616 Fortify Jobs - Page 16

Job Title: Associate Director / Director – VAPT Location: Mumbai Experience: 10+ years Work Mode: Onsite (Mumbai) Certification: OSCP preferred; other relevant certifications (e.g., OSCE, CISSP, CISM, GPEN) are an added advantage Role Overview: We are seeking an experienced cybersecurity leader to join our team as an Associate Director / Director – VAPT in Mumbai . The role demands a seasoned professional with deep expertise in Vulnerability Assessment and Penetration Testing across web, mobile, network, infrastructure, cloud, and source code environments. The ideal candidate will bring strong technical capabilities along with proven leadership in managing high-performing teams and driving large-scale security engagements for enterprise clients. Key Responsibilities: Leadership & Strategic Oversight: Lead the VAPT practice for the region, ensuring alignment with organizational goals and client expectations. Define and evolve methodologies, standards, and best practices for VAPT engagements. Collaborate with senior leadership and clients (CIOs, CISOs, Risk Heads) on cybersecurity strategy, roadmap, and execution. Lead business development , proposal creation, RFP responses, and pre-sales activities. Delivery & Engagement Management: Oversee multiple VAPT projects spanning web, mobile, infrastructure, cloud, IoT, and source code . Ensure high-quality delivery of technical assessments, risk reporting, and mitigation recommendations . Monitor project performance, client satisfaction, and profitability. Act as a technical escalation point for complex and critical vulnerabilities. Team Development & Mentorship: Build, mentor, and retain a team of high-caliber security professionals. Conduct knowledge-sharing sessions, lead training initiatives, and promote internal capability building. Encourage a culture of continuous learning, innovation, and ethical hacking . Desired Skills & Experience: 12+ years of overall cybersecurity experience with a strong focus on VAPT and Red Team assessments . Proven expertise in conducting and managing manual and advanced penetration testing of applications, networks, and cloud environments. Familiarity with tools like Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. Solid understanding of security frameworks and standards : OWASP, NIST, MITRE ATT&CK, ISO 27001, PCI-DSS, RBI guidelines. Strong knowledge of secure coding practices and experience in reviewing source code in multiple languages. Exposure to cloud platforms (AWS, Azure, GCP) and DevSecOps is preferred. Excellent communication, stakeholder management, and team leadership skills. OSCP certification is preferred ; additional credentials such as OSCE, CISSP, CISM, GPEN are a plus. Show more Show less

Job Title: Consultant / Senior Consultant – VAPT Location: Gurgaon Experience: 2+ years Work Mode: Onsite (Gurgaon) Certification: OSCP – Mandatory Notice Period: Immediate joiners preferred Role Overview: We are looking for highly motivated and technically skilled Consultants / Senior Consultants with a passion for offensive security to join our Vulnerability Assessment and Penetration Testing (VAPT) team in Gurgaon . The ideal candidate will possess strong hands-on experience in application and infrastructure security testing, with the ability to identify and exploit vulnerabilities using both manual and automated techniques. Key Responsibilities: Perform manual and automated penetration testing of web applications, mobile apps, infrastructure, network, and cloud environments . Identify vulnerabilities, simulate real-world attacks, and provide actionable remediation steps. Conduct source code reviews to identify security flaws in programming logic. Create and deliver detailed technical reports and executive summaries . Stay up to date with the latest vulnerabilities, attack vectors, and security trends. Adhere to industry standards and frameworks such as OWASP, NIST, ISO 27001, PCI-DSS, and RBI cybersecurity guidelines . Collaborate with internal stakeholders and clients to explain findings and support remediation. Required Skills & Qualifications: Minimum 2 years of relevant experience in VAPT / offensive security . Strong command of manual testing techniques beyond tool-based assessments. Hands-on experience with tools like Burp Suite, Nmap, Metasploit, Nessus, Wireshark, AppScan, Fortify , etc. Experience in web, mobile, infrastructure, and source code assessments . Solid understanding of network protocols, operating systems (Linux/Windows), firewalls, proxies, and security controls . Mandatory: Valid OSCP certification . Proficiency in one or more scripting languages (e.g., Python, Bash) is an advantage. Excellent analytical, documentation, and communication skills. Show more Show less

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Software Engineer Overview Prepaid Management Services is the division of MasterCard that concentrates on Prepaid Solutions such as our Multi-Currency CashPassport product. Traditionally focused on the Travel sector this business unit is driving forward Prepaid throughout the world with innovative and leading solutions that we integrate with Global brands. This role is within the Global Technology Services (GTS) team which is part of the wider MasterCard Operations & Technologies group. We provide high quality evolutionary and operational capabilities to support the MasterCard Prepaid Management Services business. A hands-on software engineer working within multi-disciplined, agile teams. Responsible for producing high-quality, appropriate web-based solutions for both internal and external customers in Prepaid Management Services. Responsible for the development produced by the Scrum team, ensuring all development work adheres to design and development standards, guidelines and roadmap defined by the Prepaid Management Services Leadership and Architecture teams. Contributes to the coding and testing of new development and changes, ensuring the code is maintainable and to a high standard of quality. Have you worked in application development in a fast paced Agile environment? Are you passionate about providing technology driven solutions to address business needs? Can you provide innovative ideas and ensures continuous improvement as part of day to day work? Role Key Responsibilities Take a participatory role in sprint planning, daily stand-ups, demonstrations and retrospectives. Analyse current processes and systems to produce designs that can be scaled and evolved. Can translate a technical design to implemented code. Responsible for the development of readable and maintainable code, and appropriate unit tests. Actively seeks to minimize code and simplify architecture. Support test and build automation. Produce high-level and detailed estimates. Adheres to the development process and suggests improvements where appropriate. Ensures individual and team tasks are performed on-time by communicating and working closely with other members of the team. Retains a focus on completion, identifying and resolving issues. Produces technical design documentation as required and ensures work complies with the architectural roadmap. Identifies and updates existing design documents impacted due to changes All About You Key Skills and Experience Required Good experience in JAVA development (JAVA 6+, Hibernate, Spring, Spring boot, WebServices (REST and SOAP), Eclipse, Apache), Angular JS, Scala Good database development knowledge (Oracle v10+, PLSQL) Experience with test-driven development practices and technologies, e.g. JUnit, Maven, etc. Experience with CI/CD using Jenkins pipeline Experience with Agile development methods Experience with version control systems (GIT), and CI tools (Jenkins, Fortify, Sonar) Strong oral and written communication skills Desirable SDLC support tools (ALM, Confluence, Selenium, Sharepoint) Code packaging and deployment automation Financial services experience (Cards/PCI) Personal Qualities Flexible Creative Excellent problem solving skills Good communicator Self-starter Leadership ability Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. R-250465 Show more Show less

