34+ Web application security Jobs in India
Apply to 34+ Web application security Jobs on CutShort.io. Find your next job, effortlessly. Browse Web application security Jobs and apply today!
Roles & Responsibilities:
· Collaborate closely with clients to understand their requirements, goals, and any gaps.
· Lead the planning, prioritization, design, development, and deployment of projects.
· Possesses in-depth knowledge and expertise in Workday HCM and Workday Security.
· Support existing security setup and create/update security assignments as needed.
· Act as a subject matter expert for Workday Security and provide guidance to clients and colleagues.
· Stay updated with the latest industry trends and developments in the HCM area and understands how roles and responsibilities drive access to the system.
· Collaborate with sales and business development teams to identify new opportunities and contribute to proposal development.
· Utilize your business knowledge and expertise to identify opportunities for technical improvements.
· Work with colleagues across various domains to deliver results and take ownership of both individual and team outcomes.
· Recognize and embody our purpose and values, applying them in your projects and client interactions.
· Foster relationships and communicate effectively to positively influence peers and stakeholders.
Qualification & Experience:
- At least 3 years of hands-on experience in configuring in Workday HCM and Security.
- Proactive approach to identifying and addressing security vulnerabilities.
- Deep understanding of Workday Platform, including HCM and other HR modules.
- Big plus if you have worked on Workday Financial domain security as well.
- Ability to work with HR, finance, and IT teams to align security solutions with business needs.
- Strong professional communication skills, both written and verbal.
- Ability to work effectively in a team-oriented environment.
- Proven ability to establish relationships with stakeholders and internal teams.
- Excellent attention to detail and follow-through.
Director of Technology
Role Summary:
As a Technical Director at IntraEdge, you will be at the forefront of leading our technology teams, providing expert guidance and support across multiple projects. This role is crucial for recruiting top talent, ensuring technical excellence, and staying abreast of industry trends. Your expertise will also significantly contribute to our pre-sales efforts, showcasing our technical capabilities to potential clients.
Key Responsibilities:
- Mentor and lead multiple technology teams, helping resolve complex technical challenges.
- Participate in final round interviews to assess and secure top-tier talent.
- Research and implement new technological patterns and strategies.
- Stay updated with the latest industry trends to enhance our technological offerings.
- Support pre-sales activities by articulating technical strategies and solutions to prospective clients.
Qualifications:
- Proven experience in technical leadership and team management.
- Must have at-least 7+ years of experience in Software Development
- Must have 3+ years experience of exposure working for a Startup or a Startup environment.
- Strong recruiting and talent assessment skills.
- Must have experience or at least a strong awareness of technology trends in a broad range of areas including, but not limited to: Web & API Development, Data Engineering, Mobile Development, Quality Assurance, AI Development, Cloud Native Development, Infrastructure as Code, Microservices Architecture, Serverless Application Development, Infrastructure & Application Security.
- Excellent understanding of current technology trends and patterns.
- Hands-On experience in 2 or more programming language.
- Strong communication skills, capable of effectively articulating technical and non-technical concepts to various stakeholders.
- Effective communication and pre-sales skills.
Desired Skills:
- Strategic thinker with a knack for innovation.
- Able to motivate and drive technology teams towards achieving exceptional performance.
- Comfortable working in a dynamic, fast-paced environment.
About Intraedge: https://intraedge.com/
Intraedge is a Technology, Products and Learning Organization, It was founded in 2002 with offices in the US, India, Europe, Canada, and Singapore. We provide our clients with the resources and expertise to enhance business performance through technology.
About us
Astra is a cyber security SaaS company that makes otherwise chaotic pentests a breeze with its one of a kind Pentest Platform. Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 8300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to DevSecOps with Astra's CI/CD integrations.
Astra is loved by 650+ companies across the globe. In 2023 Astra uncovered 2 million+ vulnerabilities for its customers, saving customers $69M+ in potential losses due to security vulnerabilities.
We've been awarded by the President of France Mr. François Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security. Loom, MamaEarth, Muthoot Finance, Canara Robeco, ScripBox etc. are a few of Astra’s customers.
Role Overview
As an SDE 2 Back-end Engineer at Astra, you will play a crucial role in the development of a new vulnerability scanner from scratch. You will be architecting & engineering a scalable technical solution from the ground-up.
You will have the opportunity to work alongside talented individuals, collaborating to deliver innovative solutions and pushing the boundaries of what's possible in vulnerability scanning. The role requires deep collaboration with the founders, product, engineering & security teams.
Join our team and contribute to the development of a cutting-edge SaaS security platform, where high-quality engineering and continuous learning are at the core of everything we do.
Roles & Responsibilities:
- You will be joining our Vulnerability Scanner team which builds a security engine to identify vulnerabilities in technical infrastructure.
- You will be the technical product owner of the scanner, which would involve managing a lean team of backend engineers to ensure smooth implementation of the technical product roadmap.
- Research about security vulnerabilities, CVEs, and zero-days affecting cloud/web/API infrastructure.
- Work in an agile environment of engineers to architect, design, develop and build our microservice infrastructure.
- You will research, design, code, troubleshoot and support (on-call). What you create is also what you own.
- Writing secure, high quality, modular, testable & well documented code for features outlined in every sprint.
- Design and implement APIs in support of other services with a highly scalable, flexible, and secure backend using GoLang
- Hands-on experience with creating production-ready code & optimizing it by identifying and correcting bottlenecks.
