893 Penetration Testing Jobs - Page 19

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Operation Automation.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cloud Security Architecture Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will play a crucial role in safeguarding the organization's cloud infrastructure and data, contributing to the overall security posture of the business. Roles & Responsibilities:-Design and implement cloud security architectures in accordance with security best practices and compliance standards.-Configure and manage Microsoft Defender for Cloud (MDC) to monitor and respond to security alerts and vulnerabilities.-Develop, manage, and enforce Azure Policies to ensure governance and compliance across cloud resources.-Administer Defender for Office 365 to safeguard email and collaboration platforms against phishing, malware, and other threats.-Leverage AppOmni to assess and secure SaaS platforms, including Salesforce. -Develop automation scripts and remediation processes to improve response times and reduce manual effort.-Continuously monitor, evaluate, and improve cloud security posture through audits, assessments, and penetration tests.-Document processes, policies, and technical procedures to support compliance and operational readiness. -Stay current with evolving security threats, cloud technologies, and industry best practices. -Experience in CSPM solution like Palo Alto Prisma, Wiz is added advantage. Professional & Technical Skills: -Microsoft Defender for Cloud (MDC), -Azure Policy,-Defender for Office 365 -AppOmni Additional Information:- The candidate should have minimum 5 years of experience in Cloud Security Architecture.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Third Party IT Risk Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular assessments of cloud security measures and recommend improvements.- Facilitate training sessions for team members on cloud security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Third Party IT Risk Management.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment methodologies and tools.- Ability to develop and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information:- The candidate should have minimum 7.5 years of experience in Third Party IT Risk Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Service Delivery Good to have skills : Security GovernanceMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Continuously evaluate and improve the cloud security framework based on emerging threats and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Service Delivery.- Good To Have Skills: Experience with Security Governance.- Strong understanding of cloud security principles and best practices.- Experience in risk assessment and management related to cloud environments.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 15 years of experience in Service Delivery.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Responsibilities and Duties Identify customers needs and requirements to determine solutions, build high-quality solutions that meet client requirements and can be delivered profitably. Plan and gather information to define system objectives, and lead the technical discussions To find the most efficient way to protect the system, networks, endpoint, software, data and information systems against any potential attacks. Working closely with other security personnel to ensure complete protection for the client in every aspect. Respond to RFPs, RFIs and other forms of requests with commercial proposals To perform the research on cyber security criteria, security systems, and validation procedures. Provide pre-sales consultation and product presentation to prospective clients Develop and nurture leads while maintaining close follow-ups as required for closure Coordinate with the sales team for lead engagement and meetings Coordinate with the technical team to facilitate technical demos for prospective clients Creating status reports for the management and other stakeholders Represent the company at various trade shows, events, and demonstrations Stay updated on the technical and market positioning of the product Required Skills/Abilities Sound knowledge of Information security and networking fundamentals In-depth understanding of the ethical standards in hacking and coding Working knowledge of potential threats such as social engineering, phishing, and network access and how they can cause harm Ability to conduct penetration testing, which occurs when the consultant acts as a hacker to determine the security of the system and the vulnerabilities of concern to clients Knowledge of operating systems, including Windows, UNIX, Linus, ongoing upgrades, and new systems that roll out continuously knowledge in programming languages such as Python and Javascript Encryption techniques to mitigate risks posed by hackers The cybersecurity consultant role also requires strong collaboration and communication skills. Employers may also look for the following: Leadership and project management for implementing new policies and procedures Ability to collaborate with people at all levels of an organisation Desire to learn new things, as security and information systems and the associated threats change rapidly Customer relationship-sustaining skills, problem problem-solving ability Results-oriented personality

As an Associate Developer at IBM, you'll work with clients to co-create solutions to major real-world challenges by using best practice technologies, tools, techniques, and products to translate system requirements into the design and development of customized systems. In your role, you will be responsible for: Your primary responsibilities include: Working on the end to end feature development and solving challenges faced in the implementation. Collaborate with key stakeholders, internal and external, to understand the problems, issues with the product and features and solve the issues as per SLAs defined. Being eager to learn new technologies and implementing the same in feature development. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Hands on extensive experience on RPG language on AS/400 System I and have worked on Production system and Application Development. 3+ years of relevant experience working on mainframes. Should have technical expertise/hands on – Assembler, COBOL, JCL, CICS, VSAM, Inter-test, Fault Analyser, File-Manager, Control-M/Any other Scheduler etc. Should have expertise working on JIRA/Confluence/SharePoint/Any Change management tool (Remedy/Myservice/Service now etc.) Message Types and Transaction flows. Preferred technical and professional experience Processing between Acquirers, Issuer & Acquiring gateways etc. Interact with different stake holders , gather and articulate the . Good communications skills to deal with the clients directly and set up calls to bring the Business and Delivery inline.