Position Summary ApplicationSecurity—Solution Delivery Advisor Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’sCyberRiskServiceshavebeenrecognizedasaleaderbyanumberofindependentanalystfirms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do As a Consultant in the hybrid operate business, you are responsible for adhering to the defined operatingproceduresandguidelinesinoperatingthe applicationsecurityservicesintheManagedServicesmodel, which includes the following: UnderstandandbecompliantwiththeServiceLevelAgreementsdefinedfortheDevSecOps services; Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoringandperformingthe securitydesignreview,architecturereview,threatmodeling, security testing, secure code review, secure build processes; Well versed with the application deployment and configuration baselines, and understanding of how theapplicationenvironmentoperatesinasecureenvironmentandhowexceptionsarehandledduring operations; Facilitateuseoftechnology-basedtoolsormethodologiestocontinuouslyimprovethemonitoring, management and reliability of the service; Performmanualandautomatedsecurityassessmentofthe applications; Involvedintriaginganddefecttrackingprocesswiththedevelopmentteamandhelpingtheteamto fix issues at the code level based on the priority of the tickets; BealiaisonbetweentheApplicationdevelopmentandinfrastructureteam,andintegratethe processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying,researchingandanalyzingapplicationsecurityeventswhichmayincludeemergingand existing persistent threats to the client's environment; and Performingactivemonitoringandtrackingofapplicationrelatedthreatactorsandtactics,techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependenciesfortheirday-to-dayoperations.Theprocessenablestheclienttoaddresskeyvulnerabilitiesandrisks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threattoanorganization.Thisdetectionofapplicationthreats/vulnerabilitiesiscarriedoutusingauniqueblendofour applicationsecuritytestingandmonitoringtoolsandintelligencedatacollectedthroughourvastexperiencewithinthe Advice and Implement business. Required: Minimumof3-5years’experienceinapplicationsecuritydevelopment,securitytesting,deploymentand security management phases; Deepinterestinapplicationspecificvulnerabilities,codedevelopmentandinfrastructure knowledge; Investigativeandanalyticalproblem-solving skills; Experienceincollecting,analyzing,andinterpretingqualitativeandquantitativedatafromdefinedapplication security services related sources (tools, monitoring techniques etc.) KnowledgeandexperienceofOWASPTop10,SANSSecureProgramming,SecurityEngineering Principles; Hands-onexperienceinperformingcodereviewofdotNet,JavaandSwiftand objectiveC code; Hands-onexperienceinrunning,installingandmanagingSAST,DAST , SCA andIASTsolutions,suchasCheckmarx, Fortify and Contrast in large enterprise Understandingofleadingvulnerabilityscoringstandards,suchasCVSS,andabilitytotranslatevulnerability severity as security risk; Hands-onexperienceonatleastoneCI/CDtoolsetandbuildingpipelines usingTeamcity,Bamboo,Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; HandsonexperienceoncontainertechnologysuchasKubernetes,Dockers,AKS, EKS. Knowledgeofcloudenvironmentsanddeploymentsolutionssuchasserverless computing; Handsonexperiencein penetrationtestingofmobile,desktopandweb applications; Musthaveexperienceinwritingcustomexploitationscriptsand utilities; Possessionofexcellentoralandwrittencommunication skill; Knowledgeofoneormorescriptinglanguagesforautomationandcomplex searches; MusthavecloudsecurityspecializationinSecurity; and Certificationsuchas EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc.are preferred. Preferred: Bachelor’sincomputerscience orothertechnical fields; Experienceincloud service providerssuchasAWS, GCP, Azure, Oracleare preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. SolidanddemonstrablecomprehensionofInformationSecurityincludingOWASP/SANS,SecurityTestCase development(ormis-usecase). Understandingofsecurityessentialsincluding;networkingconcepts,defensestrategies,andcurrentsecurity technologies Abilitytoresearchandcharacterizesecuritythreatstoincludeidentificationandclassificationofapplicationrelated threat indicators Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin theirown way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-basedlearning,andeLearning.DeloitteUniversity(DU):TheLeadershipCenterinIndia,ourstate-of-the-art, world-classlearningcenterintheHyderabadoffice,isanextensionoftheDUinWestlake,Texas,andrepresents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandare continuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesour diversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301444 Show more Show less

Position Summary ApplicationSecurity—Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’sCyberRiskServiceshavebeenrecognizedasaleaderbyanumberofindependentanalystfirms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do As a Senior Consultant in the hybrid operate business, you are responsible for adhering to the defined operatingproceduresandguidelinesinoperatingthe applicationsecurityservicesintheManagedServicesmodel, which includes the following: UnderstandandbecompliantwiththeServiceLevelAgreementsdefinedfortheDevSecOps services; Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoringandperformingthe securitydesignreview,architecturereview,threatmodeling, security testing, secure code review, secure build processes; Well versed with the application deployment and configuration baselines, and understanding of how theapplicationenvironmentoperatesinasecureenvironmentandhowexceptionsarehandledduring operations; Facilitateuseoftechnology-basedtoolsormethodologiestocontinuouslyimprovethemonitoring, management and reliability of the service; Performmanualandautomatedsecurityassessmentofthe applications; Involvedintriaginganddefecttrackingprocesswiththedevelopmentteamandhelpingtheteamto fix issues at the code level based on the priority of the tickets; BealiaisonbetweentheApplicationdevelopmentandinfrastructureteam,andintegratethe processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying,researchingandanalyzingapplicationsecurityeventswhichmayincludeemergingand existing persistent threats to the client's environment; and Performingactivemonitoringandtrackingofapplicationrelatedthreatactorsandtactics,techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependenciesfortheirday-to-dayoperations.Theprocessenablestheclienttoaddresskeyvulnerabilitiesandrisks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threattoanorganization.Thisdetectionofapplicationthreats/vulnerabilitiesiscarriedoutusingauniqueblendofour applicationsecuritytestingandmonitoringtoolsandintelligencedatacollectedthroughourvastexperiencewithinthe Advice and Implement business. Required: Minimumof5-7 years’experienceinapplicationsecuritydevelopment,securitytesting,deploymentand security management phases; Deepinterestinapplicationspecificvulnerabilities,codedevelopmentandinfrastructure knowledge; Investigativeandanalyticalproblem-solving skills; Experienceincollecting,analyzing,andinterpretingqualitativeandquantitativedatafromdefinedapplication security services related sources (tools, monitoring techniques etc.) KnowledgeandexperienceofOWASPTop10,SANSSecureProgramming,SecurityEngineering Principles; Hands-onexperienceinperformingcodereviewofdotNet,JavaandSwiftand objectiveC code; Hands-onexperienceinrunning,installingandmanagingSAST,DAST , SCA andIASTsolutions,suchasCheckmarx, Fortify and Contrast in large enterprise Understandingofleadingvulnerabilityscoringstandards,suchasCVSS,andabilitytotranslatevulnerability severity as security risk; Hands-onexperienceonatleastoneCI/CDtoolsetandbuildingpipelines usingTeamcity,Bamboo,Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; HandsonexperienceoncontainertechnologysuchasKubernetes,Dockers,AKS, EKS. Knowledgeofcloudenvironmentsanddeploymentsolutionssuchasserverless computing; Handsonexperiencein penetrationtestingofmobile,desktopandweb applications; Musthaveexperienceinwritingcustomexploitationscriptsand utilities; Possessionofexcellentoralandwrittencommunication skill; Knowledgeofoneormorescriptinglanguagesforautomationandcomplex searches; MusthavecloudsecurityspecializationinSecurity; and Certificationsuchas EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc.are preferred. Preferred: Bachelor’sincomputerscience orothertechnical fields; Experienceincloud service providerssuchasAWS, GCP, Azure, Oracleare preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. SolidanddemonstrablecomprehensionofInformationSecurityincludingOWASP/SANS,SecurityTestCase development(ormis-usecase). Understandingofsecurityessentialsincluding;networkingconcepts,defensestrategies,andcurrentsecurity technologies Abilitytoresearchandcharacterizesecuritythreatstoincludeidentificationandclassificationofapplicationrelated threat indicators Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin theirown way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-basedlearning,andeLearning.DeloitteUniversity(DU):TheLeadershipCenterinIndia,ourstate-of-the-art, world-classlearningcenterintheHyderabadoffice,isanextensionoftheDUinWestlake,Texas,andrepresents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandare continuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesour diversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301449 Show more Show less

