31 Veracode Jobs

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

: Job TitleSenior Engineer, AVP LocationPune, India Role Description Technology Engineer within Archiving Tech product family to take on the responsibility of developing the product code, implement technical solutions and configures applications in different environments in response to business problems. The engineer is expected to focus on requirements of the business and proposes the technical design of the application or its components, investigates and proposes appropriate technologies to be used, creates re-usable frameworks and drives standardization where possible in line with banks standard and solutions. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Hands on experience in application development / enhancement / bug fixing Ability to overcome technical challenges . Ensures development happens for all Software Components in accordance with Detailed Software specification, the functional design and the technical design document. Verifies the developed source code by reviews (4-eyes principle). Contributes to quality assurance by writing unit and functional tests. Contributes to problem and root cause analysis. Integrates software components following the integration strategy. Ensures that all code changes end up in Change Items (CIs). Where applicable, develops routines to deploy CIs to the target environments. Collaborates with colleagues participating in other stages of the Software Development Lifecycle (SDLC). Your skills and experience To excel in this role, you should possess strong understanding of technologies as under: Expert level in Oracle PL/SQL Highly proficient in SQL Should be comfortable to work with linux, python scripting & any scheduling tool preferably BMC Control-M Proven experience in data engineering, data modelling & building data pipelines Good understanding of Conceptual, logical & physical data model building Exposure to working with Agile Methodologies. SDLC Tools - JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket Exposure to Java, SpringBoot, J2EE, REST APIs, Microservices will be added advantage. CloudExposure to any public cloud preferably GCP. Strong analytical skills. 10+ Years of technology experience, continuous hands-on coding exposure, and ability to drive solutions. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organizations. Excellent team player and open minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Relevant Financial Services experience. Ability to work in a fast paced environment with competing and alternating priorities with a constant focus on delivery. Ability to balance business demands and IT fulfilment in terms of standardization, reducing risk and increasing IT flexibility. Candidate is expected to have high desire to learn new technologies and implement various solutions in fast paced environment. How well support you

Role & responsibilities Support and consult with development and engineering teams in the areas of API security. Educates development team on security procedure and standards, and ensures they are followed. Research and help develop security solutions to help secure applications (API Security, Data Protection, Identity Protection) Create Security guidance/documentation for development/engineering teams. Experience working with AWS or other cloud environments (development/architecture) Experience with cloud and API security standards (OWASP API Top 10, CIS Top 20) Perform security risk assessments for all proposed application-related (APIs) changes. Preferred candidate profile 6+ years of experience in software development in one or more of the following programming languages, .NET, Python, Java/Springboot (REST), JavaScript (Node/React), and/or Go Experience with tools like OWASP ZAP, Veracode, Postman, etc. 3+ years of experience with API Security (Design patterns, Architecture, B2B/A2A/B2C Integration) Experience with API security tools like Noname, Salt, Neosec, etc. Experience with API Management solutions like Mulesoft, Apigee, etc. Technical and foundational knowledge of software engineering, computer systems, security engineering, authentication, and/or applied cryptography. Excellent knowledge of all web technologies, especially web services, web applications, Service Oriented Architectures, and network/web protocols Knowledge of application threat modeling, Remediation of OWASP API Top 10, CIS Top 10, SANS Top 25 a plus Experience with attacker tactics, techniques, and procedures, and corresponding mitigation methods.

