various systems and applications. 7. Threat Modeling: Participate in threat modeling sessions to identify potential attack vectors and vulnerabilities early in the development lifecycle. 8. Vulnerability Management: Document identified vulnerabilities clearly and concisely, including steps to reproduce, impact, and severity. Communicate findings to development teams and stakeholders effectively. Track and manage vulnerabilities through their lifecycle, from discovery to remediation and retesting. Provide guidance and recommendations to development teams on remediation strategies. 9. Security Tooling & Automation : - Utilize and configure security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus, Acunetix, Fortify, Checkmarx, Metasploit). - Develop and implement automated security tests and scripts to improve efficiency. - Stay up-to-date with the latest security testing tools, techniques, and best practices. 10. Collaboration & Communication: - Collaborate closely with development, DevOps, QA, and product teams to integrate security into the SDLC (Secure SDLC). - Educate and mentor developers on secure coding practices and common vulnerabilities. - Participate in security code reviews. - Present security findings and recommendations to technical and non-technical audiences. 11. Research & Development: - Stay informed about emerging security threats, attack vectors, and industry trends. - Contribute to the improvement of security testing methodologies and processes. Participate in security community activities, conferences, and training. Required Skills & Qualifications : - Education : Bachelor's degree in computer science, Information Security, or a related field (or equivalent practical experience). - Experience : Mid-Level: 3-6 years of experience in security testing, penetration testing, or application security. Senior Level: 6+ years of experience in security testing, leading penetration testing engagements and architecting secure solutions. Technical Skills : - Strong understanding of web application security vulnerabilities (e.g., OWASP Top 10, SANS Top 25). o Proficiency with security testing tools (e.g., Burp Suite, OWASP ZAP, Nmap, Metasploit). - Experience with various operating systems (Linux, Windows). - Familiarity with scripting languages (e.g., Python, Ruby, PowerShell, Bash). Understanding of network protocols, firewalls, and intrusion detection/prevention systems. - Knowledge of secure coding principles and common programming languages (e.g., Java, Python, C#, JavaScript, Node.js). - Experience with cloud security (AWS, Azure, GCP) is a strong plus. Familiarity with CI/CD pipelines and integrating security into automated workflows. Soft Skills : - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical audiences. - Ability to work independently and as part of a team. - High attention to detail and a methodical approach to testing. - Curiosity and a strong desire to learn and stay current with security trends. Desired Certifications (Plus, but not required): OSCP OSWE CEH (Certified Ethical Hacker) CompTIA Security+ SANS certifications (e.g., GWEB, GWAPT, GPEN) CSSLP (Certified Secure Software Lifecycle Professional)

Skill required: Tech for Operations - Microsoft ASP.NET Designation: SW/App/Cloud Tech Support Sr Analyst Qualifications: Any Graduation Years of Experience: 5 to 8 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationA platform to create dynamic and interactive Web applications using server-side scripting technology. What are we looking for Job SpecificationOverall Skills to manage & work on SQL & .Net technologies while working in collaborative and high-performance team environment.ResponsibilitiesFull Stack .net, MS SQL, LinQ, SQL Stored procedures, SSRSDev experience around 5+ yearsexperience with DAST/SAST vulnerabilities, scans, APIs etc. QualificationsExpertise & understanding in Full stack technologies with 5+years experience.Analytical, problem-solving skills.Strong empathy in understanding client needs/requirements.Communication and presentation skills.Representative behavior, client-facing experience.Strong team player with drive. Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification Any Graduation