Position Summary ApplicationSecurity—Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’sCyberRiskServiceshavebeenrecognizedasaleaderbyanumberofindependentanalystfirms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do As a Senior Consultant in the hybrid operate business, you are responsible for adhering to the defined operatingproceduresandguidelinesinoperatingthe applicationsecurityservicesintheManagedServicesmodel, which includes the following: UnderstandandbecompliantwiththeServiceLevelAgreementsdefinedfortheDevSecOps services; Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoringandperformingthe securitydesignreview,architecturereview,threatmodeling, security testing, secure code review, secure build processes; Well versed with the application deployment and configuration baselines, and understanding of how theapplicationenvironmentoperatesinasecureenvironmentandhowexceptionsarehandledduring operations; Facilitateuseoftechnology-basedtoolsormethodologiestocontinuouslyimprovethemonitoring, management and reliability of the service; Performmanualandautomatedsecurityassessmentofthe applications; Involvedintriaginganddefecttrackingprocesswiththedevelopmentteamandhelpingtheteamto fix issues at the code level based on the priority of the tickets; BealiaisonbetweentheApplicationdevelopmentandinfrastructureteam,andintegratethe processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying,researchingandanalyzingapplicationsecurityeventswhichmayincludeemergingand existing persistent threats to the client's environment; and Performingactivemonitoringandtrackingofapplicationrelatedthreatactorsandtactics,techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependenciesfortheirday-to-dayoperations.Theprocessenablestheclienttoaddresskeyvulnerabilitiesandrisks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threattoanorganization.Thisdetectionofapplicationthreats/vulnerabilitiesiscarriedoutusingauniqueblendofour applicationsecuritytestingandmonitoringtoolsandintelligencedatacollectedthroughourvastexperiencewithinthe Advice and Implement business. Required: Minimumof5-7 years’experienceinapplicationsecuritydevelopment,securitytesting,deploymentand security management phases; Deepinterestinapplicationspecificvulnerabilities,codedevelopmentandinfrastructure knowledge; Investigativeandanalyticalproblem-solving skills; Experienceincollecting,analyzing,andinterpretingqualitativeandquantitativedatafromdefinedapplication security services related sources (tools, monitoring techniques etc.) KnowledgeandexperienceofOWASPTop10,SANSSecureProgramming,SecurityEngineering Principles; Hands-onexperienceinperformingcodereviewofdotNet,JavaandSwiftand objectiveC code; Hands-onexperienceinrunning,installingandmanagingSAST,DAST , SCA andIASTsolutions,suchasCheckmarx, Fortify and Contrast in large enterprise Understandingofleadingvulnerabilityscoringstandards,suchasCVSS,andabilitytotranslatevulnerability severity as security risk; Hands-onexperienceonatleastoneCI/CDtoolsetandbuildingpipelines usingTeamcity,Bamboo,Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; HandsonexperienceoncontainertechnologysuchasKubernetes,Dockers,AKS, EKS. Knowledgeofcloudenvironmentsanddeploymentsolutionssuchasserverless computing; Handsonexperiencein penetrationtestingofmobile,desktopandweb applications; Musthaveexperienceinwritingcustomexploitationscriptsand utilities; Possessionofexcellentoralandwrittencommunication skill; Knowledgeofoneormorescriptinglanguagesforautomationandcomplex searches; MusthavecloudsecurityspecializationinSecurity; and Certificationsuchas EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc.are preferred. Preferred: Bachelor’sincomputerscience orothertechnical fields; Experienceincloud service providerssuchasAWS, GCP, Azure, Oracleare preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. SolidanddemonstrablecomprehensionofInformationSecurityincludingOWASP/SANS,SecurityTestCase development(ormis-usecase). Understandingofsecurityessentialsincluding;networkingconcepts,defensestrategies,andcurrentsecurity technologies Abilitytoresearchandcharacterizesecuritythreatstoincludeidentificationandclassificationofapplicationrelated threat indicators Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin theirown way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-basedlearning,andeLearning.DeloitteUniversity(DU):TheLeadershipCenterinIndia,ourstate-of-the-art, world-classlearningcenterintheHyderabadoffice,isanextensionoftheDUinWestlake,Texas,andrepresents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandare continuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesour diversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301449 Show more Show less

Position Summary ApplicationSecurity—Solution Delivery Advisor Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’sCyberRiskServiceshavebeenrecognizedasaleaderbyanumberofindependentanalystfirms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do As a Consultant in the hybrid operate business, you are responsible for adhering to the defined operatingproceduresandguidelinesinoperatingthe applicationsecurityservicesintheManagedServicesmodel, which includes the following: UnderstandandbecompliantwiththeServiceLevelAgreementsdefinedfortheDevSecOps services; Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoringandperformingthe securitydesignreview,architecturereview,threatmodeling, security testing, secure code review, secure build processes; Well versed with the application deployment and configuration baselines, and understanding of how theapplicationenvironmentoperatesinasecureenvironmentandhowexceptionsarehandledduring operations; Facilitateuseoftechnology-basedtoolsormethodologiestocontinuouslyimprovethemonitoring, management and reliability of the service; Performmanualandautomatedsecurityassessmentofthe applications; Involvedintriaginganddefecttrackingprocesswiththedevelopmentteamandhelpingtheteamto fix issues at the code level based on the priority of the tickets; BealiaisonbetweentheApplicationdevelopmentandinfrastructureteam,andintegratethe processes between infrastructure monitoring and operations processes with the secure development/testing and management processes; Identifying,researchingandanalyzingapplicationsecurityeventswhichmayincludeemergingand existing persistent threats to the client's environment; and Performingactivemonitoringandtrackingofapplicationrelatedthreatactorsandtactics,techniques and procedures (TTPs), that could likely cause an impact to client organization The team Deloitte’s DevSecOps is a standardized process, to help clients with large development functions, and application dependenciesfortheirday-to-dayoperations.Theprocessenablestheclienttoaddresskeyvulnerabilitiesandrisks associated with their various application environment at different stages of their development lifecycle. At the core of our Application Security Managed Services Team professionals monitors, collects and analyses security related issues on application environment (both at code level and infrastructure level), that may potentially become a threattoanorganization.Thisdetectionofapplicationthreats/vulnerabilitiesiscarriedoutusingauniqueblendofour applicationsecuritytestingandmonitoringtoolsandintelligencedatacollectedthroughourvastexperiencewithinthe Advice and Implement business. Required: Minimumof3-5years’experienceinapplicationsecuritydevelopment,securitytesting,deploymentand security management phases; Deepinterestinapplicationspecificvulnerabilities,codedevelopmentandinfrastructure knowledge; Investigativeandanalyticalproblem-solving skills; Experienceincollecting,analyzing,andinterpretingqualitativeandquantitativedatafromdefinedapplication security services related sources (tools, monitoring techniques etc.) KnowledgeandexperienceofOWASPTop10,SANSSecureProgramming,SecurityEngineering Principles; Hands-onexperienceinperformingcodereviewofdotNet,JavaandSwiftand objectiveC code; Hands-onexperienceinrunning,installingandmanagingSAST,DAST , SCA andIASTsolutions,suchasCheckmarx, Fortify and Contrast in large enterprise Understandingofleadingvulnerabilityscoringstandards,suchasCVSS,andabilitytotranslatevulnerability severity as security risk; Hands-onexperienceonatleastoneCI/CDtoolsetandbuildingpipelines usingTeamcity,Bamboo,Jenkins, Chef, Puppet, selenium, AWS and AZURE DevOps; HandsonexperienceoncontainertechnologysuchasKubernetes,Dockers,AKS, EKS. Knowledgeofcloudenvironmentsanddeploymentsolutionssuchasserverless computing; Handsonexperiencein penetrationtestingofmobile,desktopandweb applications; Musthaveexperienceinwritingcustomexploitationscriptsand utilities; Possessionofexcellentoralandwrittencommunication skill; Knowledgeofoneormorescriptinglanguagesforautomationandcomplex searches; MusthavecloudsecurityspecializationinSecurity; and Certificationsuchas EC-Council CEH (Certified Ethical Hacker), DevSecOps Professional (CDP) , ISC2 Certified Cloud Security Professional (CCSP), Certified API Security Professional (CASP) , CTMP (Certified Threat Modeling Professional) etc.are preferred. Preferred: Bachelor’sincomputerscience orothertechnical fields; Experienceincloud service providerssuchasAWS, GCP, Azure, Oracleare preferred Experience in implementing and managing security measures within Kubernetes environments, designing and enforcing advanced security protocols for API infrastructure, managing and optimizing our containerized applications using Docker, automating and managing our infrastructure as code using Terraform, automating IT processes and configurations using Ansible, and identifying and mitigating potential security threats through comprehensive threat modeling practices. SolidanddemonstrablecomprehensionofInformationSecurityincludingOWASP/SANS,SecurityTestCase development(ormis-usecase). Understandingofsecurityessentialsincluding;networkingconcepts,defensestrategies,andcurrentsecurity technologies Abilitytoresearchandcharacterizesecuritythreatstoincludeidentificationandclassificationofapplicationrelated threat indicators Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin theirown way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-basedlearning,andeLearning.DeloitteUniversity(DU):TheLeadershipCenterinIndia,ourstate-of-the-art, world-classlearningcenterintheHyderabadoffice,isanextensionoftheDUinWestlake,Texas,andrepresents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandare continuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesour diversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301444 Show more Show less