Dear Candidate, We are seeking a DevOps Engineer to streamline our development and deployment processes. Ideal for professionals passionate about automation and infrastructure. Key Responsibilities: Implement and manage CI/CD pipelines Monitor system performance and troubleshoot issues Automate infrastructure provisioning and configuration Ensure system security and compliance Required Skills & Qualifications: Experience with tools like Jenkins, Docker, and Kubernetes Proficiency in scripting languages like Bash or Python Familiarity with cloud platforms (AWS, Azure, or GCP) Bonus: Knowledge of Infrastructure as Code (Terraform, Ansible) Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Job Purpose As a Senior DevSecOps Engineer, you will be responsible for integrating security into the development, deployment, and maintenance of our software products, ensuring the highest standards of security and reliability. Key Activities / Outputs • Develop and implement security solutions throughout the software development lifecycle, from design to deployment and maintenance, using methodologies such as STRIDE, DREAD, CVSS, and the OWASP ASVS. • Work closely with developers, IT operations, and security governance and operations teams to ensure security is integrated into all aspects of the development pipeline. • Automate security processes and tools to enable continuous integration, continuous delivery, and continuous monitoring (CI/CD/CM) of applications and infrastructure. • Develop and implement metrics, reporting, and monitoring processes to track the effectiveness of DevSecOps practices, using tools like Dynatrace, ELK, Splunk, AWS CloudWatch and Sonatype Examples of metrics include vulnerability remediation times, security incidents, and code review coverage. • Establish a governance, review, and continuous improvement process for DevSecOps practices, ensuring alignment with organizational goals and industry best practices. • Perform risk assessments and threat modelling to identify potential vulnerabilities and provide recommendations for mitigation strategies. • Develop and enforce security policies and guidelines for application and infrastructure development, based on industry best practices and standards such as OWASP Top Ten, CWE/SANS Top 25, NIST SP 800-53, and OWASP ASVS. • Train and mentor developers in secure coding practices, emphasizing areas such as input validation, output encoding, and least privilege principles, as well as conducting regular security awareness sessions. • Conduct regular security audits, vulnerability assessments, and penetration tests to identify and remediate potential threats. • Stay current with industry trends, emerging threats, and best practices in DevSecOps to continuously improve our security posture. • Develop and maintain documentation related to security practices, policies, and procedures. Technical Skills or Knowledge Strong understanding of software development processes, CI/CD principles, and Agile methodologies, Expertise in various security frameworks, tools, and technologies such as OWASP, SAST, DAST, IAST, RASP, and familiarity with toolsets such as SonarQube, Veracode, Checkmarx, and Fortify, Proficient in scripting languages such as Python, Ruby, or Shell, Experience with containerization and orchestration technologies, such as Docker and Kubernetes, Familiarity with cloud platforms (AWS, Azure, GCP) and their respective security services and tools, Knowledge of networking protocols, firewalls, intrusion detection systems, and encryption technologies, Strong analytical, problem-solving, and communication skills, Software Development: This includes proficiency in programming languages such as Python, Java, JavaScript, or C#, as well as familiarity with software development methodologies like Agile or DevOps, Security Knowledge: They should be familiar with security frameworks such as OWASP (Open Web Application Security Project) and have experience in implementing security controls and practices within software development processes, DevOps Practices: This includes experience with continuous integration and continuous deployment (CI/CD) pipelines, configuration management tools like Ansible or Chef, containerization technologies such as Docker or Kubernetes, and infrastructure-as-code (IaC) tools like Terraform or CloudFormation, Security Tools and Technologies: This may include vulnerability scanning tools like Nessus or Qualys, security testing frameworks such as Burp Suite or ZAP, security information and event management (SIEM) tools like Splunk or ELK stack, and other relevant security tools, Cloud Computing: Experience with cloud security best practices, configuring and securing cloud resources, and managing cloud-based deployments is highly valuable Preferred Technical Skills (Would be advantageous) This position is a hybrid role based in Hyderabad which requires you to be in the office on a Tuesday, Wednesday and Thursday.

Dear Candidate, We are hiring a Software Security Engineer to secure applications throughout the software development lifecycle. Ideal for developers with a strong grasp of secure coding and threat modeling. Key Responsibilities: Identify and remediate application-level vulnerabilities Conduct code reviews, static/dynamic analysis, and fuzz testing Collaborate with developers on secure architecture and coding practices Develop security tools, libraries, and automated scans in CI/CD pipelines Required Skills & Qualifications: Experience with secure coding in Java, Python, C/C++, or JavaScript Familiarity with OWASP Top 10, SAST/DAST tools (e.g., SonarQube, Veracode) Understanding of authentication, authorization, and secure APIs Bonus: Knowledge of bug bounty platforms or offensive security techniques Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

???Were Hiring: Senior Microservices Developer (Java Spring Boot | AWS ROSA | Kafka | Kong API Gateway) ??? Are you passionate about building scalable, cloud-native solutions and driving enterprise digital transformationJoin our dynamic team and contribute to mission-critical integration projects powering business innovation, ???? About the Role Were looking for a Senior Microservices Developer with deep expertise in Java Spring Boot, AWS ROSA, Kong API Gateway, and event-driven architectures (Kafka) Youll play a key role in architecting and delivering modern enterprise integrations and cloud-native applications, ????? Key Responsibilities Design, develop, and deploy Java Spring Boot microservices on AWS ROSA (Red Hat OpenShift Service on AWS) Manage Kong API Gateway for secure, scalable API management Build event-driven systems using Apache Kafka Enforce secure coding and code quality via JUnit, SonarQube, and Veracode (SAST & DAST) Integrate with enterprise platforms including Microsoft Dynamics CRM Automate deployment pipelines with AWS CI/CD tools Apply integration design patterns and best practices for resilient interfaces Collaborate closely within Agile/Scrum teams Maintain clean, up-to-date technical documentation and system diagrams Troubleshoot, conduct code reviews, and mentor junior developers ???? What Were Looking For 7+ yearsexperience in Java Spring Boot microservices Hands-on experience deploying on AWS ROSA Expertise in Kong API Gateway: proxy setup, plugin management, and observability Strong knowledge of Apache Kafka and asynchronous messaging Proficiency with JUnit, SonarQube, Veracode (SAST & DAST) Familiarity with AWS services: EC2, EKS, Lambda, RDS, S3, CloudWatch Experience with AWS CI/CD pipelines Background in enterprise integrations, especially with Microsoft Dynamics CRM Solid grasp of REST APIs, OAuth2/SAML authentication, and integration patterns Agile/Scrum delivery experience Excellent communicator with strong documentation and remote teamwork skills ??? Why Join Us ?? Work on high-impact, enterprise-grade projects ?? Embrace flexible remote work with a supportive, collaborative team ?? Advance your expertise in modern cloud-native microservices and enterprise integration ?? Continuous learning, mentoring, and growth opportunities ???Ready to be part of something transformative Apply now or drop us a message ? wed love to connect! #JavaSpringBoot #AWSROSA #KongAPIGateway #ApacheKafka #MicroservicesJobs #CloudNative #HiringNow #RemoteJobs #DigitalTransformation

