729 Security Testing jobs in Bengaluru

Overview
The Security Testing teams mission is to partner with Atlassian internal teams globally to provide innovative and holistic security testing to secure Atlassian products, platforms and customers. This role supports Atlassian's security team, Engineers and Customers by performing high quality penetration testing on our software, platforms and services.

This role supports Atlassian's security team, Engineers and Customers by providing world class technical assurance of our software, platforms and services through high quality manual penetration testing and code review.

Working at Atlassian
Atlassians can choose where they work – whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.

Responsibilities
You will support others in technically validating the state of Atlassian's technical security controls, working closely with both our security and engineering teams. You enjoy vulnerability hunting and get excited when you find vulnerabilities that typical automated toolsets can't. You must have a strong ability to work with colleagues to understand our products and then come up with ways to strengthen security.

Since we work closely with our product engineering teams, the ability to read and understand code is very important. Our products are built using a number of different languages but Java, Go, and Python are the most common.

Qualifications
On your first day, we'll expect you to have:

• 3+ years working in a penetration testing/appsec/manual code review role
• Strong understanding of web application security
• Experience in cloud security architecture and infrastructure
• Experience coding in Java, Python, or Go, and at least one scripting language
• An ability to reason about security decisions
• Experience leading projects from start to finish and mentoring other security practitioners
• Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams

It's Great, But Not Required, If You Have

• Submitted bug bounty reports to third party companies
• Published contributions to the security community
• Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN
• CVE's to your name
• Presentation experience at industry events
• Developed security tools
• Experience working with compliance, privacy, IT, networking or related functions

Benefits & Perks
Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit

.
About Atlassian
At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.

We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.

To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.

To learn more about our culture and hiring process, visit

.

Detailed JD : -

• At least 5+ years of hands-on experience on various Security automation tools
• Should have managed automation implementation using various frameworks &tools like Burp suite, OWASP, Fortify etc.
• Good Experience in security vulnerabilities, validation of remediation etc
• Experience in Gitlab, CI/CD and testing experience in Devops pipeline.
• Experience in Cyber security domain.
• Good communication, presentation, and reporting skills

Educational Requirements

Bachelor of Engineering

Service Line

Infosys Quality Engineering

Responsibilities

As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain.- You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements.
- You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers.
- You would be a key contributor to building efficient programs/ systems . If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you

Additional Responsibilities:

Job Opening is for multiple locations- Bangalore, Hyderabad, Trivandrum, Chennai, Pune

Technical and Professional Requirements:

Security testing with 3-10 years exp - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMSkills Required - Security Testing--Primary skills:Application Security,Application Security->Burpsuite,Application Security->Devsecops,Application Security->Ethical Hacking(CEH),Application Security->Nessus,Application Security->SSL(Secure Sockets Layer),Application Security->Threat Modeling,Application Security->Vulnerability Assessment/Penetration Testing,Application Security->Vulnerability Management,Application Security->Web Security,Application Security->Webservices Security,Security testing->Vulnerability testing,Technology->Application Security->Vulnerability Management->Qualys,Mobile Testing->Mobile Security Testing

Preferred Skills:

Technology->Application Security->Application Risk Profiling

Threat Modeling

Technology->Application Security->Ethical Hacking

Technology->Application Security->Mobile Application Security

Technology->Application Security->Penetration Testing (Black/White/Grey Box Testing)

Technology->Application Security->Vulnerability Management

Technology->Mobile Testing->Mobile Security Testing

Technology->Security Testing->Security Testing - ALL

Technology->Infrastructure Security->Secure Web Gateway->TrendMicro Interscan web security Virtual appliance

Company Description

L&T Finance is one of the leading NBFCs offering a range of loans across Rural, Housing, Two-Wheeler, and Personal & Business (SME). The company is promoted by Larsen and Toubro Ltd. (L&T), one of the largest conglomerates in India. L&T Finance is publicly listed on both the BSE and NSE exchanges in India and complies with NBFC-CIC guidelines. Headquartered in Mumbai, the company has been rated AAA, the highest credit rating for NBFCs by four leading rating agencies.