Orchestration Platform 1. 0 Orchestration Platform Modernization team is looking for strong Handson prodessional in GraphQL Basic and Advanced GraphQL Concepts. Development experience in API Platform and build and maintained RESTful GraphQL API catalogs. Candidate should have deep understanding of API Orchestration design pattern follows API Platform Security best practices for API coarse grained and fine grained authorization Our teams embrace the rapid development techniques, acts as abstraction services for ALFA - Core Lending Platform for Originations, Receivables Collection Business Process. Job Description Bachelor s degree or equivalent 8-12 Years of software development experience Experience of working to customer requirements, coordinating delivery of quality code within an agreed time-box Strong prioritisation, co-ordination, organisational and communication skills, with ability to work in a large diverse team Demonstrated evidence of architecture practices Customer focused and strong team orientation Ability to work closely within an Agile and PDO team environment Self-starter and fast-learner Strong drive for high quality performance and value add results Demonstrated commitment to quality and delivery timing Ability to handle multiple assignments with minimal direction Ability to work in a highly regulated, financial environment Willing to be flexible in terms of tasks and timings Exposure to GraphQL Schema Composition Deep Understanding of GraphQL Schema Contracts Varients Good to have understanding of Policy Engine and GraphQL Coprocessor pattern Understanding of Apollo Studio GraphOS Understanding of Spring Boot Graph Framework or equivalent Netflix DGS Framework (Domain Graph Service Framework) Understand GraphQL schema UNION, ExtendedScalers HandsOn Experience with GraphQL Error Handling Working experience in GraphQL Continuous Integration Continuous Deployments Good to have GraphQL Observability, Metrics Monitoring with Tool GCP Cloud Monitoring, Splunk Dynatrace Exposure or experience in the following technologies: Java IntelliJ IDEA/Eclipse Visual Code Spring Boot/Spring Reactive Spring Batch GCP Cloud Build and Cloud Run Secret Manager, PubSub, Schedulers GraphQL BigQuery or BigTable Experience would be added advantage Experience in designing GQL Schema as per domain business requirements Experience in Schema Stiching using Composable Architecture Pattern Apollo Server - creating/managing backend app using programming language Java or NodeJS Apollo Studio- Exposure to Apollo Studio, Apollo Explorer/Playground to test build queries mutation operations Experience is using Apollo Client Library for FE apps Webclient library for Spring Boot apps Defining a GraphQL query, Understand GraphQL Query Plan Query Cost Analysis Experience in using useQuery useMutation hook Hands on experience in writing GraphQL query resolvers and mutation resolvers Experience in API Orchestration and Composing Federated Query Experience in writing abstraction services Experience is GraphQL Security - Coarse Grained Fine Grained Authorization Experience in participating in GraphQL Penetration testing and GraphQL thread modelling meeting with cybersecurity team GitHub Database (PostGres Cloud SQL) Fossa, SonarQube, Checkmarx, Cycode Experience in API Security Tool: 42Crunch Experience in API automation tool Newman and Jmeter Bachelor s degree or equivalent 8-12 Years of software development experience Good to have experience in Banking or BFSI Responsibilities Experience piloting new technologies and designing implementation strategies Experience designing and implementing enterprise best practices regarding existing or new technology/tooling Experience of senior responsibilities including: Dev Code Reviews Change management Building technical roadmaps/backlogs Exposure or experience in the following Skills and Techniques: Agile/PDO Ceremonies People Skills Coaching Coordination and logistical planning Business focused cascades of technical strategies and/or roadmaps Experience using Test Driven Development (TDD) and Behaviour Driven Development (BDD)