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. About the position F5 is looking for a hands-on Security Engineer III with experience owning vulnerability management and codesecurity program. F5s Edge 2.0 platform provides global, scalable, and secure way to deploy applications! In this position, you will have responsibility for vulnerability management of open-source components in the software components that make up the platform.You will also be responsible for code security and handle static and multifaceted code scanning and write policies and procedures around the lifecycle of the code and associated vulnerabilities. Responsibilities We collaborate with software architects, security defenders, Operations, SRE, compliance specialists, and business leaders to understand the components of the platform and their requirementsaround vulnerability management, static and dynamic code analysis depending on the components structure and place in the platform. We write and maintain policies and procedures around vulnerability management and code analysis following industry methodologies and compliance directives. We integrate with scanning tools and provide mentorship to the developers around integration, how to read the findings, and how to improve the output. We work with architects of underlying frameworks to minimize the number of reported vulnerabilities when there is a significant code reuse. We work with other members of the DevOps team to introduce tooling to increase clarity and better quantify the vulnerability remediation. We work with engineering teams to incorporate the best standards from vulnerability management and code analysis into the SDLC. We work with other team members to safely introduce dynamic code analysis tools. We participate in Incident Response when appropriate. Minimum qualifications BS degree in Computer Science or equivalent with 4+ years of secure software development experience. Good understanding of Docker container building process. Experience with vulnerability management systems like Snyk, Whitesource, Trivy, Dependency-check, Nancy etc. Experience with SAST tools like Coverity, FindSecBugs, Fortify, Veracode, etc. Familiarity with microservices architecture, Docker and Kubernetes. Good understanding of complexities and security challenges in large-scale distributed systems. The is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com ) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates . Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

Date 2 Jun 2025 Location: Bangalore, KA, IN Company Alstom Req ID:481603 We create smart innovations to meet the mobility challenges oftoday and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric busesand driverless trains, as well asinfrastructure, signalling and digital mobility solutions. Joining us meansjoininga truly global community ofmore than38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact. OVERALL PURPOSE OF THE ROLE: The primary responsibility of the specialist security Operationsis to ensure security risks are identified and managed within acceptable limits. The Security specialist will work closely with Design Authority, Solution Architects, IS Design,IS&T operations and Business teams to manage security of the organization RESPONSIBILITIES: To analyse and update critical and non critical log sources and their health status check for redundant log sources and take necessary steps working with right stake holders daily health check and monitoring of SOC infra Co-relationship, framework management for SOC use cases responsible for analytics and data crunching or data analysis and represenation of outcome for leadeship to make next decisions KPI definition, revision and imprvement for SOC infra, health and use cases TECHNICAL COMPETENCIES & EXPERIENCE To be considered for this role, candidate need to demonstrate the following skills experience and attributes: Bachelors/Masters degree in Engineering/Technology or related field Minimum 4-6 years of relevant IT experience Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc. Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode Proficient handson experience and understanding of various security tools and technologies. Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management Solid understanding of ITIL process framework Must understand and have worked in an operational environment such as a NOC or SOC for 2 4 years Demonstrated leadership experience in the area of Security Operations Proven planning, prioritization, and organizational skills Demonstrated drive for continuous learning, results orientation, and teamwork Ability to drive change through innovation & process improvement Ability to manage projects and drive action items with customers and crossfunctional peers Proven crisis management skills Professional & concise communication (written & verbal) Ability and flexibility to adapt to change, including shifting and competing priorities Demonstrated ability to be a big picture thinker, strategist, and long term planner Strong analytical skills with demonstrated problem solving ability Project management skills with a proven ability to design workable solutions will be an added advantage Exposure to ISO 27002 and ISO 27005 An agile, inclusive and responsiblecultureis the foundation of ourcompanywhere diverse people are offered excellent opportunities to grow, learn and advanceintheir careers.We are committed toencouragingour employeesto reach their full potential,while valuing and respecting them as individuals.