- Driving strict code review standards among the team.
- Ensuring timely delivery of the features/products
- Working with product managers to ensure product delivery status is transparent & the end product always looks like how it was imagined
- Work closely with Security & Product teams in writing vulnerability detection rules, APIs etc.
Required Qualifications & Skills:
- Strong 2-4 years relevant development experience in GoLang
- Experience in building a technical product from idea to production.
- Design and build highly scalable and maintainable systems in Golang
- Expertise in Goroutines and Channels to write efficient code utilizing multi-core CPU optimally
- Must have hands-on experience with managing AWS/Google Cloud infrastructure
- Hands on experience in creating low latency high throughput REST APIs
- Write test suites and maintain code coverage above 80%
- Working knowledge of PostgreSQL, Redis, Kafka
- Good to have experience in Docker, Kubernetes, Kafka
- Good understanding of Data Structures, Algorithms and Operating Systems.
- Understanding of cloud/web security concepts would be an added advantage
What We Offer:
- Adrenalin rush of being a part of a fast-growing company
- Fully remote & agile working environment
- A wholesome opportunity in a fast-paced environment where you get to build things from scratch, improve and influence product design decisions
- Holistic understanding of SaaS and enterprise security business
- Opportunity to engage and collaborate with developers globally
- Experience with security side of things
- Annual trips to beaches or mountains (last one was Chikmangaluru)
- Open and supportive culture
At ISA ERP, we develop highly inventive ERP and decision-support Software to enhance productivity and address the challenges faced by global manufacturers due to the dynamically changing market. We embrace an inquisitive mindset, provide freedom to experiment, and encourage the acquisition of new skills. This offer is only for those who would not spare any pains to grow, innovate, and derive satisfaction by contributing significantly.
BD Software Distribution Pvt. Ltd. is a leading Value Added Distributor (VAD) in the Indian market, offering industry-leading consumer, SMB, and Enterprise-level solutions. We are the Country Partner for top brands in the cybersecurity industry, including Bitdefender. With a strong partner network and technical expertise, we provide comprehensive protection against malware and cyber threats to government organizations, businesses, and consumers. With over 750,000 users in India, we are committed to helping achieve cyber peace.
Job Overview
We are seeking a Renewal Specialist to join our team at BD Software Distribution Pvt. Ltd. This role involves managing the renewal process for our software solutions and ensuring customer satisfaction. The ideal candidate should have 1 to 3 years of experience in a similar role, strong communication skills, and a customer-centric approach. This is a full-time position based in Navi Mumbai, Maharashtra, India.
Qualifications and Skills
1 to 3 years of experience in a Renewal Specialist or similar role
Strong understanding of software solutions and the renewal process
Excellent communication and interpersonal skills
Customer-centric approach with a focus on delivering high-quality service
Ability to build and maintain relationships with customers
Strong problem-solving and negotiation skills
Ability to work collaboratively in a cross-functional team environment
Proficiency in CRM software and MS Office
Attention to detail and strong organizational skills
Roles and Responsibilities
Manage the renewal process for software solutions, ensuring timely renewals and customer satisfaction
Develop and maintain strong relationships with customers, understanding their needs and addressing any inquiries or issues
Provide product knowledge and recommendations to customers, ensuring they are maximizing the value of our solutions
Collaborate with internal teams, including Sales and Support, to achieve renewal targets and resolve customer concerns
Track and monitor customer accounts, identifying opportunities for upselling and cross-selling
Prepare and present reports on renewal activities, highlighting trends, challenges, and opportunities
Stay up-to-date with industry trends and competitive landscape to contribute to product enhancements and market positioning
Maintain accurate and updated customer information in the CRM system
Sr. Offensive Security Engineer:
Security engineers at Egnyte are involved in every stage of the SDLC pipeline to highlight security vulnerabilities and provide expert advice on reducing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.
We’re looking for a senior engineer who’s well-rounded in terms of application security and has in-depth expertise in offensive security/red teaming focused on product security.
You will be working closely with other security engineers will enable you to develop your expertise in a wide range of areas of your choosing.
To excel at this role, you need to be passionate about and proficient in hacking. We’re looking for someone who loves breaking into systems and is happy to help secure them by collaborating with software engineers by sharing expertise and providing actionable advice on remediation of identified issues.
WHAT YOU’LL DO:
- Perform high-quality penetration tests of Egnyte applications independently, or as part of a team
- Designing comprehensive plans for the security engagements and thoroughly documenting findings, gaps, and remediation recommendations
- Contributing to team tooling, innovation, and improvements
- Communicating and collaborating with other teams, product owners, engineering managers, and leadership to influence, prioritize, and drive the resolution of discovered security findings
YOUR QUALIFICATIONS:
- 5+ years of experience in a penetration testing or similar offensive security role
- 5+ years of professional experience with security engineering practices, including: web application security, mobile application security, authentication and authorization and other security disciplines
- 3+ years of experience with dynamic and manual code auditing to identify security issues
- 3+ years of experience with interpreted or compiled languages (e.g. Python, Java)
- Experience with threat modeling, design review, or other threat analysis techniques
Bonus points:
- Experience with mobile application penetration testing
- Knowledge of cloud service providers, especially Google Cloud
- Experience in various security domains (e.g. system and network security, authentication and security protocols, cryptography, application security, incident response)
- Experience in developing security tooling and automation
- Experience in CTFs, CVE research, and/or Bug Bounty programs
Job Responsibilities:
- Server Monitoring: Monitor server performance and respond to alerts promptly. Troubleshoot and resolve system and network issues.