Job Description Bachelor s degree or equivalent 8-12 Years of software development experience Experience of working to customer requirements, coordinating delivery of quality code within an agreed time-box Strong prioritisation, co-ordination, organisational and communication skills, with ability to work in a large diverse team Demonstrated evidence of architecture practices Customer focused and strong team orientation Ability to work closely within an Agile and PDO team environment Self-starter and fast-learner Strong drive for high quality performance and value add results Demonstrated commitment to quality and delivery timing Ability to handle multiple assignments with minimal direction Ability to work in a highly regulated, financial environment Willing to be flexible in terms of tasks and timings Exposure to GraphQL Schema Composition Deep Understanding of GraphQL Schema Contracts Varients Good to have understanding of Policy Engine and GraphQL Coprocessor pattern Understanding of Apollo Studio GraphOS Understanding of Spring Boot Graph Framework or equivalent Netflix DGS Framework (Domain Graph Service Framework) Understand GraphQL schema UNION, ExtendedScalers HandsOn Experience with GraphQL Error Handling Working experience in GraphQL Continuous Integration Continuous Deployments Good to have GraphQL Observability, Metrics Monitoring with Tool GCP Cloud Monitoring, Splunk Dynatrace Exposure or experience in the following technologies: Java IntelliJ/Eclipse IDEA or VS Studio Spring Boot Batch GCP Cloud Build and Cloud Run Secret Manager, PubSub, Schedulers GraphQL BigQuery or BogTable(Good to have for Platform Observabily and services metrics/error metrics datastore store) Experience in designing GQL Schema as per domain business requirements Experience in Schema Stiching using Composable Architecture Pattern Apollo Server - creating/managing backend app using programming language Java or NodeJS Apollo Studio- Exposure to Apollo Studio, Apollo Explorer/Playground to test build queries mutation operations Experience is using Apollo Client Library for FE apps Webclient library for Spring Boot apps Defining a GraphQL query, Understand GraphQL Query Plan Query Cost Analysis Experience in using useQuery useMutation hook Hands on experience in writing GraphQL query resolvers and mutation resolvers Experience in API Orchestration and Composing Federated Query Experience in writing abstraction services Experience is GraphQL Security - Coarse Grained Fine Grained Authorization Experience in participating in GraphQL Penetration testing and GraphQL thread modelling meeting with cybersecurity team GitHub Database (PostGres Cloud SQL) Fossa, SonarQube, Checkmarx, Cycode Experience in API Security Tool: 42Crunch Experience in API automation tool Newman and Jmeter 6+ years of backend engineering experience Experience with Spring Boot, Spring Reactive, Apollo Server, or similar frameworks. Familiarity with event-driven architectures and message brokers. Prior experience in automotive or large-scale enterprise environments Excellent communication, and mentoring skills. Experience with cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Required Skills Experience: 8+ years of backend engineering experience Experience piloting new technologies and designing implementation strategies Experience designing and implementing enterprise best practices regarding existing or new technology/tooling Experience of senior responsibilities including: Dev Code Reviews Change management Building technical roadmaps/backlogs Exposure or experience in the following Skills and Techniques: Agile/PDO Ceremonies People Skills Coaching Coordination and logistical planning Business focused cascades of technical strategies and/or roadmaps Experience using Test Driven Development (TDD) and Behaviour Driven Development (BDD) Lead the design, development, and delivery of scalable GraphQL APIs and platform services. Mentor engineers, drive architectural decisions, and collaborate with cross-functional teams to build robust, high-performance backend systems. Strong expertise in GraphQL, REST APIs, and microservices architecture. Proficiency in Java, Node. js, or similar backend languages. Profiency in Java Framework Spring Boot/Spring Reactive Experience with cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Deep understanding of API security, scalability, and performance optimization. Excellent communication, and mentoring skills.