Job Description: You are passionate about quality and how customers experience the products you test. You have the ability to create, maintain and execute test plans in order to verify requirements. As a Quality Engineer at Equifax, you will be a catalyst in both the development and the testing of high priority initiatives. You will develop and test new products to support technology operations while maintaining exemplary standards. As a collaborative member of the team, you will deliver Quality Engineering services (code quality, testing services, performance engineering, development collaboration and continuous integration). You will conduct quality control tests in order to ensure full compliance with specified standards and end user requirements. You will execute tests using established plans and scripts; document problems in an issues log and retest to ensure problems are resolved. You will create test files to thoroughly test program logic and verify system flow. You will identify, recommend and implement changes to enhance effectiveness of QE strategies. What you will do With limited oversight, use your experience and knowledge of testing and testability to influence better software design, promote proper engineering practice, bug prevention strategies, testability, accessibility, privacy, and other advanced quality concepts across solutions Develop test strategies, automate tests using test frameworks and write moderately complex code/scripts to test solutions, products and systems Monitor product development and usage at all levels with an eye for product quality. Create test harnesses and infrastructure as necessary Demonstrate an understanding of test methodologies, writing test plans, creating test cases and debugging What experience you need Bachelor's degree in a STEM major or equivalent experience 2-5 years of software testing experience Able to create automated test based on functional and non-functional requirements Self-starter that identifies/responds to priority shifts with minimal supervision. Software build management tools like Maven or Gradle Software testing tools like Cucumber, Selenium Software testing, performance, and quality engineering techniques and strategies Testing technologies: JIRA, Confluence, Office products Cloud technology: GCP, AWS, or Azure Cloud Certification Strongly Preferred What could set you apart Experience with cloud based testing environments(AWS,GCP) Hands-on experience working in Agile environments. Knowledge of API testing tools(Bruno,Swagger) and on SOAP API Testing using SoapUI. Certification in ISTQB or similar or Google cloud certification.. Experience with cutting-edge tools & technologies :Familiarity with the latest tools and technologies such as AI, machine learning and cloud computing. Expertise with cross device testing strategies and automation via device clouds Experience monitoring and developing resources Excellent coding and analytical skills Experience with performance engineering and profiling (e.g. Java JVM, Databases) and tools such as Load Runner, JMeter,Gatling Exposure to Application performance monitoring tools like Grafana & Datadog Ability to create good acceptance and integration test automation scripts and integrate with Continuous integration (Jenkins) and code coverage tools (Sonar) to ensure 80% or higher code coverage Experience working in a TDD/BDD environment and can utilize technologies such as JUnit, Rest Assured, Appium, Gauge/Cucumber frameworks, APIs (REST/SOAP). Understanding of Continuous Delivery concepts and can use tools including Jenkins and vulnerability tools such as Sonar,Fortify, etc. Experience in Lamba Testing for Cross browser testing A good understanding of Git version control,including branching strategies , merging and conflict resolution.

Job requisition ID :: 79285 Date: Jun 12, 2025 Location: Kochi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 83600 Date: Jun 12, 2025 Location: Delhi Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Line of Service Advisory Industry/Sector Not Applicable Specialism Microsoft Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a risk-based methodology and "shift-left" approach to engage early in the software development lifecycle. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: A career within…. Responsibilities: 1. Review application source code based on the industry standard security frameworks and organization's internal security policy. 2. Running the source code scan and analyzing the results derived from the SAST platform. 3. Coordinate with application development teams to ensure identified gaps are fixed in proper time. 4. Work with the application development team to eliminate false positives, to clarify compensating security controls. 5. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. 6. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. 7. Work closely with other team members, including project leads, regional leads and territory security leadership team. 8. Provide regular updates on progress and issues to project managers and stakeholders 9. Strong knowledge of secure coding practices and common security vulnerabilities (e.g., OWASP Top 10). 10. Strong knowledge of Industry standard SAST tools (e.g. Veracode, Fortify on Demand). 11. Strong knowledge of Industry standard SCA tools (e.g. Blackduck). 12. Strong knowledge in manual and tool-based code review process, focusing on OWASP methodology. 13. Strong Knowledge of security vulnerability identification and remediation methodologies. 14. Familiarity with industry standard security frameworks and policies. 15. Strong knowledge of DevSecOps practices and integration of security within CI/CD pipelines. Mandatory skill sets: VAPT, source code analysis, remediation, mitigation, vulnerability assessment, SAST, SCA, application security, white box testing, Veracode, Checkmarx , source code review. Preferred skill sets: CI/CD Pipelines Years of experience required: 4-7 Years Education qualification: B.Tech/B.E. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Code Review Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coding Standards, Communication, Creativity, Cybersecurity, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Information Security, Intellectual Curiosity, Learning Agility, LoadRunner (Software Testing Tool) {+ 30 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Additional Responsibilities: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting languages(e.g. Shell) Knowledge on DevSecOps Technical and Professional Requirements: Any specific tools required Burpsuite, WebInspect, Fortify, Zap, Checkmarx Preferred Skills: Technology->Security Testing->Security Testing - ALL

Equifax is where you can power your possible. If you want to achieve your true potential, chart new paths, develop new skills, collaborate with bright minds, and make a meaningful impact, we want to hear from you. Job Description You are passionate about quality and how customers experience the products you test. You have the ability to create, maintain and execute test plans in order to verify requirements. As a Quality Engineer at Equifax, you will be a catalyst in both the development and the testing of high priority initiatives. You will develop and test new products to support technology operations while maintaining exemplary standards. As a collaborative member of the team, you will deliver Quality Engineering services (code quality, testing services, performance engineering, development collaboration and continuous integration). You will conduct quality control tests in order to ensure full compliance with specified standards and end user requirements. You will execute tests using established plans and scripts; document problems in an issues log and retest to ensure problems are resolved. You will create test files to thoroughly test program logic and verify system flow. You will identify, recommend and implement changes to enhance effectiveness of QE strategies. What You Will Do With limited oversight, use your experience and knowledge of testing and testability to influence better software design, promote proper engineering practice, bug prevention strategies, testability, accessibility, privacy, and other advanced quality concepts across solutions Develop test strategies, automate tests using test frameworks and write moderately complex code/scripts to test solutions, products and systems Monitor product development and usage at all levels with an eye for product quality. Create test harnesses and infrastructure as necessary Demonstrate an understanding of test methodologies, writing test plans, creating test cases and debugging What Experience You Need Bachelor's degree in a STEM major or equivalent experience 2-5 years of software testing experience Able to create automated test based on functional and non-functional requirements Self-starter that identifies/responds to priority shifts with minimal supervision. Software build management tools like Maven or Gradle Software testing tools like Cucumber, Selenium Software testing, performance, and quality engineering techniques and strategies Testing technologies: JIRA, Confluence, Office products Cloud technology: GCP, AWS, or Azure Cloud Certification Strongly Preferred What Could Set You Apart Experience with cloud based testing environments(AWS,GCP) Hands-on experience working in Agile environments. Knowledge of API testing tools(Bruno,Swagger) and on SOAP API Testing using SoapUI. Certification in ISTQB or similar or Google cloud certification.. Experience with cutting-edge tools & technologies :Familiarity with the latest tools and technologies such as AI, machine learning and cloud computing. Expertise with cross device testing strategies and automation via device clouds Experience monitoring and developing resources Excellent coding and analytical skills Experience with performance engineering and profiling (e.g. Java JVM, Databases) and tools such as Load Runner, JMeter,Gatling Exposure to Application performance monitoring tools like Grafana & Datadog Ability to create good acceptance and integration test automation scripts and integrate with Continuous integration (Jenkins) and code coverage tools (Sonar) to ensure 80% or higher code coverage Experience working in a TDD/BDD environment and can utilize technologies such as JUnit, Rest Assured, Appium, Gauge/Cucumber frameworks, APIs (REST/SOAP). Understanding of Continuous Delivery concepts and can use tools including Jenkins and vulnerability tools such as Sonar,Fortify, etc. Experience in Lamba Testing for Cross browser testing A good understanding of Git version control,including branching strategies , merging and conflict resolution. We offer a hybrid work setting, comprehensive compensation and healthcare packages, attractive paid time off, and organizational growth potential through our online learning platform with guided career tracks. Are you ready to power your possible? Apply today, and get started on a path toward an exciting new career at Equifax, where you can make a difference! Who is Equifax? At Equifax, we believe knowledge drives progress. As a global data, analytics and technology company, we play an essential role in the global economy by helping employers, employees, financial institutions and government agencies make critical decisions with greater confidence. We work to help create seamless and positive experiences during life’s pivotal moments: applying for jobs or a mortgage, financing an education or buying a car. Our impact is real and to accomplish our goals we focus on nurturing our people for career advancement and their learning and development, supporting our next generation of leaders, maintaining an inclusive and diverse work environment, and regularly engaging and recognizing our employees. Regardless of location or role, the individual and collective work of our employees makes a difference and we are looking for talented team players to join us as we help people live their financial best. Equifax is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Show more Show less