Role Summary: Designs and implements technical solutions for protecting the confidentiality, integrity and availability of sensitive information. Provides technical evaluations of client systems and assists with making security improvements. Provides technical support in the areas of vulnerability assessment, risk assessment, network security and security implementation. Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Conducts security product evaluations, and recommends products, technologies and upgrades to improve the client"™s security posture. Responsibilities : Customizes, validates, administers and supports a variety of enterprise wide information security platforms, systems, frameworks and applications, based on requirements provided by management; Develops implementation plans related to information security for systems, tools, platforms, and frameworks. Conducts security assessments of systems, tools, platforms, policies, procedures and frameworks. Creates designs and diagrams related to information security for systems, tools, platforms, and frameworks. Develops standard operating procedures for information security related to systems, tools, platforms, and frameworks. Leads audits and reviews designs for information security issues. Validates vulnerabilities identified during security testing, audits, and assessments, while reviewing for false positives. Understands large scale multi-tenant software products supporting multiple government agencies. Understands large scale software integrations of multiple software products. Acts as source for direction, training and guidance for less experienced information security engineers. Works with engineering teams to define and refine information security and systems management policies and settings. Evaluates new and emerging products, technologies and make recommendations to leadership concerning introduction of new technologies. Required Skills > 6 years of information security experience for state and/or federal agencies required. > 6 years of leading information security assessments, policy development, framework implementation, and tool implementation. Must have knowledge of one or more of the following productsBroadcom Identity Manager, Identity Suite and Single Sign On. Preferred Skills Undergraduate degree Certification from Information Security Program (CISM, CompTIA, GSEC, CISSP, etc.) Preferred. Preferred knowledge of one or more of the following productsDell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.

Role Summary: Provides ongoing systems administration support including installation, customization, maintenance and troubleshooting of hardware / software systems. Provides technical support and advises on the use of programming tools, database systems and networks. Provides support to address the availability and reliability issues on systems (Windows/Unix/Mainframe) across multiple locations. Evaluates and integrates new operating system versions, drivers and hardware. Operational responsibilities include remediation of daily incident tickets, system compliance responsibilities, system run enhancement testing and staging, policy / procedure enhancements and adherence, client contact coordination and operational recommendations. Monitors and tunes the system to achieve optimum performance levels in standalone and multi-tiered environments. Implements appropriate levels of system security. Prescribes system backup / disaster recovery procedures and directs recovery operations in the event of destruction of all or part of the operating system or other system components. Ensures 24x7 after-hour support. Responsibilities : Researches, evaluates, and recommends software packages in support of system architecture needs. Defines specifications and requirements for software package modification and customizations. Plans, coordinates, and manages installation, maintenance, and modification of software packages. Participates in software package performance, troubleshooting, and problem resolution. Provides coordination with software vendors. Provide requirements and advises for software packages to end users, administrators and technical support personnel for hardware and network design, documentation, troubleshooting, and technical training. Participates in establishing departmental policy with regard to data definition, data relationships, database design, database implementation, database operation, database security, and data accessibility. Perform database planning, administration, data standards, database security, and database documentation for software packages. Reviews the feasibility and advisability of proposed additions and modifications to the database. Install and customize software and hardware in order to manage, monitor, and otherwise support an enterprise system. Performs monitoring of network, hardware, and storage capacity, through the implementation of an inventory management system. Designs and implements integrations of software packages. Consults with software vendors to evaluate software and hardware for enterprise network management. Defines and manages the configuration of data on network software and hardware components. Monitor all attached devices in a complex LAN environment, such as workstations, servers, bridges, and multi-station access units, including analyzing performance, diagnosing performance problems, and performing load balancing. Understands large scale multi-tenant software products supporting multiple government agencies. Understands large scale software integrations of multiple software products. Required Skills > 6 years of designing application architectures for state and/or federal agencies required, > 6 years of designing application architectures that include incorporating industry standards such as MITA 3.5, HIPAA, NIST, and other applicable standards required Excellent knowledge of systems software / hardware, networks and operating systems. Exceptional knowledge of processes and tools utilized for system management, problem reporting, change management and support tools. Must have knowledge of one or more of the following productsIBM Decision Center, IBM Decision Server, Software AG webMethods, Broadcom/Software AG API Gateway. Preferred Skills Undergraduate degree Experience supporting on-prem data center and cloud for State and/or Federal agencies. Preferred knowledge of one or more of the following productsDell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.

Job Description: Experience: At least 6 years in static code analysis/SAST (Static Application Security Testing), secure coding, and software development. Technical Skills: Proficiency in static code analysis tools (e.g., SonarQube, Veracode, Checkmarx) and experience with secure code review of multiple programming languages, including: Java Python .NET/C# C/C++ Code Review Skills: Ability to read and understand source code across various programming languages and tech stacks, troubleshoot false positives, and confirm genuine issues. Secure Coding Knowledge: Strong understanding of secure coding practices, including OWASP Top 10, SANS 25, and CWE, applicable to cloud and non-cloud environments. Communication and Collaboration Skills: Excellent communication and interpersonal skills, with the ability to: Effectively explain complex technical concepts to non-technical stakeholders Collaborate with developers across multiple teams to drive remediation efforts Facilitate training and awareness programs for developers Work independently and as part of a distributed team

Microservices Developer (Java, Spring Boot, AWS ROSA) Design, develop, and deploy Java Spring Boot-based microservices on AWS ROSA platform Leverage Kong API Gateway and KPI Management Platform for API governance, observability, and traffic control