Role Description

This is a full-time on-site role for a Security Testing Lead (DAST & SAST) located in Bengaluru. The Security Testing Lead will be responsible for conducting dynamic application security testing (DAST) and static application security testing (SAST). Daily tasks include managing security testing processes, implementing security measures, identifying vulnerabilities, and ensuring compliance with security policies. The role also involves reporting security findings, providing recommendations, and collaborating with various teams to enhance security protocols.

Qualifications

• Cybersecurity and Information Security skills
• Network Security and Physical Security skills
• Strong Communication skills
• Experience with security testing methodologies (DAST & SAST)
• Bachelor's degree in Computer Science, Information Technology, or related field
• Relevant security certifications such as CISSP, CISM, or CEH are a plus

Project Role : Security Architect

Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills : Product Security

Educational Qualification : 15 years full time education

Automotive cyber security domain exp, TARA, ECU Fuzz testing, Penetration testing, IOT , Embedded security, Hardware Security, LOC

Summary :
Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars security
We are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.

Roles & Responsibilities:
. Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.
. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.
. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.
. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.
. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.
. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.
. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.
. Perform hardware penetration testing to identify vulnerabilities in electronic systems.
. Assess the security of medical devices, ensuring compliance with industry regulations and standards.
. Identify and address security risks associated with healthcare information systems and connected medical instruments.
. Evaluate and prioritize security risks based on potential impact and likelihood.
. Provide recommendations and collaborate with cross-functional teams to implement effective security controls.
. Stay current with emerging security threats, vulnerabilities, and testing methodologies.
. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.
. Document security testing processes, findings, and remediation recommendations.
. Generate comprehensive reports for stakeholders, including technical details and actionable insights.

Professional & Technical Skills:
. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.
. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.
. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.
. Ability to manage multiple tasks and deadlines.
. Hands on experience with penetration testing tools and methodologies.
. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.
. Knowledge of secure coding practices and the ability to review code for security vulnerabilities.
. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UN

VDart: Digital Consulting & Staffing Solutions

VDart is a leading digital consulting and staffing company founded in 2007 and headquartered in Alpharetta, Georgia. VDart is one of the top staffing companies in USA & also provides technology solutions, supporting businesses in their digital transformation journey. Digital consulting services, Digital consulting agency

Core Services:

• Digital consulting and transformation solutions
• Comprehensive staffing services (contract, temporary, permanent placements)
• Talent management and workforce solutions
• Technology implementation services

Key Industries: VDart primarily serves industries such as automotive and mobility, banking and finance, healthcare and life sciences, and energy and utilities. VDart - Products, Competitors, Financials, Employees, Headquarters Locations

Notable Partnership: VDart Digital has been a consistently strong supplier for Toyota since 2017 Digital Transformation Consulting & Strategy Services | VDart Digital , demonstrating their capability in large-scale digital transformation projects.

With over 17 years of experience, VDart combines staffing expertise with technology solutions to help organizations modernize their operations and build skilled workforce capabilities across multiple sectors.

The Security Testing Operations Analyst is a crucial role for the vulnerability management and offensive testing activities across the group to which protects the business from sophisticated cyber threats

The role holder will work with our 3rd party vendors to plan and facilitate our testing programmes ensuring they run efficiently. These programmes include our regulator led Thread Intelligence Led Pen Testing (TLTP), Red teaming, Social engineering simulations, B ug Bounty and external vulnerability scanning services. The applicant will be a domain authority on vulnerability impact and risk, provide insight on root cause analysis and remediation. This role requires working closely within a technical team and with external teams, BISOs, the GSOC, and other entities.

The candidate will stay ahead of emerging cyber security thought leadership sharing ideas for areas of improvement and innovation to support good risk decisions making that drive continuous security risk improvement

Role Responsibilities & Key Accountabilities:

• Collaborate with external vendors coordinating the timely delivery of requirements
• Review vulnerability reports, validate issues reported and triage based on risk
• Support teams in understanding vulnerabilities and validate fixes through retesting
• Coordinate remediation efforts by detailing actions, owners and timelines. Then follow up where appropriate

Qualifications & Experience:

• Technology related Bachelor's Degree or equivalent experience and certifications in cyber security
• Background in Red Teaming / Penetration Testing / Bug Bounty advantageous
• Understanding of enterprise IT system environments
• Knowledge of security vulnerabilities and common software engineering flaws and Network Defence analytical models (Kill Chain, ATT&CK, etc.)
• Strong verbal & written communication skills & presentation skills
• Ability to work in a fast-paced environment as a problem solver and barrier breaker with initiative

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of
Integrity, Partnership
,
Excellence
and
Change
underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject .

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.

Job Role : Professional Services Consulting, Staff Consultant

Experience : 1 to 10 Yrs

Key Skills: SAST, Web Application Security Testing, Mobile Pentesting, Network Pentesting, Hack the Box

Notice Period : 0 to 15 days--Candidates must attend F2F interview in Bangalore(Weekdays only)

No of Positions: 15

Office Address : UV Cyber, PRESTIGE BLUE CHIP SOFTWARE PARK, Hosur Main Road, Chikku Lakshmaiah Layout, Adugodi, Bengaluru, Karnataka

At UV Cyber, Our Software Security and Quality business is all about building secure softwarefaster. That starts with our static analysis, software composition analysis, and dynamic analysis. So our customers can build security and quality into the DNA of their code at any stage of the software development lifecycle and across the supply chain. All while minimizing risks and maximizing speed of application development.

Professional Services Consulting, Staff Consultant

Were looking for a for a full-time Security Staff Consultant to parachute in wherever software insecurity invades and to stomp out bugs and flaws wherever they hide. Does this sound like a

good role for you?

• In this role, you will join in the execution and delivery of planned project deliverables and milestones that assist clients in learning, understanding, and applying our secure software development methodologies.
• You will typically have task responsibility within one project and develop the capability to perform tasks within one or more of our security practices & continuously learn and expand your technical expertise.
• Some work is from the office, but you will often go on site to help customers exterminate the bugs and untangle the flaws that make their systems insecure.

Our Consultants make themselves and their team indispensable advisors to our customers: they build the relationships that help create and identify follow-on assignments.

Responsibilities include but not limited to the following:

• Secure code Analysis and Review
• Software/Application Penetration Testing
• Network Penetration Testing
• Architecture Security Analysis and Threat Modeling
• Secure Software Design, Architecture, and Engineering
• Software/Application Reverse Engineering
• Red Team Analysis (including network, wireless, physical, and social engineering techniques)
• Database Security Analysis
• Cloud Pen testing ( WS , Azure etc)

Technical Skills

• Experience with web application penetration testing
• Familiarity with software security weakness and vulnerabilities
• Experience in performing source code review
• Experience in network penetration testing
• Working understanding of one scripting language
• Experience in reverse engineering is a plus
• Familiarity with at least one software programming language and framework is a plus

Consulting Skills

• Ability to interface with clients, utilizing consulting and negotiating skills
• Ability to undertake and complete tasks autonomously
• Meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
• Enthusiasm and commitment
• Professional interpersonal skills and an entrepreneurial drive
• Written communication skills for use in preparing formal documentation.
• Verbal skills that include the ability to clearly articulate thoughts and to deliver presentations.
• Willingness to travel 20-50%

Key Qualification

• Bachelors Degree in Computer Science, Engineering or equivalent. Masters Degree preferred
• Any relevant certifications such as CISSP, CEH etc. is a plus

Preferred Experience

• 1 to 10 yrs. of work experience in relevant role