Job Description: You are passionate about quality and how customers experience the products you test. You have the ability to create, maintain and execute test plans in order to verify requirements. As a Quality Engineer at Equifax, you will be a catalyst in both the development and the testing of high priority initiatives. You will develop and test new products to support technology operations while maintaining exemplary standards. As a collaborative member of the team, you will deliver Quality Engineering services (code quality, testing services, performance engineering, development collaboration and continuous integration). You will conduct quality control tests in order to ensure full compliance with specified standards and end user requirements. You will execute tests using established plans and scripts; document problems in an issues log and retest to ensure problems are resolved. You will create test files to thoroughly test program logic and verify system flow. You will identify, recommend and implement changes to enhance effectiveness of QE strategies. What You Will Do With limited oversight, use your experience and knowledge of testing and testability to influence better software design, promote proper engineering practice, bug prevention strategies, testability, accessibility, privacy, and other advanced quality concepts across solutions Develop test strategies, automate tests using test frameworks and write moderately complex code/scripts to test solutions, products and systems Monitor product development and usage at all levels with an eye for product quality. Create test harnesses and infrastructure as necessary Demonstrate an understanding of test methodologies, writing test plans, creating test cases and debugging What Experience You Need Bachelor's degree in a STEM major or equivalent experience 2-5 years of software testing experience Able to create automated test based on functional and non-functional requirements Self-starter that identifies/responds to priority shifts with minimal supervision. Software build management tools like Maven or Gradle Software testing tools like Cucumber, Selenium Software testing, performance, and quality engineering techniques and strategies Testing technologies: JIRA, Confluence, Office products Cloud technology: GCP, AWS, or Azure Cloud Certification Strongly Preferred What Could Set You Apart Experience with cloud based testing environments(AWS,GCP) Hands-on experience working in Agile environments. Knowledge of API testing tools(Bruno,Swagger) and on SOAP API Testing using SoapUI. Certification in ISTQB or similar or Google cloud certification.. Experience with cutting-edge tools & technologies :Familiarity with the latest tools and technologies such as AI, machine learning and cloud computing. Expertise with cross device testing strategies and automation via device clouds Experience monitoring and developing resources Excellent coding and analytical skills Experience with performance engineering and profiling (e.g. Java JVM, Databases) and tools such as Load Runner, JMeter,Gatling Exposure to Application performance monitoring tools like Grafana & Datadog Ability to create good acceptance and integration test automation scripts and integrate with Continuous integration (Jenkins) and code coverage tools (Sonar) to ensure 80% or higher code coverage Experience working in a TDD/BDD environment and can utilize technologies such as JUnit, Rest Assured, Appium, Gauge/Cucumber frameworks, APIs (REST/SOAP). Understanding of Continuous Delivery concepts and can use tools including Jenkins and vulnerability tools such as Sonar,Fortify, etc. Experience in Lamba Testing for Cross browser testing A good understanding of Git version control,including branching strategies , merging and conflict resolution. Show more Show less

Job Summary: We are hiring an experienced Application Security Engineer specializing in Java ADF and Jasper Reports, with a strong track record of resolving Vulnerability Assessment and Penetration Testing (VAPT) findings. The ideal candidate must have secured complex enterprise applications, including online payments and eCommerce systems, particularly on legacy stacks such as Java 1.7, MySQL 5.5, and JBoss 7.1. This role is hands-on and remediation-focused, requiring deep understanding of secure development and hardening in deprecated environments. Key Responsibilities: Lead remediation of high-priority VAPT findings in large-scale enterprise systems. Secure passwords and PII data at all stages: At view/input: masking, form validation, secure front-end patterns In transit: TLS, secure headers, HTTPS enforcement At rest: encryption, proper salting and hashing (e.g., bcrypt, SHA-256) Fix injection attacks (SQLi, XSS, LDAPi, command injection), CSRF, clickjacking, IDOR, and other OWASP Top 10 issues. Apply secure API integration practices: auth tokens, rate limiting, input validation. Harden session and cookie management (HttpOnly, Secure, SameSite attributes, session fixation prevention). Review and fix insecure code in ADF Faces, Task Flows, Bindings, BC4J, and Jasper Reports. Secure Jasper Reports generation and access (parameter validation, report-level authorization, export sanitization). Work hands-on with legacy platforms: Java 1.7, MySQL 5.5, JBoss 7.1 — applying secure remediation without disrupting production. Strengthen security of online payment/eCommerce systems with proven compliance (e.g., PCI-DSS). Maintain detailed remediation logs, documentation, and evidence for audits and compliance (GDPR, DPDPA, STQC, etc.). Technical Skills: Java EE, Oracle ADF (ADF Faces, Task Flows, BC4J), Jasper Reports Studio/XML Strong debugging skills in Java 1.7, MySQL 5.5, JBoss 7.1 Secure development lifecycle practices with a focus on legacy modernization Strong grounding in OWASP Top 10, SANS 25, CVSS, and secure coding principles Experience in PII handling, data masking, salting, and hashing Proficiency in OAuth2, SAML, JWT, and RBAC security models Performance improvement and application profiling Expertise in analyzing application, system, and security logs to identify and fix issues Ability to ensure application stability and high availability Be the champion/lead and guide the team to fix the issues PHP experience is a plus, especially in legacy web app environments Required Experience: 5–10+ years in application development and security Demonstrated experience remediating security vulnerabilities in eCommerce and payment platforms Ability to work independently in production environments with deprecated technologies Preferred Qualifications / Plus: B.E./B.Tech/MCA in Computer Science, IT, or Cybersecurity Use of AI tools for identification and fixing the issues is real plus Any VAPT or Application Security Certification is a plus (e.g., CEH, OSCP, CSSLP, GWAPT, Oracle Certified Expert) Familiarity with compliance standards: PCI-DSS, GDPR, DPDPA, STQC Proficiency with security tools: Fortify, ZAP, SonarQube, Checkmarx, Burp Suite Soft Skills: Strong problem-solving and diagnostic capabilities, especially in large monolithic codebases Good documentation and communication skills for cross-functional collaboration Able to work under pressure, troubleshoot complex issues, and deliver secure code fixes rapidly Show more Show less

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line /Function At BNP Paribas Deutschland, we are working on the next stage of banking and trading to allow our customers access to our services through modern third-party offerings. APIs enable us to work more closely with partners to create new solutions with added value for our customers. In addition to our existing APIs, we want to develop and implement new ideas, build a platform for developers and continuously work on the developer experience. In this way, we want to extend cooperation with large and small enterprises with the goal to build an ecosystem. Job Title Java API Backend Developer Date Department: ISPL – PI Germany Location: Chennai Reports To Business Line / Function: (Direct) Grade (if applicable) (Functional) Number Of Direct Reports Directorship / Registration: NA Position Purpose The developer helps with the development of API-related information systems and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in API activities of BNP Paribas candidate with SpringBoot, Hibernate, Oracle, RestAPI + Customer onboarding Project experience Developing API products in banking, trading and beyond banking Co-designing technical implementation of API strategy Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the API platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications Ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process Contributing Responsibilities Supporting design and implementation of internal APIs Supporting co-creation with partners with technical expertise Supporting implementation and maintenance of BNP Paribas API Policy Supporting requirements elicitation Co-designing API guidelines for internal software development Co-designing API lifecycle management Technical & Behavioral Competencies Bachelor’s Degree in computer science or computer engineering At least 7+ years of hands-on experience on Advance API development 7+ years of experience as software engineer Java EE including (Web Services, REST, JPA) Strong in Design Patterns, Hands on in Java 8,11 or 17 Hands on in RestAPI, Intermediate candidate with SpringBoot, Hibernate, Oracle, RestAPI + Customer onboarding Project experience Webservices : RestFull webservcie, REST API , Hands on in openAPI/Swagger Databases : Oracle/PostgreSqL CICD : Docker, Kubernetes , Jenkins, Maven, Pod Man Design , Develop and Maintain robust and Complex client facing applications that interacts with one to many interfaces. Core Skill Sets Intermediate candidate with SpringBoot, Hibernate, Oracle, RestAPI + Customer onboarding Project experience Strong Java technical Expertise Strong critical thinker with problem solving aptitude. Good written and oral communication skills Hands-on experience on API related activities: requirement analysis, design, resource-based API modeling, micro-services architecture Knowledge about API design standards, patterns and best-practices Hands-on experience in API security standards and implementation Hibernate or JOOQ Microservice Architecture Testing Junit & Mockito Specific Additional Skill Sets Working Knowledge on Angular, Web Design , CSS, TypeScript, EcmaScript 6. Cloud exp. with at least one of the following: OpenShift, AWS, Azure or Google Cloud Monitoring & Logging with at least one of the following: Prometheus, Grafana, ELK Stack or Cloud Watch WebFlux OPA (Open Policy Agent) Skills Referential Specific Qualifications (if required) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability To Develop Others & Improve Their Skills Ability to understand, explain and support change Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 7 years Show more Show less