Job Role : DevOps Engineer Year Of Experience- 2–3 Years Location: Ghansoli Education: BE/ B.Tech Overview : Looking for a motivated and skilled DevSecOps Engineer with 2–3 years of hands-on experience in implementing DevSecOps practices, CI/CD pipelines, and integrating security into the development lifecycle. The ideal candidate will have working knowledge of Kubernetes (K8S), cloud platforms like GKE and AKS, and build/deployment automation tools including Azure DevOps and Jenkins. Experience with security scanning tools (SAST, DAST, Fortify, SonarQube) and scripting knowledge in Groovy, ANT, and JavaScript is essential. Job Role: • Design, implement, and maintain secure and scalable CI/CD pipelines. • Integrate security tools and processes into DevOps workflows (DevSecOps). • Automate infrastructure and deployments using Azure DevOps and Jenkins. • Deployment using On-Premises K8S clusters and Manage Kubernetes clusters - GKE and AKS. • Deployment using Windows based servers - IIS • Implement and maintain Static and Dynamic Application Security Testing (SAST/DAST) tools. • Integrate and configure Fortify, SonarQube, and other security tools into pipelines. • Write and maintain automation scripts using Groovy, ANT, and JavaScript. • Collaborate with development, QA, and security teams to ensure secure software delivery. • Conduct security assessments and remediations as part of the SDLC. Required Skills & Qualifications : • Bachelor degree in Engineering or Equivalent. • 2–3 years of hands-on experience in DevSecOps / DevOps. • Strong knowledge and hands-on experience with: - Azure DevOps Pipelines and Jenkins for CI/CD. - Security tools: Fortify, SonarQube, Blackduck, DAST/SAST tools (e.g., OWASP ZAP, Burp Suite, etc.). - Kubernetes (K8s) – with GKE and AKS. • Proficiency in scripting languages such as Groovy, ANT, and JavaScript. • Basic programming / scripting capabilities to automate security checks & workflows. • Understanding of application security principles and best practices. • Experience working in Agile and collaborative team environments. • Excellent troubleshooting, documentation, and communication skills.

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Design, develop, and maintain automated test scripts using Playwright with TypeScript/JavaScript, as well as Selenium with Java, to ensure comprehensive test coverage across applications. Enhance the existing Playwright framework by implementing modular test design and optimizing performance, while also utilizing Cucumber for Behavior-Driven Development (BDD) scenarios. Execute functional, regression, integration, performance, and security testing of web applications, APIs and microservices. Collaborate in an Agile environment, participating in daily stand-ups, sprint planning, and retrospectives to ensure alignment on testing strategies and workflows. Troubleshoot and analyze test failures and defects using debugging tools and techniques, including logging and tracing within Playwright, Selenium, Postman, Grafana, etc. Document and report test results, defects, and issues using Jira and Confluence, ensuring clarity and traceability for all test activities. Implement page object models and reusable test components in both Playwright and Selenium to promote code reusability and maintainability. Integrate automated tests into CI/CD pipelines using Jenkins and GitHub Actions, ensuring seamless deployment and testing processes. Collaborate on Git for version control, managing branches and pull requests to maintain code quality and facilitate teamwork. Mentor and coach junior QA engineers on best practices for test automation, Playwright and Selenium usage, and CI/CD workflows. Research and evaluate new tools and technologies to enhance testing processes and coverage. WHAT DO YOU NEED TO SHINE IN THIS ROLE? Bachelor?s degree in Computer Science, Engineering, or related field, or equivalent work experience. At least 5 years of experience in software testing, with at least 3 years of experience in test automation. Ability to write functional test, test plan and test strategies Ability to configure test environment and test data using automation tools Experience in creation of an automated regress / CI test suite using Cucumber with Playwright (Preferred) or Selenium and Rest APIs Proficient in one or more programming languages - Java, Javascript or Typescript. Experience in testing web applications, APIs, and microservices using various tools and frameworks such as Selenium, Cucumber etc. Experience in testing SAST/DAST tools (Preferred) Experience in working with cloud platforms such as AWS, Azure, GCP, etc. Experience in working with CI/CD tools such as Jenkins, GitLab, GitHub, etc. Experience in writing queries and working with databases such as MySQL, MongoDB, Neo4j, Cassandra etc. Experience in working with tools such as Postman, JMeter, Grafana, etc. Exposure to Security standards and Compliance Experience in working with Agile methodologies such as Scrum, Kanban, etc. Ability to work independently and as part of a team. Ability to learn new technologies and tools quickly and adapt to changing requirements. Highly analytical mindset, logical approach to find solutions and perform root cause analysis Able to prioritize between critical and non critical path items Excellent communication skills with ability to communicate test results to stakeholders in the functional aspect of the system and its impact. WHAT YOU?LL GET Highly competitive compensation, benefits, and vacation package Ability to work for one of the fastest growing companies with some of the most talented people in the industry Team outings Fun, Hardworking, and Casual Environment Endless Growth Opportunities