- Server Disk Cleanup: Regularly analyze and clean up server storage to optimize performance and resource allocation.
- Deployment of New Linux Instances: Create and configure new Linux server instances based on project requirements. Ensure proper security measures and updates during deployment.
- DNS Management: Manage DNS records, domains, and configurations for internal and external services.
- Backing up/Archiving Logs: Implement backup and archiving strategies for server logs to maintain data integrity and facilitate auditing.
- MySQL Backups: Create and manage automated backups of MySQL databases to ensure data integrity. Develop disaster recovery plans.
- System Administration Strategies: Develop and implement system administration strategies to enhance server performance, security, and scalability. Stay updated with industry best practices and emerging technologies
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
- Proven experience as a Linux Administrator or similar role (5+ years).
- Proficiency in Linux server administration (CentOS, Ubuntu, etc.).
- Strong knowledge of: Server monitoring tools (e.g., Nagios, Zabbix). Configuration management tools (e.g., Ansible, Puppet). Virtualization and containerization (e.g., Docker, Kubernetes). DNS management (e.g., BIND, AWS Route 53). Backup solutions (e.g., Bacula, AWS Backup). Log management and analysis (e.g., ELK Stack, Graylog). Database administration (e.g., MySQL, MariaDB). Security best practices and firewall configuration. Scripting languages (e.g., Bash, Python). Version control systems (e.g., Git). Cloud platforms (e.g., AWS, Azure, Google Cloud). Monitoring and alerting tools (e.g., Grafana, Prometheus). Networking concepts (TCP/IP, routing). System administration strategies and documentation. Excellent problem-solving skills and the ability to work independently.
- Strong communication and teamwork skills.
Experience Required: 5 -10 yrs.
Job location: Sec-62, Noida
Work from office (Hybrid)
Development Platform: Backend Development- Java/J2EE, Struts, Spring, MySQL, OWASP
Job Brief:
Requirements:
· 5+ years of experience in developing distributed, multi-tier enterprise applications, APIs.
· Fully participated in several major product development cycles.
· Solid background in design, OOP, object, and data modelling.
· Deep working knowledge of Java, Struts,Spring, Relational Database.
· Experience in design and implementation of service interface and public APIs.
· Actively involved/writing codes in current project.
· Development knowledge and experience of working with AWS, Azure etc. will be an added plus.
· Clear Understanding and Hands on experience on OWASP Top 10 Vulnerability standards like XSS, CSRF, SQL injection, session hijacking, and authorization bypass vulnerabilities.
· Find and resolve the security concerns on the product/application.
· Good Documentation, reporting, Strong communication, and collaboration skills with various levels of executives from top management to technical team members across the organization.
· Strong self-starter who can operate independently.
at Upswing Financial Technologies Private Limited
As part of the Cloud Platform / Devops team at Upswing, you will get to work on building state-of-the-art infrastructure for the future. You will also be –
- Building Infrastructure on AWS driven through terraform and building automation tools for deployment, infrastructure management, and observability stack
- Building and Scaling on Kubernetes
- Ensuring the Security of Upswing Cloud Infra
- Building Security Checks and automation to improve overall security posture
- Building automation stack for components like JVM-based applications, Apache Pulsar, MongoDB, PostgreSQL, Reporting Infra, etc.
- Mentoring people across the teams to enable best practices
- Mentoring and guiding team members to upskill and helm them develop work class Fintech Infrastructure
What will you do if you join us?
- Write a lot of code
- Engage in a lot of cross-team collaboration to independently drive forward infrastructure initiatives and Devops practices across the org
- Taking Ownership of existing, ongoing, and future initiatives
- Plan Architecture- for upcoming infrastructure
- Build for Scale, Resiliency & Security
- Introduce best practices wrt Devops & Cloud in the team
- Mentor new/junior team members and eventually build your own team
You should have
- Curiosity for on-the-job learning and experimenting with new technologies and ideas
- A strong background in Linux environment
- Must have Programming skills and Experience
- Strong experience in Cloud technologies, Security and Networking concepts, Multi-cloud environments, etc.
- Experience with at least one scripting language (GoLang/Python/Ruby/Groovy)
- Experience in Terraform is highly desirable but not mandatory
- Experience with Kubernetes and Docker is required
- Understanding of the Java Technologies and Stack
- Any other Devops related experience will be considered
at Foxit eSign Genie
Application Security Engineer
About us:
Foxit is remaking the way the world interacts with documents through advanced PDF and digital signature technology. We are a leading global software provider of fast, affordable, and secure PDF and digital signature solutions that are used by millions of people worldwide. Winner of numerous awards, Foxit has customers in more than 200 countries and global operations. We have a complete product line and an exciting and aggressive development schedule. Our proven PDF and digital signature technology is disrupting the status quo establishment and has accelerated our company growth. We are proud to list as customers Google, Amazon, and NASDAQ, and with your skills and help, we plan to add many more. Foxit has offices all over the world, including locations in the US, Asia, Europe, and Australia.
For more information, please visit https://www.foxit.com/
You would be working for the product Foxit eSign, India office which is registered with the name of eSign Genie Software Private Limited.
Job Brief
- Review Software applications for potential security vulnerabilities by conducting application security reviews i.e., Requirements review, Design review, Code Review.