At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology. Job Description Position: IT- Staff Software Security Engineer Grade: IT4 Location: Noida/Hyderabad Job Description: Role: Cadence s Information Security team is seeking a Sr. Software Security Engineer. This role will focus on Cloud and on-premise Software Security controls including WAF and CDN tools. This is a Security Development Operations role that will ensure security tool integration at the source code repo (Perforce, Github etc. ), build environment, and artifactory level. As a member of the Information Security team, this role will develop and support the secure software develop life cycle, including DAST, SAST, SCA, penetration testing, and attack surface management. This role reports to Group Director and will interface directly with development teams. Of course, there is broad exposure to other aspects of information security related tasks such as incident response, vulnerability management, and deployment of security solutions. The successful candidate for this position is a highly motivated individual with a strong Application Development and Configuration Management/DevOps background with hands-on experience in building software security within CI/CD. Required Skills Qualification Hands-on experience in securing corporate environment. Hands-on experience in security frameworks (NIST, ISO 27001, CIS) and experience with risk management and compliance Hands-on experience securing Windows (Workstations and Servers), Linux (Workstations and Servers), and Mac Hands-on experience conducting risk management by identifying gaps and providing strategies for mitigation. Hands-on experience documenting vulnerability assessment results in a clear and actionable format. Expertise in network security, firewalls, IDS/IPS, and security monitoring tools such as SIEM Proficiency with cloud security technologies (AWS, Azure, GCP) and securing cloud-based infrastructure. Experience with incident response, forensics, and managing security incidents from detection to resolution. Determines security violations and inefficiencies. Knowledge of mergers and acquisitions Experience: Should have relevant experience of at least 10-15 years. Qualification: Engineering (Computers, Electronics, IT) or equivalent We re doing work that matters. Help us solve what others can t.

What will you contribute? As an Expert Offensive Security Engineer within the Cyber Defense Team, youll lead offensive security assessments that strengthen our defense capabilities. Working closely with the larger InfoSec team, detection engineers, and external engineering partners, youll identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to enhance our security posture. Youll collaborate with various architecture and engineering teams to continuously validate and improve our security controls and detection capabilities, with a strong focus on developing repeatable testing frameworks and metrics-driven security improvements. Responsibilities & Deliverables: You will be responsible for the following: Lead offensive security assessments: conduct full-stack security assessments across our entire technology stack. Drive detection engineering partnerships: collaborate with detection engineers through purple team exercises, attack simulations, and threat emulation to improve detection coverage. Develop custom tools and frameworks: build and maintain security testing tools, frameworks, and automation scripts that enable repeatable testing and quantifiable security improvements. Build security metrics: design and implement frameworks to measure security control effectiveness, detection coverage, and improvement over time through consistent testing methodologies. Research and innovate: stay current with the latest attack techniques, tools, and methodologies while building out both offensive and defensive security improvements. Mentor and collaborate: share knowledge across security teams and foster a culture of continuous security improvement. Required Experience: 5+ years: professional experience in offensive securi ty, with demonstrated experience in red team and purple team exercises, penetration testing, and detection engineering teamwork . Development experience: proficiency in Python or other programming language such as Bash,Regex,Power shell ,etc for building security tooling and automation. Security assessment expertise: performing full-stack security assessments of web and mobile applications, APIs, on-prem and cloud infrastructure, and backend systems.. Deep understanding: common attack techniques; exploit development; post-exploitation methodologies; security assessment frameworks (MITRE ATT&CK, PTES); and modern detection stack components (EDR, SIEM, XDR). Knowledge: of networking, operating systems, security protocols, security concepts including reverse engineering, cloud security (AWS/Azure), container security, CI/CD pipeline security, API security, and security metrics development. Certifications: such as OSCP, OSCE, GXPN, or equivalent practical experience. Interpersonal skills: strong analytical and problem-solving abilities; excellent technical writing for detailed reports; ability to clearly communicate complex technical concepts; self-motivated with a passion for offensive security and detection engineering. We are proud to offer a range of incentives to our employees worldwide. These benefits are available to everyone, regardless of grade, and reflect the values we uphold: Flexibility: Enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave. Well-being: Access confidential one-on-one therapy through our Employee Assistance Program, unlimited personalized coaching via our coaching app, and access to our Gather Groups for emotional and mental support. Medical, life & disability insurance, retirement plan, lifestyle and other benefits* ESG: Benefit from paid time off for volunteering and donation matching. DEI: Participate in multiple DE&I groups for . We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves. Be unique, be exceptional, and help us make a difference at Finastra!