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line /Function At BNP Paribas Deutschland, we are working on the next stage of banking and trading to allow our customers access to our services through modern third-party offerings. APIs enable us to work more closely with partners to create new solutions with added value for our customers. In addition to our existing APIs, we want to develop and implement new ideas, build a platform for developers and continuously work on the developer experience. In this way, we want to extend cooperation with large and small enterprises with the goal to build an ecosystem. Job Title Java API Developer Date Department: ISPL – PI Germany Location: Chennai Reports To Business Line / Function: (Direct) Grade (if applicable) (Functional) Number Of Direct Reports Directorship / Registration: NA Position Purpose The developer helps with the development of API-related information systems and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in API activities of BNP Paribas candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Developing API products in banking, trading and beyond banking Co-designing technical implementation of API strategy Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the API platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications, ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process Contributing Responsibilities Supporting design and implementation of internal APIs Supporting co-creation with partners with technical expertise Supporting implementation and maintenance of BNP Paribas API Policy Supporting requirements elicitation Co-designing API guidelines for internal software development Co-designing API lifecycle management Technical & Behavioral Competencies Bachelor’s Degree in computer science or computer engineering At least 7+ years of hands-on experience on Advance API development 7+ years of experience as software engineer Java EE including (Web Services, REST, JPA) Strong in Design Patterns, Hands on in Java 8,11 or 17 Hands on in RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Spring Boot, Spring Security, Spring Cloud, Spring Data JPA Webservices : RestFull webservcie, REST API , Hands on in openAPI/Swagger Databases : Oracle/PostgreSqL CICD : Docker, Kubernetes , Jenkins, Maven, Pod Man Design , Develop and Maintain robust and Complex client facing applications that interacts with one to many interfaces. Core Skill Sets Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Strong Java technical Expertise Strong critical thinker with problem solving aptitude. Good written and oral communication skills Hands-on experience on API related activities: requirement analysis, design, resource-based API modeling, micro-services architecture Knowledge about API design standards, patterns and best-practices Hands-on experience in API security standards and implementation Hibernate or JOOQ Microservice Architecture Testing Junit & Mockito Specific Additional Skill Sets Working Knowledge on Angular, Web Design , CSS, TypeScript, EcmaScript 6. Cloud exp. with at least one of the following: OpenShift, AWS, Azure or Google Cloud Monitoring & Logging with at least one of the following: Prometheus, Grafana, ELK Stack or Cloud Watch WebFlux OPA (Open Policy Agent) Skills Referential Specific Qualifications (if required) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability To Develop Others & Improve Their Skills Ability to understand, explain and support change Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 7 years Show more Show less

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line /Function At BNP Paribas Deutschland, we are working on the next stage of banking and trading to allow our customers access to our services through modern third-party offerings. APIs enable us to work more closely with partners to create new solutions with added value for our customers. In addition to our existing APIs, we want to develop and implement new ideas, build a platform for developers and continuously work on the developer experience. In this way, we want to extend cooperation with large and small enterprises with the goal to build an ecosystem. Job Title Java API Developer Date 19-May-2025 Department ISPL – PI Germany Location: Chennai Reports To Business Line / Function: (Direct) Grade (if applicable) (Functional) Number Of Direct Reports Directorship / Registration: NA Position Purpose The developer helps with the development of API-related information systems and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in API activities of BNP Paribas candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Developing API products in banking, trading and beyond banking Co-designing technical implementation of API strategy Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the API platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications Ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process Contributing Responsibilities Supporting design and implementation of internal APIs Supporting co-creation with partners with technical expertise Supporting implementation and maintenance of BNP Paribas API Policy Supporting requirements elicitation Co-designing API guidelines for internal software development Co-designing API lifecycle management Technical & Behavioral Competencies Bachelor’s Degree in computer science or computer engineering At least 7+ years of hands-on experience on Advance API development 7+ years of experience as software engineer Java EE including (Web Services, REST, JPA) Strong in Design Patterns, Hands on in Java 8,11 or 17 Hands on in RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Spring Boot, Spring Security, Spring Cloud, Spring Data JPA Webservices : RestFull webservcie, REST API , Hands on in openAPI/Swagger Databases : Oracle/PostgreSqL CICD : Docker, Kubernetes , Jenkins, Maven, Pod Man Design , Develop and Maintain robust and Complex client facing applications that interacts with one to many interfaces. Core Skill Sets Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Strong Java technical Expertise Strong critical thinker with problem solving aptitude. Good written and oral communication skills Hands-on experience on API related activities: requirement analysis, design, resource-based API modeling, micro-services architecture Knowledge about API design standards, patterns and best-practices Hands-on experience in API security standards and implementation Hibernate or JOOQ Microservice Architecture Testing Junit & Mockito Specific Additional Skill Sets Working Knowledge on Angular, Web Design , CSS, TypeScript, EcmaScript 6. Cloud exp. with at least one of the following: OpenShift, AWS, Azure or Google Cloud Monitoring & Logging with at least one of the following: Prometheus, Grafana, ELK Stack or Cloud Watch WebFlux OPA (Open Policy Agent) Skills Referential Specific Qualifications (if required) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability To Develop Others & Improve Their Skills Ability to understand, explain and support change Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 7 years Show more Show less

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line /Function At BNP Paribas Deutschland, we are working on the next stage of banking and trading to allow our customers access to our services through modern third-party offerings. APIs enable us to work more closely with partners to create new solutions with added value for our customers. In addition to our existing APIs, we want to develop and implement new ideas, build a platform for developers and continuously work on the developer experience. In this way, we want to extend cooperation with large and small enterprises with the goal to build an ecosystem. Job Title Java API Developer Date Department: ISPL – PI Germany Location: Chennai Reports To Business Line / Function: (Direct) Grade (if applicable) (Functional) Number Of Direct Reports Directorship / Registration: NA Position Purpose The developer helps with the development of API-related information systems and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in API activities of BNP Paribas candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Developing API products in banking, trading and beyond banking Co-designing technical implementation of API strategy Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the API platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications,ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process Contributing Responsibilities Supporting design and implementation of internal APIs Supporting co-creation with partners with technical expertise Supporting implementation and maintenance of BNP Paribas API Policy Supporting requirements elicitation Co-designing API guidelines for internal software development Co-designing API lifecycle management Technical & Behavioral Competencies Bachelor’s Degree in computer science or computer engineering At least 7+ years of hands-on experience on Advance API development 7+ years of experience as software engineer Java EE including (Web Services, REST, JPA) Strong in Design Patterns, Hands on in Java 8,11 or 17 Hands on in RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Spring Boot, Spring Security, Spring Cloud, Spring Data JPA Webservices : RestFull webservcie, REST API , Hands on in openAPI/Swagger Databases : Oracle/PostgreSqL CICD : Docker, Kubernetes , Jenkins, Maven, Pod Man Design , Develop and Maintain robust and Complex client facing applications that interacts with one to many interfaces. Core Skill Sets Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle, Openshift + Banking Application dev experience Strong Java technical Expertise Strong critical thinker with problem solving aptitude. Good written and oral communication skills Hands-on experience on API related activities: requirement analysis, design, resource-based API modeling, micro-services architecture Knowledge about API design standards, patterns and best-practices Hands-on experience in API security standards and implementation Hibernate or JOOQ Microservice Architecture Testing Junit & Mockito Specific Additional Skill Sets Working Knowledge on Angular, Web Design , CSS, TypeScript, EcmaScript 6. Cloud exp. with at least one of the following: OpenShift, AWS, Azure or Google Cloud Monitoring & Logging with at least one of the following: Prometheus, Grafana, ELK Stack or Cloud Watch WebFlux OPA (Open Policy Agent) Skills Referential Specific Qualifications (if required) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability To Develop Others & Improve Their Skills Ability to understand, explain and support change Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 7 years Show more Show less