- Clear Understanding and Hands on experience on OWASP Top 10 Vulnerability standards like XSS, SQL injection, session hijacking, and authorization bypass vulnerabilities.
- In-depth research on Web security, familiar with the origin of various Web security problems and solution, having a tracking of Security threats of network.
- Expertise in testing web application vulnerabilities and Network related vulnerabilities.
- Practical understanding and use of commercial application security tools
- Knowledge of the Vulnerability Fixations.
- Hands on development using Java / J2EE
- Solid understanding and experience with establishing application security policies across an organization.
- Good Documentation, reporting, Strong communication, and collaboration skills with various levels of executives from top management to technical team members across the organization.
- Strong self-starter who can operate independently.
What we offer you
- The chance to contribute to the creation of a sophisticated and appealing product, built from scratch with a fresh, global team!
- A fast, flexible, and rewarding incubator-like environment but with the solidity and seriousness of large and stable company in the background
- Be part of the exquisite team that will shell out the next big Foxit product all eyes on us!
- A Pluralsight subscription
- Competitive remuneration package
About us:
HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.
We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.
To know more, Visit! - https://www.happyfox.com/
Responsibilities:
- Perform manual and automated application penetration tests and provide suggestions to harden our products
- Participate regularly in the development and release process to identify and report security vulnerabilities in the code being shipped
- Conduct regular audits on all Features/APIs of the product and reports vulnerabilities to the development team
- Keep up with industry trends in the security space
- Triage inbound vulnerability reports with an appropriate level of urgency and track them until they are resolved by Engineering teams
- Should be able to understand different elements of our NodeJS, Python and similar stacks and provide guidance on secure software development practices to the team
- Scale our application security engineering team
Requirements:
- Strong verbal and written communication skills
- Has worked on Web Application Security Testing for a reasonably complex application. The mobile experience is a plus
- Good knowledge of secure software development guidelines from authoritative bodies like NIST, OWASP, SANS
- Hands-on experience in performing manual/automated security assessments with open-source/commercial security tools
1. Perform security assessment of web applications, Android, iOS mobile applications, Source Code Review
2. In-depth knowledge of security vulnerabilities not just limited to OWASP Top 10
3. False Positive removal and manual application testing
4. Working exp of Python, Java, .Net etc
5. Experience of using MF Fortify is a must
6. Proactively identify vulnerabilities and recommend fixes
7. Ownership of the tasks, Adapt to technologies/languages/platforms/frameworks of the time
8. Experience in using security tools to carry out manual as well as automated security assessments
9. Experience working with common product flows like payment gateway integration, authentication etc.
10. Client handling exp
11. Should be able to address client queries, work on proposals etc
12. Independent, self-motivated and comfortable working in a fast-paced environment with teams ranging from product to engineering teams
Primary Responsibilities
Cognitio Analytics is looking for a Lead Application Developer, driven by innovation and a desire to make a difference. We are seeking a clever, dedicated development lead who enjoys what they do, likes leading and working with teams, is curious with new ideas; someone who can appropriately apply technology to solve problems and provide services to our clients.
Duties include working in a professional environment with a team of developers, data engineers, data scientists, business analysts, and product owners. The ability to effectively lead teams that are fiercely focused on client service, innovation, and delivering products that create and capture value is required. Successful candidates will be able to lead development projects, plan and design solutions with heavy focus on data integration and Azure cloud capabilities and analysis methods needed to support project goals.
Core Skills
- Communication. Ability to share your ideas and lead overall development activities in a collaborative environment
- Problem solving. Knowing how to make a task easier, more maintainable and stable
- Curiosity. Knowing what’s on the horizon in cloud capabilities and web development and when to use it
- Adaptability. Able to quickly learn and adapt to new technologies
- Ability to manage a complex range of tasks and meet deadlines
- Understanding and application of the agile development lifecycle
Required Qualifications
- Bachelor’s in Computere Science or related experience
- Practical web & application development experience
- Full Stack Web development skills and experiences
- An attitude and commitment to being an active participant of our employee-owned culture is a must
Preferred Qualifications – experience with a few of the following is a plus:
- Minimum of eight (8) years’ experience in software development;
- Experience with agile development practices through Azure Dev/Ops
- JavaScript (including ES6), HTML, and CSS(SASS/LESS);
- Responsive web design and UI frameworks (Bootstrap, Foundation, etc.)
- JavaScript frameworks ( React, etc.);
- Experience with server-side technologies (.NET, NodeJS, etc.);
- RESTful web services;
- Cloud computing - Azure
- Unit testing and continuous integration and deployment
Our client is software services company based in Bangalore
- Document technical and functional specifications
- Perform unit testing of objects/ solutions created
- Perform configuration, integration, and personalizations in Oracle HCM EBS/Cloud
- Work in a functional and technical capacity and analyze business requirements, design, develop and deploy solutions
- Excellent troubleshooting, analytical and problem-solving skills
- Explore & investigate the client's pain areas, extend the scope, and keep the client satisfied
Experience and Skills:
- Minimum a Bachelor’s degree.