Job Title: Quality Engineer III About the team Magnum is an automated underwriting solution built by Swiss Re and helps 70+ insurers across the globe to automate the riskassessment in their Life and Health insurance transactions. Magnum is a market-leading software for automated underwritingworldwide, recognized by The Forrester Wave as a leader in Automated Life Insurance Underwriting Engines. Magnum is cateringto a fast-growing base of installed clients with dedicated teams across the world, from the US to Europe and Asia. Our ambition is tobest serve our clients and achieve balanced growth of Magnum products. About role To maintain ground-breaking propositions for Magnum and support the next wave of innovations, we are looking for a QualityEngineer III - Product Engineering who passionate about software architecture and is driven to pursue excellence in deliveringpremier InsurTech solutions. Key Responsibilities Provide technical leadership to develop QA automation, Agile Implementation Strategy for Magnum quality. Evaluate test tools for automation including build verification and IDE plugins and lint programs. Come up with high-level or low-level design of Automation FW that covers the test strategy. Hands-on with products across the product portfolio, ability to participate in customer-facing activities like demos, feedback meetingsetc. Write test automation scripts following the defined internal standards. Understand the current QA strategy, test plan, tools and technologies for existing Magnum products. Manage and groom teams for a high-performance culture and be a champion of Swiss Res core values. Provide early visibility and mitigation to technical challenges through the journey. Confidently represents product and portfolio, including vision and functional and quality roadmaps, within the company and, whennecessary, to strategic. Code reviews to make sure quality code is delivered. R&D /POCs of new age requirements. Your Qualifications 10+ years of experience in Software Development, Testing Automation and DevOps. Bachelors degree level or equivalent in computer science or related field, Masters is a plus. Strong programming/QA experience and background in Enterprise Java. Proficient in Java/J2EE, REST, Junit/TestNG and other test automation frameworks. Experience with Front-end web application test automation (Selenium, Web driver, Grid, Cucumber, TestNG, Junit, JMeter, Blazemeter), REST API testing, data validation testing and integration testing. Experience working on UI technologies - Angular, ReactJS/DHTML, Karma, cypress, Jest, Mocha, enzyme and Jasmine Working experience in DevOps environment building CI/CD pipelines through Jenkins. Experience in Performance Testing, Penetration Testing & Security Testing Agile methodology, Git and JIRA. Hands-on experience in automation tools and frameworks (WDIO, Coded UI, SoapUI, Postman, Protractor, Rest Assured, TestComplete and Py-test). Strong experience with performance/scalability testing, compatibility testing Strong knowledge of any SQL or No-SQL databases and Queries. Proven record of execution of QA strategy and unification of QA process. Experience of designing automation solution for complex architecture covering UI, services, files and DBs. Must be able to work in front end and back-end QA environments. Experience in leading/managing automation team and providing technical solution to the automation delivery team Good knowledge with Azure DevOps (Repo, Pipeline, CICD), Azure Data Factory. Domain knowledge of underwriting process or Life insurance business is a plus Job Description About Swiss Re Swiss Re is one of the world s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, workingto make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change tocybercrime. We cover both Property & Casualty and Life & Health. Combining experience with creative thinking and cutting-edgeexpertise, we create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 14,000employees across the world. Our success depends on our ability to build an inclusive culture encouraging fresh perspectives and innovative thinking. We embracea workplace where everyone has equal opportunities to thrive and develop professionally regardless of their age, gender, race,ethnicity, gender identity and/or expression, sexual orientation, physical or mental ability, skillset, thought or other characteristics. Inour inclusive and flexible environment everyone can bring their authentic selves to work and their passion for sustainability. If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positionsthat match your skills and experience. About Swiss Re If you are an experienced professional returning to the workforce after a career break, we encourage you to apply for open positions that match your skills and experience. Keywords: Reference Code: 134164