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability. Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line /Function At BNP Paribas Deutschland, we are working on the next stage of banking and trading to allow our customers access to our services through modern third-party offerings. APIs enable us to work more closely with partners to create new solutions with added value for our customers. In addition to our existing APIs, we want to develop and implement new ideas, build a platform for developers and continuously work on the developer experience. In this way, we want to extend cooperation with large and small enterprises with the goal to build an ecosystem. Job Title Java API Backend Developer Date Department: ISPL – PI Germany Location: Chennai Reports To Business Line / Function: (Direct) Grade (if applicable) (Functional) Number Of Direct Reports Directorship / Registration: NA Position Purpose The developer helps with the development of API-related information systems and contributes to ensuring its continuity through personal effort as part of a team or to a limited extent within the department to achieve short-term and occasionally medium-term goals. They help in the development and realization of the software architecture as a contribution to high-quality software solutions in accordance with the applicable best practices (maintainable, safe, documented, scalable, testable and in accordance with the needs of the business area). Responsibilities Direct Responsibilities Participating in API activities of BNP Paribas Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle with inclination towards supporting API Automation testing Developing API products in banking, trading and beyond banking Co-designing technical implementation of API strategy Ensuring the timeliness of documentation, processes, and tool landscape Maintenance and development of the API platform Ensuring continuous delivery processes via automated pipelines Implementing and co-designing architectural specifications, ensuring software quality, test automation, and integration of tools (e.g., Sonar, Fortify) into development process Contributing Responsibilities Supporting design and implementation of internal APIs Supporting co-creation with partners with technical expertise Supporting implementation and maintenance of BNP Paribas API Policy Supporting requirements elicitation Co-designing API guidelines for internal software development Co-designing API lifecycle management Technical & Behavioral Competencies Bachelor’s Degree in computer science or computer engineering At least 7+ years of hands-on experience on Advance API development 7+ years of experience as software engineer Java EE including (Web Services, REST, JPA) Strong in Design Patterns, Hands on in Java 8,11 or 17 Hands on in RestAPI, Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle with inclination towards supporting API Automation testing Webservices : RestFull webservcie, REST API , Hands on in openAPI/Swagger Databases : Oracle/PostgreSqL CICD : Docker, Kubernetes , Jenkins, Maven, Pod Man Design , Develop and Maintain robust and Complex client facing applications that interacts with one to many interfaces. Core Skill Sets Intermediate candidate with SpringBoot, RestAPI, Hibernate, Oracle with inclination towards supporting API Automation testing Strong Java technical Expertise Strong critical thinker with problem solving aptitude. Good written and oral communication skills Hands-on experience on API related activities: requirement analysis, design, resource-based API modeling, micro-services architecture Knowledge about API design standards, patterns and best-practices Hands-on experience in API security standards and implementation Hibernate or JOOQ Microservice Architecture Testing Junit & Mockito Specific Additional Skill Sets Working Knowledge on Angular, Web Design , CSS, TypeScript, EcmaScript 6. Cloud exp. with at least one of the following: OpenShift, AWS, Azure or Google Cloud Monitoring & Logging with at least one of the following: Prometheus, Grafana, ELK Stack or Cloud Watch WebFlux OPA (Open Policy Agent) Skills Referential Specific Qualifications (if required) Behavioural Skills: (Please select up to 4 skills) Ability to collaborate / Teamwork Client focused Attention to detail / rigor Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability To Develop Others & Improve Their Skills Ability to understand, explain and support change Choose an item. Choose an item. Choose an item. Education Level Bachelor Degree or equivalent Experience Level At least 7 years Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends, we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Join Strategy’s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy’s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing. Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA) tools. Security Assessments & Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling & Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response & Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness & Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices. Job Location Application Security Engineer Pune, India Full-time in person from Strategy Office Qualifications Bachelor’s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP). Fluent in one or more programming languages, such as Python, Java, JavaScript Strong knowledge of secure coding principles and application security frameworks Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners) Understanding of security standards and regulations (e.g., OWASP, NIST) Hands-on experience with Generative AI and/or ML in creating innovative applications that enhance productivity and efficiency, coupled with a strong eagerness to learn Experience with cloud security best practices in AWS, Azure, or GCP. Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills Additional Information The recruitment process includes online assessments as a first step (English, logic, design, technical) - we send them via e-mail, please check also your SPAM folder Show more Show less

Project description You'll be working in the Technology Services GCTO EA Team. Technology Services is a group-wide function which provides integrated and secure infrastructure services for company by offering best fit, easy to leverage, reliable and cost-effective technology services and strategic products which provide functionality, strategic insights and expertise across all business groups globally. As a Software engineer focused on Microsoft 365 & Azure Collaboration Solutions, you will join an existing team in the EA Team in Group CTO supporting our strategic initiatives across the bank. Responsibilities Help Group Enterprise Architecture team to develop our Azure based applications and tooling Design and develop custom collaboration tools and integrations using Microsoft 365 services (e.g., SharePoint, Teams, Outlook, OneDrive, Power Platform). Build and deploy cloud-native applications using Azure services such as Azure Functions, Logic Apps, Azure AD, and Azure DevOps. Create and maintain APIs and connectors to integrate Microsoft 365 with third-party systems. Collaborate with cross-functional teams including product managers, UX designers, and QA engineers to deliver high-quality solutions. Monitor system performance and troubleshoot issues to ensure optimal uptime and availability. Collaborate with development teams to optimize application performance and reliability. Produce clear and commented code Produce clear and comprehensive documentation Play an active role with technology support teams and ensure deliverables are completed or escalated on time Provide support on any related presentations, communications, and trainings Skills Must have Azure experience Hands on experience working with Kubernetes, Docker and other infrastructure based technologies. Experience with developing collaboration tooling Power Automate knowledge & integration with M365 suite Has strong communication skills 2+ years of experience in a Scrum delivery model In depth experience of Git, JIRA, GitLab Excellent end-to-end SDLC process understanding. Proven track record of delivering complex web apps on tight timelines Understanding of fundamental design principles behind a scalable application and familiarity with RESTful Services. Fluent in English both written and spoken. Passionate about development with focus on web architecture and design Analytical and logical A team player, comfortable working with a lead developer and architects for the program An excellent communicator who is adept in, handling ambiguity and communicating with both technical and non-technical audiences Comfortable with working in cross-functional global teams to effect change Nice to have 2+ years JavaScript, TypeScript experience PowerBI knowledge Knowledge of performance testing frameworks including Fortify, SonarQube, Mocha and Jest Knowledge and experience of Data Science and common tools Knowledge of RDF based Graph Database solutions e.g. GraphDB, Anzo Programming in Python and familiarity with Machine Learning algorithms Familiarity with data retrieval with SQL and Oracle Other Languages EnglishC1 Advanced Seniority Senior