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Spring Boot, Java Enterprise Edition, Microservices and Light Weight Architecture, Cloud Technologies Good to have skills : React.js Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. You will be responsible for creating efficient and scalable applications using Spring Boot and other relevant technologies. Your typical day will involve collaborating with the team to understand business needs, designing and implementing application features, and ensuring the applications meet quality standards and performance requirements. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work-related problems. Collaborate with the team to understand business needs and translate them into technical requirements. Design and develop high-quality software solutions using Java Enterprise Edition and Microservices architecture. Implement and maintain scalable and efficient applications using Spring Boot and Light Weight Architecture. Participate in code reviews to ensure code quality and adherence to best practices. Troubleshoot and debug application issues, identify bottlenecks, and propose solutions. Stay up-to-date with industry trends and technologies to continuously improve skills and knowledge. Assist in the deployment and maintenance of applications in production environments. Professional & Technical Skills: Must Have Skills:Strong Proficiency in Spring Boot, Java Enterprise Edition, Restful Services, Microservices and Light Weight Architecture. Must Have Skills:3+ years' experience in Java/functional programming with java 11+, Spring Boot, REST-API, Kotlin, GraphQL, grpc, Postman Must Have Skills:2+ years' experience and exposure to Applications Integration patterns, J2EE patterns, Microservices Patterns and Streaming Services Integrations [Like Kafka. MQSeries, RabbitMQ etc.), Caching Patterns and Frameworks Must Have Skills:Any Cloud Exposure with Knowledge of Dockers and Kubernetes Containers and Deployment exposure. Must Have Skills:Version Control Tools such as GitLab or similar, understanding of code branching strategies, deployment process including CI/CD exposure. Must Have Skills:Knowledge of Code Review Tools:SonarQube, PMD, Check Style, Veracode, Check Marx, OWASP-ZAP, Testing:JUnit, Mocking Frameworks, Postman or similar Nice to Have Skills:Front End Development Experience with React.js, JavaScript, including DOM manipulation, Object-Oriented concepts, design patterns. Additional Information: The candidate should have a minimum of 3 years of experience in Spring Boot. This position is based at our Bengaluru office. A 15 years full-time education is required. Qualifications 15 years full time education

Role Description The Engineer designs and develops application code, implements technical solutions, and configures applications in different environments in response to business problems. To meet the requirements of the business, the Engineer actively participates in the design and architecture of the application or its components, investigates and proposes appropriate technologies to be used, promotes re-usability of existing components and contributes to the creation of frameworks. Build reliability and resiliency into solutions through early testing, peer reviews and automating the delivery lifecycle. Engineer should have detailed understanding of professional software engineering and best practices for full SDLC including coding standards, code reviews, source control management, build processes, testing, and operation. Successful candidate should be able to work independently on medium to large sized projects with strict deadlines. Should be able to work in a cross-application, mixed-technical environment and must demonstrate solid hands-on development track record while working on an agile methodology. The role demands working along-side a geographically dispersed team. Your key responsibilities Employs agile development best practices and mind-set for design, architecture, coding, testing, managing source code, continuous delivery practices and quality reviews. Design and discuss your own solution for addressing user stories and tasks Develop and unit-test, Integrate, deploy, maintain and improve software Perform peer code review Actively participate into the squad activities and ceremonies e.g. daily stand-up/scrum meeting Apply continuous integration best practices in general (SCM, build automation, unit testing, dependency management) Collaborate with other squad members to achieve the Squad/Sprint objectives Report progress/update Agile team management tools (JIRA/Confluence) Manage individual task priorities and deliverables Responsible for quality of solutions the Candidate/Applicant provides Contribute to planning and continuous improvement activities, Support the PO, Analyst and Scrum Master Exposure to any unit testing framework (Junit/Mockito (Any Unit Test Frameworks). Should have experience of using source control and build tool like Git/Bitbucket, Maven etc. Excellent communication (Oral, Written) and teamwork skills. Experience with Continuous Integration and Continuous Deployment tools such as Jenkins and TeamCity are preferred Your skills and experience Minimum 5 years+ on professional software development experience using Big Data, Hadoop, Spark, Linux, Oracle, Java technologies. Experience in any cloud technologies. GCP preferrable. Strong understanding of technologies as under: Big Data, Hadoop, ETL tool Database Oracle, PL/SQL, SQL Server Automation Testing: JUnit, Mokito, Selenium Scripting: Python, Shell Scripts SCM: BitBucket Build Tools: Maven (Build Tool), ANT, Teamcity Practices: Code Quality, Sonar, Veracode, Security, DevOPS, Agile, CI & CD Scheduling: Control M SDLC Tools - JAMA, JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket Strong analytical skills. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organisations. Excellent team player and open-minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Knowledge of IT delivery and architecture including knowledge of Data Modelling and/or BA.