- 3 to 10 years of experience as an Oracle HCM Techno-Functional Consultant
- 30% Functional and 70% Technical
- Strong experience in core HR, Payroll, Fast Formula, OTL and SSHR
- Should have expertise in Oracle HCM Cloud advanced tools such as HCM Extracts, HDL, PBL, BI Publisher, OTBI, Application Security, Page Composer, Page Configurator, REST APIs, SOAP, Webservices
- Able to provide strong leadership to develop best practices for effective Techno functional support for the enterprise business process area
- Good communication skills
- In-depth knowledge of the business process and capability to understand business requirements.
and GRC Technology Automation
Operations and Technical Advice
Monitoring applications over WAF for Security incidents (24*7 Service Window)
WAF Implementation, and Day-to-Day Task ,Application Integration, Testing ,Learning ,Blocking , Migrations.
Application Security Understanding,Creating, modifying, or implementing policies or rules.
Add, remove, and modify, update security policy parameters and attack signatures policies as per Airtel Africa business requirement and standard practices
Understanding of Network Protocol
Hand-on Packet Capture /Analyser
Perform WAF signature & hotfix updates.
Quarterly review the created Policy/Rule with Client
Respond to Ticket management tool requests for WAF Incidents, Changes, and Services.
Coordinate with OEMs for product related issues and bugs
Integrate SIEM & monitoring tool with WAF virtual appliances
Upgrading the Radware OS version from N to N-1 shall be considered based on the criticality of discovered vulnerabilities during the VA scan.
Assist the Client team in mitigating vulnerabilities or observations reported during security audits, VA&PT, and regulatory technology audits (internal, external, and concurrent) for and in WAF
Analyse security breaches, make required changes/additions, and report RCA for any WAF security incident
Support Window 24X7 ,
Desired Skills |
To have skills: · Proven technical expertise in cyber security domains, i.e. endpoint security, application security testing. · Knowledge and experience in public cloud solutions. · Knowledge on network security, networking concepts and architectural implementations. · Knowledge on vulnerability testing and define proper remediation’s. · Shell scripting experience - Shell/Bash/Python. · Working experience of Linux operation.
Desire to have skills: · One or more of the following cyber security certifications: CEH, CISSP, OSCP, SSCP CCSP. · Excellent problem solving, and follow-up skills. · Ability to convey technical security concepts to non-technical audiences. |
About Drip Capital & Tech Team
The engineering team at Drip Capital is responsible for building and maintaining the online global trade financing platform that supports the interactions between buyers, sellers, financing partners, insurance agents, global retail partners, trade agents, shipping & transportation companies, supply chain and warehousing companies worldwide.
Our primary goal is to ensure that customers are provided time-critical capital and at the same time balance requirements related to risk, fraud management, and compliance. The services are accessed by customers worldwide and hence the engineering systems need to be policy-driven, easily reconfigurable, and able to handle multiple regional languages. We use machine learning for risk classifications/predictions, intelligent document parsing subsystems, robotic process automation, REST APIs to connect our microservices, and a cloud-based data lake and warehouse for data storage and analysis.
Our team comprises talent from top-tier institutions including Wharton, Stanford, and IITs with years of experience at companies like Google, Amazon, Standard Chartered, Blackrock, and Yahoo. We are backed by leading Silicon Valley investors - Sequoia, Wing, Accel, and Y Combinator. We are a global company headquartered in Silicon Valley along with offices in India and Mexico.
Your Role
As an AppSec Engineer in Drip Capital’s engineering team, you will have the opportunity to take ownership of :
- Contribute to and improve secure SDLC practice
- Design architecture, methods, and controls required to meet security, compliance, and audit requirements.
- Designing and implementing cloud and network security solutions.
- Do comprehensive threat modelling for our applications and infrastructure in an Agile flow
- Perform secure code review and security assessments of web, android and iOS applications, and cloud infrastructure (infrastructure as code).
- Proactively identify vulnerabilities across our platform and work with developers in fixing them.
- Automate and simplify security, as “Complexity is the enemy of Security”.
- Handle Vulnerability Management and Patch Management processes.
- Participate in the investigation related to Privacy/Security incidents and response activities.
- Work with DevOps to implement the security tools and automation of the security tasks.
- Mentor other engineers and evangelize security practices through cross-functional work with DevOps and engineering teams.
- Testing the deployed security solutions to make sure they function as planned.
Our Checklist
- A minimum of 4 years of experience as an AppSec Engineer
- Hands-on experience in secure design and architecture review of backend services, payments systems like payment gateways.
- Hands-on experience in secure code review and automation of common security workflows.
- Hands-on experience and a proven record of securing one or more of the cloud platforms: Azure, GCP, AWS and Hosted Cloud Solutions.
- Good understanding of OWASP and SANS testing methodologies.
- Good understanding of software security weaknesses and vulnerabilities.
- Good knowledge in securing architecture of web, mobile applications and cloud infrastructure.
- Ability to contribute as an individual and as part of a team
- Working knowledge of any scripting language; Python or Go preferred
- Experience in writing custom tools/scanners/extenders is a plus
- Red teaming experience is a plus
If you love to explore the security aspects of a distributed system that makes decisions related to global trade finance, let's talk!
- OWASP Secure Code review,• Basic programing knowledge in any programming language and knowledge on secure development practices.
- OWASP TOP 10 vulnerabilities and their mitigations
- Hands on experience in Web Application Security Testing tools (SAST & DAST) and Penetration testing tools such as HP Fortify, Checkmarx, Acunetix, Nessus, Burp Suite, Metasploit., Qualys Guard, Kali Linux , etc.
- Understand/modify exploit code and find logical security flaws in applications
- Should have knowledge and experience on Network Security, Application Security, Internet Security, attack vectors.