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

At PwC, our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations, reduce costs, and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management, technology, and process optimization to deliver high-quality services to clients. Those in managed service management and strategy at PwC will focus on transitioning and running services, along with managing delivery teams, programmes, commercials, performance and delivery risk. Your work will involve the process of continuous improvement and optimising of the managed services process, tools and services. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Role Overview The Java Support Analyst is responsible for maintaining, troubleshooting, and optimizing enterprise Java applications . This role involves incident resolution, performance tuning, API troubleshooting, database optimization, and CI/CD deployment support . The analyst will work in an Agile, DevOps-driven environment and support legacy modernization, application enhancements, stabilization, and performance improvements for mission-critical applications in Freight, Rail, and Logistics industries. Required Technical Skills 🔹 Java, Spring Boot, Hibernate, JPA, REST APIs, Microservices 🔹 Database performance tuning (Oracle, MySQL, PostgreSQL, SQL Server, MongoDB) 🔹 CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI/CD, Azure DevOps) 🔹 Cloud platforms (AWS, Azure, GCP) and containerized deployments (Docker, Kubernetes) 🔹 Monitoring tools (Splunk, ELK, Dynatrace, AppDynamics, New Relic) 🔹 Security frameworks (OAuth, JWT, SAML, SSL/TLS, LDAP, Active Directory) Key Responsibilities 1️ ⃣ Incident & Problem Management ✅ Provide Level 2/3 support for Java applications, resolving production issues, API failures, and backend errors. ✅ Diagnose and troubleshoot Java-based application crashes, memory leaks, and performance bottlenecks . ✅ Analyze logs using Splunk, ELK Stack, Dynatrace, AppDynamics, or New Relic . ✅ Work with ITIL-based Incident, Problem, and Change Management processes. ✅ Perform root cause analysis (RCA) for recurring production issues and implement permanent fixes. 2️ ⃣ Java Application Debugging & Optimization ✅ Debug and analyze Java applications built on Spring Boot, Hibernate, and Microservices . ✅ Fix issues related to RESTful APIs, SOAP web services, JSON/XML parsing, and data serialization . ✅ Optimize Garbage Collection (GC), CPU, and memory utilization for Java applications. ✅ Work with Java profiling tools (JVisualVM, YourKit, JProfiler) to identify slow processes. ✅ Assist developers in resolving code-level defects and SQL performance issues . 3️ ⃣ API & Integration Support ✅ Troubleshoot REST APIs, SOAP services, and microservices connectivity issues . ✅ Monitor and debug API Gateway traffic (Kong, Apigee, AWS API Gateway, or Azure API Management) . ✅ Handle authentication and security for APIs using OAuth 2.0, JWT, SAML, and LDAP . ✅ Work on third-party system integrations with SAP, Salesforce, ServiceNow, or Workday. 4️ ⃣ Database Support & SQL Performance Tuning ✅ Analyze and optimize SQL queries, stored procedures, and indexing strategies . ✅ Troubleshoot deadlocks, connection pooling, and slow DB transactions in Oracle, PostgreSQL, MySQL, or SQL Server . ✅ Work with NoSQL databases like MongoDB, Cassandra, or DynamoDB for cloud-based applications. ✅ Manage ORM (Hibernate, JPA) configurations for efficient database transactions. 5️ ⃣ CI/CD & Deployment Support ✅ Support CI/CD pipelines using Jenkins, GitHub Actions, GitLab CI/CD, or Azure DevOps . ✅ Work on Docker and Kubernetes-based deployments for Java applications. ✅ Assist in automated testing and validation before production releases. ✅ Troubleshoot deployment failures, rollback strategies, and hotfix releases . 6️ ⃣ Cloud & DevOps Support ✅ Monitor Java applications deployed on AWS, Azure, or GCP using CloudWatch, Azure Monitor, or Stackdriver . ✅ Support containerized deployments using Kubernetes, OpenShift, or ECS . ✅ Manage logging, monitoring, and alerting for cloud-native Java applications . ✅ Assist in configuring Infrastructure as Code (Terraform, Ansible, or CloudFormation) for DevOps automation. 7️ ⃣ Security & Compliance Management ✅ Ensure Java applications comply with security standards (GDPR, HIPAA, SOC 2, ISO 27001) . ✅ Monitor and mitigate security vulnerabilities using SonarQube, Veracode, or Fortify . ✅ Implement SSL/TLS security measures and API rate limiting to prevent abuse. 8️ ⃣ Collaboration & Documentation ✅ Work in Agile (Scrum/Kanban) environments for application support and bug fixes. ✅ Maintain technical documentation, troubleshooting guides, and runbooks . ✅ Conduct knowledge transfer sessions for junior support engineers. Show more Show less

At PwC, our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations, reduce costs, and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management, technology, and process optimization to deliver high-quality services to clients. Those in managed service management and strategy at PwC will focus on transitioning and running services, along with managing delivery teams, programmes, commercials, performance and delivery risk. Your work will involve the process of continuous improvement and optimising of the managed services process, tools and services. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Role Overview The Java Support Analyst is responsible for maintaining, troubleshooting, and optimizing enterprise Java applications . This role involves incident resolution, performance tuning, API troubleshooting, database optimization, and CI/CD deployment support . The analyst will work in an Agile, DevOps-driven environment and support legacy modernization, application enhancements, stabilization, and performance improvements for mission-critical applications in Freight, Rail, and Logistics industries. Required Technical Skills 🔹 Java, Spring Boot, Hibernate, JPA, REST APIs, Microservices 🔹 Database performance tuning (Oracle, MySQL, PostgreSQL, SQL Server, MongoDB) 🔹 CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI/CD, Azure DevOps) 🔹 Cloud platforms (AWS, Azure, GCP) and containerized deployments (Docker, Kubernetes) 🔹 Monitoring tools (Splunk, ELK, Dynatrace, AppDynamics, New Relic) 🔹 Security frameworks (OAuth, JWT, SAML, SSL/TLS, LDAP, Active Directory) Key Responsibilities 1️ ⃣ Incident & Problem Management ✅ Provide Level 2/3 support for Java applications, resolving production issues, API failures, and backend errors. ✅ Diagnose and troubleshoot Java-based application crashes, memory leaks, and performance bottlenecks . ✅ Analyze logs using Splunk, ELK Stack, Dynatrace, AppDynamics, or New Relic . ✅ Work with ITIL-based Incident, Problem, and Change Management processes. ✅ Perform root cause analysis (RCA) for recurring production issues and implement permanent fixes. 2️ ⃣ Java Application Debugging & Optimization ✅ Debug and analyze Java applications built on Spring Boot, Hibernate, and Microservices . ✅ Fix issues related to RESTful APIs, SOAP web services, JSON/XML parsing, and data serialization . ✅ Optimize Garbage Collection (GC), CPU, and memory utilization for Java applications. ✅ Work with Java profiling tools (JVisualVM, YourKit, JProfiler) to identify slow processes. ✅ Assist developers in resolving code-level defects and SQL performance issues . 3️ ⃣ API & Integration Support ✅ Troubleshoot REST APIs, SOAP services, and microservices connectivity issues . ✅ Monitor and debug API Gateway traffic (Kong, Apigee, AWS API Gateway, or Azure API Management) . ✅ Handle authentication and security for APIs using OAuth 2.0, JWT, SAML, and LDAP . ✅ Work on third-party system integrations with SAP, Salesforce, ServiceNow, or Workday. 4️ ⃣ Database Support & SQL Performance Tuning ✅ Analyze and optimize SQL queries, stored procedures, and indexing strategies . ✅ Troubleshoot deadlocks, connection pooling, and slow DB transactions in Oracle, PostgreSQL, MySQL, or SQL Server . ✅ Work with NoSQL databases like MongoDB, Cassandra, or DynamoDB for cloud-based applications. ✅ Manage ORM (Hibernate, JPA) configurations for efficient database transactions. 5️ ⃣ CI/CD & Deployment Support ✅ Support CI/CD pipelines using Jenkins, GitHub Actions, GitLab CI/CD, or Azure DevOps . ✅ Work on Docker and Kubernetes-based deployments for Java applications. ✅ Assist in automated testing and validation before production releases. ✅ Troubleshoot deployment failures, rollback strategies, and hotfix releases . 6️ ⃣ Cloud & DevOps Support ✅ Monitor Java applications deployed on AWS, Azure, or GCP using CloudWatch, Azure Monitor, or Stackdriver . ✅ Support containerized deployments using Kubernetes, OpenShift, or ECS . ✅ Manage logging, monitoring, and alerting for cloud-native Java applications . ✅ Assist in configuring Infrastructure as Code (Terraform, Ansible, or CloudFormation) for DevOps automation. 7️ ⃣ Security & Compliance Management ✅ Ensure Java applications comply with security standards (GDPR, HIPAA, SOC 2, ISO 27001) . ✅ Monitor and mitigate security vulnerabilities using SonarQube, Veracode, or Fortify . ✅ Implement SSL/TLS security measures and API rate limiting to prevent abuse. 8️ ⃣ Collaboration & Documentation ✅ Work in Agile (Scrum/Kanban) environments for application support and bug fixes. ✅ Maintain technical documentation, troubleshooting guides, and runbooks . ✅ Conduct knowledge transfer sessions for junior support engineers. Show more Show less