Job Description Bachelor s degree or equivalent 8-12 Years of software development experience Experience of working to customer requirements, coordinating delivery of quality code within an agreed time-box Strong prioritisation, co-ordination, organisational and communication skills, with ability to work in a large diverse team Demonstrated evidence of architecture practices Customer focused and strong team orientation Ability to work closely within an Agile and PDO team environment Self-starter and fast-learner Strong drive for high quality performance and value add results Demonstrated commitment to quality and delivery timing Ability to handle multiple assignments with minimal direction Ability to work in a highly regulated, financial environment Willing to be flexible in terms of tasks and timings Exposure to GraphQL Schema Composition Deep Understanding of GraphQL Schema Contracts & Varients Good to have understanding of Policy Engine and GraphQL Coprocessor pattern Understanding of Apollo Studio GraphOS Understanding of Spring Boot Graph Framework or equivalent Netflix DGS Framework (Domain Graph Service Framework) Understand GraphQL schema UNION,ExtendedScalers HandsOn Experience with GraphQL Error Handling Working experience in GraphQL Continuous Integration & Continuous Deployments Good to have GraphQL Observability, Metrics & Monitoring with Tool GCP Cloud Monitoring, Splunk & Dynatrace Exposure or experience in the following technologies: Java IntelliJ/Eclipse IDEA or VS Studio Spring Boot & Batch GCP Cloud Build and Cloud Run Secret Manager, PubSub, Schedulers GraphQL BigQuery or BogTable(Good to have for Platform Observabily and services metrics/error metrics datastore store) Experience in designing GQL Schema as per domain business requirements Experience in Schema Stiching using Composable Architecture Pattern Apollo Server - creating/managing backend app using programming language Java or NodeJS Apollo Studio- Exposure to Apollo Studio, Apollo Explorer/Playground to test & build queries & mutation operations Experience is using Apollo Client Library for FE apps & Webclient library for Spring Boot apps Defining a GraphQL query, Understand GraphQL Query Plan & Query Cost Analysis Experience in using useQuery & useMutation hook Hands on experience in writing GraphQL query resolvers and mutation resolvers Experience in API Orchestration and Composing Federated Query Experience in writing abstraction services Experience is GraphQL Security - Coarse Grained & Fine Grained Authorization Experience in participating in GraphQL Penetration testing and GraphQL thread modelling meeting with cybersecurity team GitHub Database (PostGres Cloud SQL) Fossa, SonarQube, Checkmarx, Cycode Experience in API Security Tool: 42Crunch Experience in API automation tool Newman and Jmeter 6+ years of backend engineering experience Experience with Spring Boot, Spring Reactive, Apollo Server, or similar frameworks. Familiarity with event-driven architectures and message brokers. Prior experience in automotive or large-scale enterprise environments Excellent communication, and mentoring skills. Experience with cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Required Skills & Experience: 8+ years of backend engineering experience Experience piloting new technologies and designing implementation strategies Experience designing and implementing enterprise best practices regarding existing or new technology/tooling Experience of senior responsibilities including: Dev Code Reviews Change management Building technical roadmaps/backlogs Exposure or experience in the following Skills and Techniques: Agile/PDO Ceremonies People & Skills Coaching Coordination and logistical planning Business focused cascades of technical strategies and/or roadmaps Experience using Test Driven Development (TDD) and Behaviour Driven Development (BDD) Lead the design, development, and delivery of scalable GraphQL APIs and platform services. Mentor engineers, drive architectural decisions, and collaborate with cross-functional teams to build robust, high-performance backend systems. Strong expertise in GraphQL, REST APIs, and microservices architecture. Proficiency in Java, Node.js, or similar backend languages. Profiency in Java Framework Spring Boot/Spring Reactive Experience with cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes). Deep understanding of API security, scalability, and performance optimization. Excellent communication, and mentoring skills.