- To carry out technical vulnerability assessments, identify potential vulnerabilities and provide recommended controls and support to mitigate them.
at SynRadar
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Scan Network for Security Vulnerabilities
- Create detailed security report
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, network scanning tools.
Security (AM/Executive)
• To design the security infrastructure / policies for the organisation, implement & monitor the same
• To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC
• Design, review, implement & monitor IT security related controls as part of Internal
• Controls, IFC, ERM
• ISMS certification (ISO 27001) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats
• Conducting internal security audit and generating reports by deploying VA tools
• Periodic security/VAPT audits and implementation of the findings
• IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIEM), cloud security, EMM-enterprise mobility management
• Creating IT Security awareness within the organisation
This profile will include following responsibilities:
- Perform Web Application Security Testing
- Perform Mobile Application Security Testing
- Scan Network for Security Vulnerabilities
- Co-ordinate with the clients for Project related queries
- Undertake meeting with the client teams for discussing security issues and recommendations
- Create detailed security reports
- Keep track of project progress & send regular updates
- Research on Open source security tools & new security topics
- Create Security Knowledge base for the teamThe candidate should be we well versed with application security concepts, including the mitigation techniques:
- Web Application Security – OWASP Top 10
- Mobile Application Security – Mobile OWASP Top 10
- Threat Modelling
- Risk Rating Frameworks
- Web Traffic Interception (For Web/Mobile apps)
- SSL
- Network Concepts
- Web Development Basics - HTTP/HTML/JavaScript
- Basic Mobile Application Concepts (either Android or IOS)
This position is open for experienced professionals in the field of software testing. You will be working with an amazing team and will have tremendous opportunities to learn and grow quickly.We are looking for Quality Analyst to work on our product Faveo HELPDESK
Who are we looking for?
1 to 3 years of prior experience in QA
Proficient in Software testing
Role & responsibilities
Work on http://www.faveohelpdesk.com/" target="_blank">www.faveohelpdesk.com
Review Faveo in terms of UI, usability etc.
Web security testing Performance testing Write manual test cases Test the web,
Mobile application manually Test the web
Mobile application using open source testing tools
Document the test result
We use Github for issue management
Technologies you will work on
Manual testing
Automated testing
Tools you will use
Git – Github
Basic IDE usage of any of these: NetBeans/Dreamweaver/Brackets/Sublime
Selenium
Candidates with prior knowledge of these tools will be preferred
Qualification/Interest
Should have completed testing course from reputed institute
Candidates from engineering, computer science and information technology background preferred
Team player, friendly, self-motivated, quick & self learner and be able to work autonomously
How can I apply?
You are invited to send us your complete resume
Attach previous work or portfolio or project details
Resume should have candidate photograph in it Mention Linkedin Profile URL in the resume
Do go over our company website http://www.faveohelpdesk.com/" target="_blank">www.faveohelpdesk.com & LinkedIn profile before applying
Ethical Code
We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
• Location:- C.G Road, Ahmedabad
• Working days:- 5 days, 2 Saturday alternate holidays.
• Experience:- Mini. 8yrs
Job Description:-
We are looking for a Software Architect to drive technology strategy, create the
technological vision and to ensure the designing and development of software solutions that fulfils the business requirements. You will be a key contributor to architectural decisions for products, drawing on your excellent technical, analytical and business acumen skills while effectively communicating with all levels in the organization to build high scalable and secure solutions.
KRA:-
Articulate architecture & Non functional requirements for the products and service with high precision. Gathering business requirements to analyse, identify, design and innovate solutions.
• Device strategy to implement NFRs
• Validate the design, development to confirm against the architecture and NFR
• Technical owner of the IT Projects
• Design and develop best practises in software development and architecture together with the team.
• Determining overall architectural principles, frameworks and standards.
• To provide hands-on development wherever appropriate specially on architecture transformation projects.
• Involve in unit testing, code reviews and bug fixing.
• Driving research, case studies on how latest technologies could be leveraged for software architecture and capabilities such as scalability, fault tolerance, extensibility, maintainability, etc.
• Documenting designs, estimates and implementation plans to iAND stakeholders.
Requirement:-
• Academics exposureExperience in architecting and designing technical solutions especially in area of mobile and cloud. for SaaS capabilities.
• Ability in scaling products and to tackle large traffic and amounts of data.
• Academics expertise in coding, programming and software design patterns.
• Passionate about technology and constantly growing your technical expertise.
Great to Have:-
• Professional Coding proficiency in Python and JavaScript. certifications like AWS, MS Azure
• Experience in insurance domain
We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.
Roles & Responsibilities:
- Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
- Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
- Managing penetration tests and security reviews for core applications and APIs.
- Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
- Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
- Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
- Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
- Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
- Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
- Investigate privacy breaches.
- Educate employees on data privacy & security.
- Prioritize security requirements based on their severity of impact and product roadmap.
- Maintain a balance of security and business values across the organisation.
Required Skills:
- Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
- Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
- Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
- Experience in Log Management, Security Event Correlation, SIEM.
- Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.
Good to Have Skills:
- Online Fraud Prevention.
- Bug Bounty experience.
- Security Operations Center (SOC) management.
- Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
- Experience / Knowledge on tools like Fortify and Nessus.
- Experience in handling logging tools on docker container images (ex. Fluentd).
-
- Manage a team of highly skilled security engineers
- Responsible for the security of all Ola applications.