Job Summary We are seeking a skilled Analyst with 4 to 5 years of experience to join our team in a hybrid work model. The ideal candidate will have expertise in Kubernetes Docker YAML PowerShell Veracode SONARQUBE Ansible and GIT. Experience in Asset & Wealth Management is a plus. This role involves day shifts with no travel requirements. Responsibilities Manage and optimize containerized applications using Kubernetes and Docker to ensure seamless deployment and scaling. Develop and maintain infrastructure as code using YAML and Ansible to automate processes and improve efficiency. Implement and manage continuous integration and continuous deployment (CI/CD) pipelines using GIT to streamline development workflows. Utilize PowerShell scripts to automate routine tasks and enhance system performance. Conduct security assessments using Veracode and SONARQUBE to identify vulnerabilities and ensure compliance with industry standards. Collaborate with cross-functional teams to integrate security practices into the software development lifecycle. Analyze and interpret data to provide actionable insights that drive business decisions and improve operational efficiency. Support the Asset & Wealth Management domain by leveraging technical skills to enhance system capabilities and performance. Troubleshoot and resolve technical issues promptly to minimize downtime and maintain service quality. Document processes and procedures to ensure knowledge sharing and continuity within the team. Stay updated with the latest industry trends and technologies to continuously improve skills and contribute to innovation. Provide technical guidance and support to team members to foster a collaborative and productive work environment. Contribute to the companys purpose by ensuring the delivery of high-quality secure and efficient solutions that positively impact society. Qualifications Possess strong expertise in Kubernetes Docker YAML PowerShell Veracode SONARQUBE Ansible and GIT. Demonstrate experience in Asset & Wealth Management is advantageous. Exhibit excellent problem-solving skills and the ability to work collaboratively in a hybrid work model. Show proficiency in automating processes and improving system performance through scripting and coding. Have a keen understanding of security practices and compliance standards in software development. Display effective communication skills to articulate technical concepts to non-technical stakeholders. Maintain a proactive approach to learning and adapting to new technologies and industry trends.

: Job TitleActimize Engineer, AVP LocationPune, India Role Description Technical Lead Anti Financial Crime (AFC) Case Management System Actimize & SAM What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Contributes and identifies and ensures server environments and deployment architecture Individual should be working on Acimize hands on AML, SAM, & Actone Case Management Solution Good understanding of hardware and software components, servers, code quality, security, etc. Hands on development as necessary to fill into coding, scripting, release management, software maintenance, etc. Ensures architectural changes (as defined by Architects) are implemented. Provides Level 3 support for technical infrastructure components (i.e., databases, middleware and user interfaces). Contributes to problem and root cause analysis. Integrates software components following the integration strategy. Verifies integrated software components by unit and integrated software testing according to the software test plan. Software test findings must be resolved. Ensures that all code changes end up in Change Items (CIs). Where applicable, develops routines to deploy CIs to the target environments. Supports creation of Software Product Training Materials, Software Product User Guides, and Software Product Deployment Instructions. Fixes software defects/bugs, measures and analyses code for quality. Collaborates with colleagues participating in other stages of the Software Development Lifecycle (SDLC). Identifies dependencies between software product components, between technical components, and between applications and interfaces. Identifies product integration verifications to be performed based on the integration sequence and relevant dependencies. Exposure to leading cloud solutions such as GCP, AWS would be an added advantage. Good understanding of infrastructure coding tools such as Chef, Terraform etc. Well verged with Networking concepts such as subnetting and firewalls Your skills and experience Strong understanding of technologies as under: VTL, JavaScript, AIS 4.29, ERCM 5.14 SQL ,Linux Automation BDD Cucumber ScriptingPython, Shell Scripts Server TechApache, Tomcat SCMBitBucket, Github Build ToolsTeamcity PracticesCode Quality, Sonar, Veracode, Security, DevOPS, Agile, CI & CD SchedulingControl M SDLC Tools - JAMA, JIRA, Sonar, Veracode /JFrog, TeamCity, BitBucket, ALM etc. 10+ Years of technology experience, continuous hands-on coding exposure, and ability to drive solutions At least 7 + Exp working on Actimize, AML, SAM & Fraud Solution Strong analytical skills. Proficient communication skills. Fluent in English (written/verbal). Ability to work in virtual teams and in matrixed organisations. Excellent team player and open minded approach Keeps pace with technical innovation. Understands the relevant business area. Ability to share information, transfer knowledge and expertise to team members. Ability to design and write code in accordance with provided business requirements Knowledge of IT delivery and architecture including knowledge of Data Modelling and/or BA. Experience with Test Driven Development (TDD) or Behavior Driven Development (BDD). Experience with unit and/or integration test tool chains and frameworks. (e.g. Wiremock, Mockito, PowerMock, Jasmine, Protractor etc.). Relevant Financial Services experience. Ability to work in a fast paced environment with competing and alternating priorities with a constant focus on delivery. Ability to balance business demands and IT fulfilment in terms of standardisation, reducing risk and increasing IT flexibility. Strong Actimize understanding with technical expertise and knowledge of below technologies Exposure to other technologies like UNIX, Job Scheduling (ExpControl-M) etc. Candidate is expected to have high desire to learn new technologies and implement various solutions in fast paced environment. Education Bachelor of Science degree from an accredited college or university with a concentration in Computer Science or Software Engineering (or equivalent) with a minor in Finance, Mathematics or Engineering. How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. - Grade Specific Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Skills (competencies) Verbal Communication