Orchestration Platform 1.0 & Orchestration Platform Modernization team is looking for strong Handson prodessional in GraphQL Basic and Advanced GraphQL Concepts.Development experience in API Platform and build and maintained RESTful & GraphQL API catalogs. Candidate should have deep understanding of API Orchestration design pattern & follows API Platform Security best practices for API coarse grained and fine grained authorization Our teams embrace the rapid development techniques, acts as abstraction services for ALFA - Core Lending Platform for Originations, Receivables & Collection Business Process. Job Description Bachelor s degree or equivalent 8-12 Years of software development experience Experience of working to customer requirements, coordinating delivery of quality code within an agreed time-box Strong prioritisation, co-ordination, organisational and communication skills, with ability to work in a large diverse team Demonstrated evidence of architecture practices Customer focused and strong team orientation Ability to work closely within an Agile and PDO team environment Self-starter and fast-learner Strong drive for high quality performance and value add results Demonstrated commitment to quality and delivery timing Ability to handle multiple assignments with minimal direction Ability to work in a highly regulated, financial environment Willing to be flexible in terms of tasks and timings Exposure to GraphQL Schema Composition Deep Understanding of GraphQL Schema Contracts & Varients Good to have understanding of Policy Engine and GraphQL Coprocessor pattern Understanding of Apollo Studio GraphOS Understanding of Spring Boot Graph Framework or equivalent Netflix DGS Framework (Domain Graph Service Framework) Understand GraphQL schema UNION,ExtendedScalers HandsOn Experience with GraphQL Error Handling Working experience in GraphQL Continuous Integration & Continuous Deployments Good to have GraphQL Observability, Metrics & Monitoring with Tool GCP Cloud Monitoring, Splunk & Dynatrace Exposure or experience in the following technologies: Java IntelliJ IDEA/Eclipse & Visual Code Spring Boot/Spring Reactive & Spring Batch GCP Cloud Build and Cloud Run Secret Manager, PubSub, Schedulers GraphQL BigQuery or BigTable Experience would be added advantage Experience in designing GQL Schema as per domain business requirements Experience in Schema Stiching using Composable Architecture Pattern Apollo Server - creating/managing backend app using programming language Java or NodeJS Apollo Studio- Exposure to Apollo Studio, Apollo Explorer/Playground to test & build queries & mutation operations Experience is using Apollo Client Library for FE apps & Webclient library for Spring Boot apps Defining a GraphQL query, Understand GraphQL Query Plan & Query Cost Analysis Experience in using useQuery & useMutation hook Hands on experience in writing GraphQL query resolvers and mutation resolvers Experience in API Orchestration and Composing Federated Query Experience in writing abstraction services Experience is GraphQL Security - Coarse Grained & Fine Grained Authorization Experience in participating in GraphQL Penetration testing and GraphQL thread modelling meeting with cybersecurity team GitHub Database (PostGres Cloud SQL) Fossa, SonarQube, Checkmarx, Cycode Experience in API Security Tool: 42Crunch Experience in API automation tool Newman and Jmeter Bachelor s degree or equivalent 8-12 Years of software development experience Good to have experience in Banking or BFSI Responsibilities Experience piloting new technologies and designing implementation strategies Experience designing and implementing enterprise best practices regarding existing or new technology/tooling Experience of senior responsibilities including: Dev Code Reviews Change management Building technical roadmaps/backlogs Exposure or experience in the following Skills and Techniques: Agile/PDO Ceremonies People & Skills Coaching Coordination and logistical planning Business focused cascades of technical strategies and/or roadmaps Experience using Test Driven Development (TDD) and Behaviour Driven Development (BDD)

Ability to understand the technical implications and impact of various types of vulnerabilities on servers and applications including remote code execution, elevation of privilege, information disclosure. Ability to assess the risk associated with vulnerabilities, including impact and exploitability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 3 plus years of experience Experience in vulnerability management, security operations, or a related field with a proven track record of identifying and mitigating vulnerabilities. Practical experience with vulnerability scanning, risk assessment, and patch management processes. Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7 Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Hands-on experience withTenable.SC (or an equivalent VM platform) including administration of Nessus remote and agent-based scans, profile creation and maintenance Skills in prioritizing vulnerabilities based on their severity, potential impact, and the organization’s risk profile, experience with ASM solution

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Active Directory.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SAP GRC - Governance-Risk-Compliance.