- Enforce Security in SDLC, and ensure any identified vulnerabilities are fixed before a feature goes to production.
- Participate in the design review discussions to identify any security loophole, and recommend a secure design solution.
- Partner with engineering leaders across the company to help them prioritize security issues in their products.
- Run the Ola’s Bug Bounty program effectively.
- Develop a roadmap for future work to enhance security, derive a project plan, and ensure the completion of the project within the timelines.
- Mentor the team members and work towards their career growth.
Minimum Qualifications
- 7+ years of work experience in security engineering, including 2+ years of proven hands-on technical management experience of security engineers.
- Experience recruiting and managing technical teams, including performance management.
- Technical experience across security disciplines – web/mobile app security, infrastructure security, security operations center.
- Experience building relationships with stakeholders and business leaders.
- Must have Coding experience at least in one language.
- Knowledge of standards like PCI-DSS, ISO27001, GDPR etc.
BS/MS in Computer Science or equivalent experience
One of the world top Product/Consulting company
- 5+ Years of leading an engagement.
- 5+ Years developing and implementing security operations and technology in large, complex enterprises in multiple industry verticals, across a wide range of technology platforms.
- 4+ Years on any Cloud Platform (AWS, Azure, Google, others).
- Master's or Bachelor's degree in Information Science / Information Technology, Computer Science.
- Deep hands-on experience leading the design, development and deployment of business software at scale.
- Experience with service-oriented architectures, private and public clouds and web services security.
- Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls, Infrastructure and Network Security, Data protection, and Incident response.
- Professional experience and good technical knowledge of application security, system security, network security, authentication/authorization protocols, and cryptography.
- Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27xxx, SOC, HIPAA, GDPR, and NIST/DoD frameworks.
- Experience with enterprise risk management methods and techniques to drive successful outcomes in a global enterprise environment.
- Good understanding of Enterprise Networks, Security and Identity Access Management.
- Configuration management using CloudFormation and/or Chef/Puppet.
- Experience with agile approaches and Experience in DevOps or DevSecOps, and how they impact risk management and compliance.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment using scripting and/or IaaC.
- Knowledge of professional software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, libraries building, build processes, testing, and operations.
- Demonstrated ability to mentor other software developers to maintain architectural vision and software quality.
- Experience taking a lead role developing complex software systems that have successfully been delivered to customers.
- Ability to travel to customer sites as needed.
PREFERRED QUALIFICATIONS:
- AWS Solutions Architect Certified.
- AWS Security Speciality Certified.
- CISSP, CCSP, CISM, and/or other comparable certifications.
- Extensive experience in designing & supporting Azure Managed Services Operations.
- Maintaining the Azure Active Directory and Azure AD authentication.
- Azure update management – Handling updates/Patching.
- Good understanding of Azure services (Azure App Service, Azure SQL, Azure Storage Account..etc).
- Understanding of load balancers, DNS, virtual networks, NSG and firewalls in cloud environment.
- ARM templates writing, setup automation for resources provisioning.
- Knowledge on Azure automation and Automation Desire State Configuration.
- Good understanding of High Availability and Auto scaling.
- Azure Backups and ASR (Azure Site Recovery)
- Azure Monitoring and Configuration monitoring (performance metrics, OMS)
- Cloud Migration Experience(On premise to Cloud).
- PowerShell scripting for custom tasks automation.
- Strong experience in configuring, maintaining, and troubleshooting Microsoft based production systems.
Certification:
Azure Administrator (AZ-103) & Azure Architect (AZ-300 & AZ-301)
Description:
Rapyuta Robotics is seeking talented and ambitious individuals with a can-do attitude to help revolutionize robotics. We’re creating a whole new generation of multi-agent aerial and ground-based mobile robotic platforms with access to an inexhaustible supply of data storage & processing capabilities on the cloud. Our units will be capable of working autonomously and collaboratively, learning from their collective experiences and continuously improving upon themselves.
Frontend engineers are an essential part of the engineering team, helping to make the complex functionalities of our platform accessible through intuitive interfaces. As a senior front-end engineer your responsibilities will include but are not limited to:
- Working with product owners, designers, and backend developers to implement browser-based user interfaces to orchestrate and monitor fleets of autonomous machines
- Building reusable code and libraries for future use
- Ensuring the technical feasibility of UI/UX designs and address performance bottlenecks
- Maintaining standards of automated testing, code quality, and engineering best practices
- Manage a team of 3-4 front-end developers in their tasks across the company's project requirements.
Requirements
Must-Have:
- 4+ years of work experience in front-end development.
- Advanced knowledge of JavaScript (ES6), CSS3, HTML5 and browser APIs.
- Advanced knowledge of React.js
- Good knowledge of database technologies: MySQL, PostgreSQL etc and web application security
- Experience with cross-browser compatibility issues, client-side performance considerations and automated testing tools.
- Experience with software testing, specifically unit testing & integration testing.
- Experience managing a team of front-end developers for at least 1 year.
- Experience with code quality, build and debugging tools
Good to Have:
- Basic knowledge of browser engines: Gecko, Webkit, Servo, etc.
- Knowledge in agile development, and continuous integration for the front end.