Databuzz is Hiring for DevSecOps Engineer-4+yrs-PAN India-Hybrid Please mail your profile to haritha.jaddu@databuzzltd.com with the below details, If you are Interested. About DatabuzzLTD: Databuzz is One stop shop for data analytics specialized in Data Science, Big Data, Data Engineering, AI & ML, Cloud Infrastructure and Devops. We are an MNC based in both UK and INDIA. We are a ISO 27001 & GDPR complaint company. CTC - ECTC - Notice Period/LWD - (Candidate serving notice period will be preferred) Position: DevSecOps Engineer Location: PAN India(Hybrid) Exp -4+ yrs Mandatory skills : A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming Strong passion and thorough understanding of what it takes to build and operate secure reliable systems at scale Strong passion and technical expertise to automate security functions via code Strong technical expertise with Application Cloud Data and Network Security best practices Strong technical expertise with multicloud environments including containerserverless and other microservice architectures Strong technical expertise with older technology stacks including mainframes and monolithic architectures Strong technical expertise with SDLC CICD tools and Deployment Automation Strong technical expertise with operating security for Windows Server and Linux Server systems Strong technical expertise with configuration management version control and DevOps operational support Strong experience with implementing security measures for both applications and data with an understanding of the unique security requirements of data warehouse technologies such as Snowflake Regards, Haritha Talent Acquisition specialist haritha.jaddu@databuzzltd.com

Job Title: Application Security Engineer SAST & DAST Experience Required: 3 to 8 Years Location: Hyderabad / Bangalore / Chennai / Mumbai / Pune / Kolkata / Gurgaon Mode of Interview: MS Teams (12 rounds) Notice Period: 0 to 30 Days Job Overview: We are looking for an experienced Application Security Engineer specializing in SAST & DAST to join our growing team. The ideal candidate will be responsible for integrating security throughout the software development lifecycle (SDLC), implementing and managing security tools, and driving security best practices across the organization. Key Responsibilities: Implement and manage application security testing activities throughout the development, deployment, and maintenance phases. Perform Static Application Security Testing (SAST) using tools like Checkmarx and Fortify . Execute and manage Dynamic Application Security Testing (DAST) tools such as AppScan and WebInspect . Conduct secure code reviews in languages including Java, .NET, Swift, Objective-C . Integrate security tools in DevOps pipelines and CI/CD environments (e.g., Jenkins, TeamCity, Bamboo, Chef, Puppet). Apply OWASP Top 10 , SANS Secure Coding Practices , and Security Engineering Principles during development and assessment. Analyze, triage, and report vulnerabilities using CVSS scoring and determine business impact. Perform penetration testing for web, mobile, and desktop applications. Implement mobile security testing techniques, including bypassing SSL pinning , root detection , reverse engineering , and manifest analysis . Work with containerized environments such as Docker and Kubernetes . Utilize at least one scripting language (e.g., Python, Bash, PowerShell) for automation or security tooling. Required Skills & Experience: Strong experience with SAST and DAST tools (Checkmarx, Fortify, AppScan, WebInspect) Familiarity with OWASP Top 10 , secure coding practices, and vulnerability remediation Proficient in secure code review for Java, .NET, Swift, Objective-C Solid understanding of DevSecOps practices and security toolchain integration Hands-on experience with CI/CD tools (Jenkins, TeamCity, Bamboo, etc.) Experience with container security in Docker/Kubernetes environments Knowledge of CVSS scoring and vulnerability risk assessment Understanding of mobile application security techniques and concepts Experience with scripting in Python, Bash, or equivalent Preferred Qualifications: Security certifications (e.g., CEH, OSCP, GWEB, GWAPT, Security+ ) Exposure to cloud environments (AWS, Azure, GCP) from a security standpoint Familiarity with automated testing tools like Selenium Experience working in Agile and DevOps environments Interested Candidates can share your updated resume to subashini.gopalan@kiya.ai