As an Application Security Specialist,youll play a vital role in building secure systems from the ground up. Workingclosely with engineering, compliance, and DevOps teams, you will ensure ourapplications meet rigorous security and regulatory standards across globaljurisdictions. Your Impact on the Mission: Integrate security into the Software Development Lifecycle (SDLC) , embedding security controls at every phase. Conduct threat modeling , secure code reviews , and penetration testing for internal and third-party applications. Collaborate with development teams to address security issues across CI/CD pipelines (DevSecOps). Manage and mitigate application-level risks in line with security frameworks and regulatory requirements. Support compliance efforts for GDPR , NIS2 , PCI-DSS , and DORA by applying security controls and maintaining evidence. Drive secure practices in the software supply chain , improving defenses against attacks like those seen in SolarWinds. Business Impact Reduces application security vulnerabilities across internal and customer-facing systems. Helps ensure Noventiqs compliance with global cybersecurity regulations. Lowers production defects and remediation costs through early detection. Strengthens resilience ofcloud-native and third-party platforms. What Youll Bring to The Table About You: 5 years in Application Security, including secure development, testing, and DevSecOps. Solid understanding of OWASP Top 10 , SAST/DAST , threat modeling , and common attack vectors. Familiarity with CI/CD environments (e.g., GitLab, GitHub Actions, Azure DevOps). Hands-on experience with tools such as Burp Suite , OWASP ZAP , SonarQube , Checkmarx , or similar. Preferred Certifications Industry-recognized certifications are a plus, including: OSCP , GWAPT, CISSP, or CSSLP Bonus for Azure Security Engineer (AZ-500) or Certified DevSecOps Professional Frameworks Compliance Working knowledge of: OWASP , CIS Controls v8, ISO/IEC 27001 GDPR , NIS2 Directive, PCI-DSS, DORA Regulation

Hands-on experience on vulnerabilities and should know Life Cycle ofvulnerabilities, Perform data validation and prioritization The core team will work with the Program Manager for any emergency vulnerabilities and will work with all stakeholders with high-priority Validate the report for any anomalies Categorization of Vulnerabilities Validate Ageing of Vulnerabilities Validate Remediated Vulnerabilities Provide the patching Schedule, and classify based on criticality, OS, and Non-OS, and further sub-classify into config, registry and application vulnerabilities categories on a timely basis Prepare the teams shift roster based on the patching schedule Identify Vulnerabilities still shown as open despite remediation and raise withthe infosec team - update InfoSec Issue Trackers Identify Vulnerabilities and create Fixlets where solutions exist Work on and call out Known issues on KBs Provide technical solutions to all Vulnerabilities and engage with SMEfor any critical discussions Vulnerability Assessment, Vulnerability Mitigation, Static/dynamic testing of mobile applications, Cyber Security Assessment Consulting, Penetration Testing, Manual Penetration Testing using OWASP checklists. The core team will work with the Program Manager for any emergency vulnerabilities and will work with all stakeholders with high-priority

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility

Atlas Energy - Cybersecurity Analyst Security Analyst - Threat Management and Vulnerability Assessment Seeking a skilled Security Analyst (4-6 years) specializing in threatmanagement and vulnerability assessments. The ideal candidate will haveexperience with Defender for Cloud (migration from L1 to L2), Rapid7, andIntune, and a foundational understanding of Operational Technology (OT)systems, particularly the Dragos platform. This role involves advanced threatdetection and remediation, vulnerability assessments, patching, and hardeningtasks. Qualifications: - Experience with Defender for Cloud and Rapid7. - Proficiency in vulnerability assessments, patch management, and systemhardening. - Familiarity with Intune and Rapid7 agent deployment issues. - Basic understanding of OT systems and security, particularly the Dragosplatform. - NIST controls implementation. - Excellent communication and documentation abilities. Shift Timing - US CST hours

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Manual Penetration Testing using OWASP checklists, Penetration Testing, Vulnerability Assessment, OWASP Top 10, OWASP ZAP, AWS Cloud, Azure Cloud, Cyber Security, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Data Security Assessment Consulting Perform Penetration testing Develop and recommend mitigation strategies to enhance the defense mechanisms of critical infrastructure components Collaborate with IT and security teams to refine security measures and response strategies Prepare detailed reports on findings from simulations and suggest improvements Facilitate training sessions for internal teams on security awareness and breach response tactics

Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, Static/dynamic testing of mobile applications, Static Code analysis Artifacts/Grey box Infra Activity (VA/CA) Windows Server - Performing Scanning and preparing reports - application Security Testing/ Infra VACA

Static Code analysis Static/dynamic testing of mobile applications Vulnerability Assessment Penetration Testing. SAST Penetration testing Vulnerability Assessment