- Past experience in the robotics domain and visualizations
Benefits
- Competitive salary
- Stock options
- Budget to buy equipment of choice
- An international working environment with exceptionally talented engineers
Our client is a decade-old software development company, that offers its clients a wide range of customized web, mobile, and eCommerce tools and software. They are known to use advanced languages and platforms used to build reliable, secure, and scalable solutions for their business clients as well as individual customers. Their disruptive craftsmanship and strategy help in high-performance growth and allows customers to transform digitally and competitively.
Their products are being used by most of the banks and NBFCs in India, apart from clients from other industries. The founder is an IIM and MDI alumni and has experience of more than 13 years in business and strategic roles in MNCs. The company has been accredited by the government as a premier IT company, committed to quality and driven by customer success.
- Collaborating with a passionate development team to build custom solutions on, but not limited to Wordpress
- Writing efficient, robust and reusable code.
- Effectively managing project tasks, timelines and communication.
- Developing and maintaining technical project documentation (whenever necessary)
What you need to have:
- B.Tech /B.E.;BCA;MCA
- Hands-on experience in PHP and WordPress.
- Working experience in HTML, CSS, Bootstrap, Javascript, Jquery.
- 2+ year experience as a WordPress developer
- Experience with creating shortcodes.
- Understanding of OOPS concepts.
- Good knowledge of web securities, GIT.
- Knowledge of front-end technologies like AngularJS, ReactJS would be a huge plus.
- Web security knowledge.
- Excellent communication skills
Selected intern's day-to-day responsibilities include:
1. Develop web applications using HTML, CSS, JavaScript, AJAX, PHP, SQL, Bootstrap, WordPress, CI (Code Igniter), Joomla, Web-Hosting
2. Full stack development - Frond end (UI, UX), Middle tier (PHP, Perl) and Backend (PHP, Perl, SQL, Server-side scripting)
3. Work as a part of a core product development team to build online applications
4. Make sure the product being developed is tested and serves business requirements
5. Present ideas for system improvement
6. Work closely with business analysts
Documents:
• Aadhar card
• 2 Passport Size Photo
• SSC Marksheet Result
• 12/Diploma Marksheet Result
• UG Marksheet Result (Optional)
Internship Period:
• 3 Months Training
• 3 Months Live Project
Benefits:
• Joining Letter from Start Date
• 6 Month Experience Letter
• Experience of Live Project
DevOps Consultant!! MERN Stack Project Manager – Systems (Enterprise or Solutions) Architect needed!
Hello superstar,
I appreciate you taking time to read this. I have posted a job for developers to work on a start-up, the link is ......
I would need someone with DevOps experience, to ensure that the project is undertaken with the highest standards possible. I have had many experiences where ‘completed’ software after years of development was filled with bugs and it would be more cost-effective to start from scratch than to attempt to find and correct all the bugs.
I have attempted to learn as much as possible, but I now have an opportunity and it would better serve the venture to have someone handle the management of the project to ensure that;
- We choose the most appropriate technology
- We choose competent developers in those technologies
- The architecture and data modeling are clearly defined in a ‘blueprint’ plan
- A DevOps environment and processes are set up and the developers understand what is required
- Proper tests are carried out to ensure everything works as intended
- There are processes for testers to follow and competent testers are selected to follow them
- Accessibility, localization, and internationalization are planned ahead of time
- Security, scalability, and other future probabilities that I may not even be aware of are considered and planned ahead of time
- Documentation and code reviews, refactoring and other quality assurance processes are undertaken
- Working software is produced and systems that enable new developers or teams of people to easily take over and/or contribute new modules or updates in a controlled and organized fashion
- Cost estimates or budgets/projections or use of SaaS, hosting and other 3rd party services and applications
I am more concerned with a professional and world-class organizational system than with any particular type of software been produced as the strong foundation will enable anything to be creating with efficacy and precision.
Again, thank you for reading this, please reply with the word “superstar” anywhere in the second line of your response. I look forward to hearing from you.
Warm wishes DevOps Evangelist,
You will get to own and build world-class, stable, secure and scalable solutions
Ownership, trust and flexibility comes with the job and you are expected to consistently raise the bar in terms of technical proficiency and quality of code.
You will get to work with a highly experienced team in a very informal, yet results-oriented environment
You should think consumer-first and have the ability to work in a dynamic and fast-paced environment
You will actively participate in defining stable and scalable engineering processes to meet the demands of a fast growing team.
3+ years hands-on application development experience in Python, Django, Flask & NodeJS
Highly proficient in SQL and NoSQL databases and Redis.
Should have a strong hands-on working knowledge on AWS services like EC2, S3, Route53, SES, SQS, SNS etc.
Should have successfully built and deployed complex and resource efficient backend APIs that work flawlessly at scale
Should be willing to take on responsibility and ownership and should be highly motivated and fun to work with :)
Experience in working at fast-paced startups is a big plus!
If you have the knowledge, experience and hunger to make a positive impact, we’d love to meet you.
We are looking for candidates with the below experience.
- Mandatory experience on any of
a) Cylance Protect and Optics
b) Crowdstrike Falcon Insight
c) Sentinel One ActiveEDR
d) Carbon Black EDR
- Hands-on experience in security incident response lifecycle and its phases
- Should have experience in L1 and L2 in EDR
- Hands-on experience in event and log analysis on Windows endpoints
- Overall experience: 3-7 years, Relevant experience: 2+ years
Please note : Candidate should have experience in the below skills must :
- EDR Experience
- EDR Product Worked on and which level of support they are working on
- Incident Response
- Malware Analysis
- Flexible for shifts
Requirements:
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.