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

About The Role : Job TitleDevOps Engineer, VP LocationPune, India Role Description Corporate Banking (CB) is a technology centric business, with an increasing move to real-time processing, an increasing appetite from customers for integrated systems and access to supporting data. At CB Platform Automation Tooling team, we develop and manage CI/CD, monitoring, and various automation solutions as a service, running thousands of builds daily for more than 90 development teams across the Corporate Bank division of Deutsche Bank. Our environment currently relies on Linux-based stack, open-source tools such as Jenkins, Helm, Ansible, Docker/Podman, as well as other popular tools like OpenShift and Terraform. We're scaling globally to fit our customer needs our engineering team expands and will now be distributed over three Deutsche Bank Technology Centers in US, Germany, and India. As a DevOps/Platform Engineer, you will be responsible for designing, implementing, and supporting reusable engineering solutions, as well as building and promoting a strong engineering culture. Deutsche Banks Corporate Bank division is a leading provider of cash management, trade finance and securities finance. We complete green-field projects that deliver the best Corporate Bank - Securities Services products in the world. Our team is diverse, international, and driven by shared focus on clean code and valued delivery. At every level, agile minds are rewarded with competitive pay, support, and opportunities to excel. You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities What Youll Do Develop, maintain, and continuously improve the shared CI/CD, automation, and monitoring components keeping focus on quality and user experience Perform the engineering assessments of the platform users' pipelines and approaches Contribute to introduction of modern industry practices into the teamwork and promoting them among the development teams Assist the development teams with their ongoing activities, issues, and adopting our solutions Take the long-term responsibility for your tools and projects, contribute to their sustainable development, testing, and maintenance Your skills and experience Skills Youll Need Deep understanding of common development tasks and problems. Background in Development, Quality Assurance, or SRE is a plus Solid technical background in software development processes and hand-on experience with the tools that we use: Application developmentSpring Boot, Kotlin/Java VCSGit, Bitbucket, GitHub CI/CDJenkins, TeamCity, GitHub Actions Build toolsJib, Maven, Gradle, NPM DevSecOpsSonarQube, JFrog Xray, Veracode Deployments, configuration, and infrastructure managementDocker, Helm, Ansible, Terraform, Liquibase Monitoring & SREPrometheus, Grafana, New Relic, Splunk ScriptingGroovy, Python Hands-on experience with container-based environments (Minikube, Kubernetes, OpenShift). Knowledge of GCP is a plus Strong communication and collaboration skills, readiness to take ownership of your tasks Proactive mindset, attention to details, and constant wish to improve Expectations It is the Banks expectation that employees hired into this role will work in the Cary office in accordance with the Banks hybrid working model. Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Role : Product Security Architect Responsibilities Prepare, publish, and institutionalize security best practices and guidelines across products Ensure adoption and compliance, Review product security requirements and security design documentation Participate in reviews throughout the product development cycle, Provide solutions for vulnerabilities and ensure reusable solutions are available across products Work with Product Security Champions to mitigate or document vulnerabilities and obtain exceptional approvals if necessary, Conduct threat modeling design reviews and signoffs Help mitigate WAF blockers during UAT/Production phases and work with Product Security Champions for product fixes, Maintain product-wise scanning status reports and conduct periodic audits on security processes followed by product development teams, Evaluate tools, technologies, and processes needed for secure product development as part of DevSecOps Continuously improve product security and processes, Review third-party products and work with the Externally Obtainable Product (EOP) review team for approvals, Provide training and coaching on best practices, WAF analysis, and threat modeling to Product Security Champions Knowledge, Skills And Abilities 10-18 years of hands-on experience as a Software Architect with Dot net , RDBMS and full stack application design and development Good knowledge of OWASP and other industry standards, Extensive experience working as Product Security Architect with software engineering experience Good knowledge of cloud security architecture, design , Cloud-Native Security, Cloud Security Posture Management , Data Security in the Cloud (Advanced Concepts),Zero Trust Architecture in the Cloud,Multi-Cloud and Hybrid Cloud Security,Security for AI/ML in the Cloud Good knowledge of OS, network security, firewalls, routers, IDS/IPS, data encryption, and related tools/technologies, Build application security architecture for products/services developed using containers Knowledge of containers, network isolation, secure engineering practices, and identity and access management is preferred, Experience using tools such as Veracode, Acunetix, Sonarqube and others Provide solutions for managing these DAST, SAST and Pen Test vulnerabilities, Experience with Azure Cloud and Azure DevOps, CI/CD integrations Understanding and Implementing the Security Shift Left Concept Job Requirements Bachelors Degree in computer science, Information Science, Software Engineering, or related discipline, or equivalent work experience, Minimum of 10+ years of software development experience and 5+ years of experience as Software Architect with deep knowledge on Product Security Preferred to have Industry industry-recognized Security certification such as CCSP, CASP etc Preferred to have any industry certification on Security Preferred to have healthcare industry experience

About The Role Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. About The Role - Grade Specific Core Java 5 years + core java experience essential. Spring experience essential . SQL Server 2y + preferred. Linux preferred Java Springboot Microservices java 8, Spring Boot, Spring Framework, Rest API, SOAP API, JPA Strong experience with Restful/Rest API Working knowledge of ORM Framework (Preferred Hibernate) Understanding of Microservice Architecture and design principles. Sonar/Sonarqube, Veracode and Prisma knowledge is plus Understanding of Docker and Docker Container. Experience with Agile tools & technologies (Scrum, JIRA, and Confluence) Working with NoSQL Databases is a plus Experience with DevOps CICD is preferred. Skills (competencies) Verbal Communication

Position 1: Consultant - MAST Vanguard Requirements: Mandatory technical & functional skills •Strong knowledge on manual secure code review against common programming languages (Java, C#) •Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. •Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs •Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. •Preferred one year of experience in development of web applications and/or APIs. •should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. •One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following a plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation