Jobs
D

Senior Executive | Risk Management | Pune | Cyber Strategy & Transformation

DeloitteMH, IN23h ago
Full-timevia indeed

Required Skills

apiawsazurebashci/cdgcpjavascriptjirapythonrest

Job Description

Job requisition ID :: 108968

Date: Jul 17, 2026

Location: Pune

Designation: Senior Executive

Entity: Deloitte Touche Tohmatsu India LLP

  • *Senior Executive \| Risk Management \| Pune \| Cyber Strategy \& Transformation**
  • **Job requisition ID** : 108968
  • **Location**: Pune
  • **Entity**: Deloitte Touche Tohmatsu India LLP
  • *The Team**

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity

  • *Your Work Profile**

Responsible for validating security controls and remediation measures implemented by Development and DevOps teams, ensuring vulnerabilities are effectively addressed and applications meet Secure SDLC and compliance requirements.

  • *Key Responsibilities**
  • Validate security controls and vulnerability remediations across applications and cloud environments.
  • Verify authentication, authorization (RBAC/ABAC), input validation, secure configurations, and API security controls.
  • Re\-test vulnerabilities and confirm remediation effectiveness using positive, negative, and edge\-case testing scenarios.
  • Perform security regression testing to ensure fixes do not introduce new risks.
  • Review and validate findings from SAST, DAST, SCA, and Threat Modeling activities.
  • Collaborate with Development, DevOps, Security, and QA teams throughout the Secure SDLC lifecycle.
  • Maintain security testing evidence, reports, and vulnerability tracking.

Core Skills

  • Secure SDLC
  • OWASP Top 10
  • Threat Modeling
  • Application Security Controls
  • DevSecOps Practices
  • Vulnerability Management

Security Testing Expertise

  • SAST, DAST, SCA Validation
  • Security Control Verification
  • Remediation Testing \& Validation
  • REST API Security Testing

Tools \& Technologies

SAST/SCA: SonarQube, Coverity, Black Duck, IriusRisk

Testing: Burp Suite, OWASP ZAP, Nmap, Postman, Swagger

Tracking/DevOps: Jira, Azure DevOps

  • *Cloud Skills**
  • Azure Cloud Security (Preferred)
  • AWS/GCP (Good to Have)
  • IAM, Data Protection, Cryptography
  • Cloud Security Controls \& CIS Benchmarks

Good to Have

  • CI/CD Security \& DevSecOps Pipeline Experience
  • Python, Bash, or JavaScript Scripting
  • Security Design Reviews \& Threat Model Validation

Certifications (Preferred)

CEH, CISSP, CISM, Microsoft Azure Security Engineer Associate, or equivalent

Ideal Candidate

Hands\-on Application Security/DevSecOps professional with experience in security control verification, remediation validation, and secure application delivery, capable of partnering with engineering teams to strengthen overall security posture.

Similar Jobs

Browse all jobs

Job Overview

Job type
Full-time
Work mode
On-site
Location
Mumbai
Posted
23h ago
Source
Indeed