855 Ceh Jobs

About The Role Job Title - Security Delivery Specialist + Team Lead + CF Management Level:09- Team Lead Location:Bangalore/Hyderabad Must have skills:- Vulnerability management/Cloud Security posture Management Proficiency with Vulnerability management/Cloud Compliance management tools (Qualys/Tenable/CSPM or equivalent) Good to have skills:- Knowledge/Certifications on Containers (AKS or EKS or GKE) Knowledge of ITIL processes Knowledge of ISO 27K processes and controls Scripting knowledge (Python/PowerShell/Bash) Job Summary : Work with cross-skilled security groups on various aspects of Security Operational functions Work and facilitate Vulnerability and Compliance queries from Business from security scans and reports Conduct security audits of internal operational process Ensure vulnerability and Compliance scans are in place as per schedule and monitor associated processes Prepare and deliver compliance reports to management, the periodic status of the process health Provide standard process advice for SecOps/SOC teams Perform vulnerability management Develop and maintain security documentation and reports Influence training plans to align with company goals Roles & Responsibilities: Prepare and deliver compliance reports to management, detailing the organizations compliance status and areas for improvement Perform vulnerability management Support Business on remediation queries on Vulnerability and Compliance Audit internal operational processes and share report to management and identify improvements Develop and maintain security documentation and reports Engage with stakeholders for various security evaluation discussions and identify improvements Review and monitor internal processes Influence training plans to align with company goals Professional & Technical Skills: Proven experience in a cyber security , with a focus on consultancy Comprehensive understanding of security principles, techniques, and technologies Experience with security frameworks and standards (e.g., ISO 27001, NIST) Deeper understanding of OS level Security Deeper understanding of Cloud and Container platform Deeper understanding of patching/ vulnerability remediation Proficiency in security tools and technologies- Vulnerability scanners, Compliance management Deeper knowledge of networking or Server Administration Relevant certifications such as CEH, CCSK, AZ500 or equivalent are highly desirable. Additional Information: About Our Company | Accenture Qualification Experience: Minimum of 8 years of Experience Educational Qualification: B.Tech/BE or equivalent

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security architecture to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure security measures align with business objectives and compliance requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing.- Strong understanding of cloud security principles and best practices.- Experience with security assessment tools and methodologies.- Knowledge of regulatory requirements and compliance standards related to cloud security.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks. Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools. Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify.

We are seeking a highly skilled Cybersecurity Officer with a strong background in information security, cyber risk management, and technical infrastructure protection.As a global provider of financial and data clearing applications for mobile network operators, we understand the critical importance of robust cybersecurity measures.This role is specifically focused on the digital security of enterprise systems, cloud infrastructure, application environments, and customer data. Nextgen Clearing is the market leading provider of global roaming services. We operate internationally across 20 global locations, employing over 300 talented people. We offer Award-winning Data and Financial Clearing services, along with unique value-added features on a single flexible online platform. Nextgen Clearing serves more than 160 operators worldwide, giving them a 24/7 holistic overview of their full roaming business Key Responsibilities: Define and implement security policies and controls to protect the company's digital assets and ensure regulatory compliance. Continuously monitor the company's security posture and quickly respond to security incidents. Develop security strategies and plans for preventing and responding to security breaches. Provide expert guidance and support to software teams on implementing secure development practices, security requirements, and conducting security testing. Foster secure application deployment and configuration, ensuring the protection of data integrity and confidentiality. Conduct regular training and awareness sessions for the company's staff to promote security best practices. Assist in the response to security incidents, including the management of communications and recovery efforts. Work collaboratively with customer service teams to safeguard customer data, enhance data privacy, and ensure secure customer interactions. Contribute to the company's efforts to prevent fraud and manage security incident communications to maintain trust with customers. Stay up-to-date on the latest cybersecurity trends, threats, and security technologies to continuously improve the organization's security stance. Collaborate with IT and other departments to establish a security-focused culture across the company. Develop and maintain documentation related to security policies, procedures, and incident response plans. Stay up to date on emerging cybersecurity threats and vulnerabilities and proactively recommend and implement countermeasures to mitigate risks. Foster security awareness and monitor security policy implementation Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or cybersecurity certifications (e.g., CISSP, CISM, CEH, TOGAF) are a plus. A minimum of 10 years of experience in information security or cybersecurity. Strong understanding of information security principles, best practices, and industry standards. Experience with implementing and managing security protocols, cybersecurity tools, and technologies. Familiarity with compliance requirements and standards such as ISO 27001, GDPR, and PCI DSS. Ability to identify security vulnerabilities and risks, as well as implement preventive and corrective measures. Knowledge of secure software development life cycle (SDLC) practices. Excellent problem-solving skills and the ability to work in a fast-paced, high-pressure environment. Strong communication and interpersonal skills to collaborate with diverse teams and educate non-technical stakeholders on security-related matters. Incident response and crisis management experience. Working Conditions: The role may require availability outside of standard business hours to respond to security incidents and maintain critical security measures. Benefits A supportive, dynamic, and collaborative work environment. Exceptional opportunities for professional and career advancement. Engagement with the leading provider of roaming services, catering to global Mobile Network Operators as clients. For more information, please visit www.nextgenclearing.com. Private Health Insurance Training & Development

We are looking for a Product & Solution Security Professional meeting the need for smart-mobility solutions. We are making the lives of people who travel easier and more enjoyable while constantly developing new, intelligent mobility solutions. Your new role challenging and future-oriented As a PSSE you will be involved in a project from Bid phase till the closure of the project. Conduct Threat and risk analysis, identifying vulnerabilities and proposing mitigation measures. Prepare Security concept, defining cyber security relevant activities related to configuration, installation and commissioning of railway signaling and telecommunication systems. Design, implement, and manage security architectures for railway signaling and telecommunication systems for mass transit and Mainline projects. Prepare Project specific Security policies and procedures. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27001 and TS50701) in the project. Evaluation of third-party components from a security point of view. Preparation of Security Test Plan, test cases and perform security testing(automated and Manual) to ensure the security controls are effectively implemented. Analysis of vulnerability finding, developing solution to fix the vulnerability if necessary. Respond to security incidents if any, helps in solution development Collection of product & solution security related lessons learned and feed into in continuous improvement activities (e.g., update of guidelines, reporting to PSSOs, integration in awareness material). Can support multiple projects at the same time and should occupy the function for the main part of is defined working time. We dont need superheroes, just super minds Bachelors degree in cybersecurity, computer science or a related field Should hold professional certification like CCNA, CCNP, IEC62443, CEH, GISCP, or equivalent. Deep understanding of OT protocols Exposure to Security tools Like Nessus, NMAP, IDS/IPS, firewall, application Whitelisting, Anti-virus , SIEM etc Should have understanding and experience on PKI, Active directory, Networking, Operating systems ( Windows and Unix ), ICS/SCADA. Knowledge of Vulnerability management, Security testing, System hardening, Patching etc. Should have working experience on one of the security standards ( IEC 62443 3-2, 3-3, 4-2, 2-1, TS50701, ISO 27001) Must have good understanding of Railway domain ( Signaling Mass Transit / Mainline) Has minimum 4-6years experience in one of the fields of professional experience. Weve got quite a lot to offer. How about you? This role is based in Pune. Youll also get to visit other locations in India and beyond, so youll need to go where this journey takes you. In return, youll get the chance to work with teams impacting entire cities, countries and the shape of things to come.

Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS). We should look for a candidate who has deep and diverse hands on exp in above skills. Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps. This profile requires a candidate with hands on Application Security experience specific to mobile applications Communication should excellent Skills: penetration testing,mobile app testing,sast,ios,android,dast Mandatory Key SkillsSAST,DAST,Penetration testing,Android,ioS,manual testing,AppSec*

Key Responsibilities: Conduct comprehensive application security assessments, focusing on the OWASP Top 10 for web and mobile applications. Utilize vulnerability assessment tools to identify and analyze security risks within applications and systems. Collaborate with development teams to integrate security practices into the software development lifecycle (SDLC). Provide recommendations and guidance for remediating vulnerabilities and improving application security posture. Monitor security alerts and take appropriate action to mitigate potential threats. Assist in developing and implementing security policies, procedures, and best practices. Stay up-to-date with the latest security trends, tools, and technologies to ensure the organizations security measures remain adequate and relevant. Communicate technical security issues and solutions effectively to both technical and non-technical stakeholders. Qualifications: 2-5 years of experience in application security, focusing on identifying and mitigating security vulnerabilities. Strong knowledge of OWASP's Top 10 security risks for web and mobile applications. Familiarity with vulnerability assessment tools like Nessus, Burp Suite, Fortify, etc. Prior programming experience (e.g., Python, Java, JavaScript, etc.) is an added advantage and will be highly beneficial. Excellent problem-solving skills and attention to detail. Strong communication skills, with the ability to explain complex security issues clearly and concisely. Ability to work independently and as part of a team in a fast-paced environment. Relevant certifications (such as CEH, OSCP, CISSP) are a plus but not required. Knowledge of CSPM and DSPM Mandatory Key SkillsSecOps,Security Testing,OWASP,Java,JavaScript,CEH,OSCP,CISSP,Nessus*,Burp Suite*,Python*

The Hardware Embedded Penetration Tester is responsible for performing comprehensive security assessments on embedded hardware systems and devices. The primary duties include: Key Responsibilities: Extract firmware directly from embedded devices and systems Interact directly with hardware components and interfaces Perform firmware reverse engineering and analysis Audit the security of hardware protocols and communication interfaces Extract and analyze content from SPI flash and other on-board memory Interact with and test JTAG, UART, and other hardware debug interface Conduct penetration testing and vulnerability research on embedded systems Develop custom tools and scripts to automate and enhance testing capabilities Analyze findings, document vulnerabilities, and provide remediation recommendations Required Skills: Proficient in firmware extraction and analysis Hands-on experience with hardware hacking and reverse engineering Strong understanding of embedded hardware interfaces and protocols Expertise in conducting JTAG, UART, and SPI-based testing Ability to identify and bypass hardware security mechanisms Familiarity with embedded operating systems and architectures Proficiency in programming and scripting (e.g., Python, C, Bash) Experience with hardware debug tools and test equipment Solid understanding of network security and penetration testing methodologies Ability to research, discover, and document hardware vulnerabilities Strong analytical and problem-solving skills

We are looking for a highly skilled and motivated Product & Solution Security Professional to join our team. We are looking for proven experience of 15 years in cybersecurity, with a focus on application security and proven experience working with software development teams and integrating security practices into the SDLC. Experience interacting with key collaborators and supporting security activities within software products. Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record. The ideal candidate will be responsible for defining secure design principles and supporting multi-functional teams to ensure secure architecture, implementation, and testing of products and solutions. Integration with SDLC: Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC). Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. Perform security code reviews and analyze vulnerabilities during different SDLC phases. 2. Security Activities: Develop and implement security protocols, guidelines, and standard processes for software development. Conduct threat modelling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. 3. Stakeholder Interaction: Work closely with key collaborators, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical collaborators. Foster a security-aware culture within the development teams and across the organization. 4. Security Tools and Technologies: Implement and manage security tools such as static and dynamic analysis tools and vulnerability scanners. Stay updated with the latest security tools, trends, and standard methodologies to enhance products security posture. 5. Training and Awareness: Conduct security training and awareness programs for development teams. Promote continuous improvement related to application security. Skills and Qualifications: Technical Skills: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and related to application security. 2. Soft Skills: Strong communication and interpersonal skills. Ability to explain complex security concepts to non-technical collaborators. Strong analytical and problem-solving skills. Collaborative approach and ability to work effectively with multi-functional teams. 3. Certification Preferred: CEH, Certified Secure Software Lifecycle Professional (CSSLP) or equivalent

Role Overview: You will be part of the cybersecurity team at Plante Moran, assisting in performing testing and reviews for multiple client projects. Your role will involve tasks such as penetration testing, vulnerability assessments, social engineering assessments, and technical security configuration reviews. You will be responsible for preparing reports, communicating observations and discrepancies internally, and collaborating with other team members to coordinate client projects. Key Responsibilities: - Assist the US cybersecurity team in performing testing or reviews for multiple client projects which may include: - Penetration testing (e.g. external or internal network, web application, mobile etc.) - Vulnerability assessments - Social engineering assessments (e.g. phishing) - Other technical security configuration reviews (e.g. Microsoft 365, firewall, routers, etc.) - Prepare the reports as per the designated templates and provide regular internal communication on observations and discrepancies. - Work closely with other engagement team members to coordinate client projects Qualifications Required: - Freshers or 0-2 years experience in Penetration testing, Vulnerability assessments, Technical Security Assessments, and at least one to two years of Cybersecurity or Information Security experience. - Bachelor of Science (B.Sc.) Computer Science / Information Technology / BE or B. Tech Computer Science / Information Technology / Electronics / Electronics Telecommunications. - Certification preferred: CEH, GPEN, OSCP, GWAPT or any other recognized Security certifications - Good communication and presentation. Must be fluent in English, written and verbal. - Knowledge of General Computer Controls. - Must be proficient with MS Office (Word, PowerPoint, and Excel), knowledge including Excel functions, and formatting capabilities for reporting. - The candidate will be required to work in the office (onsite job) - The candidate must have the ability to travel on occasion to clients in India and to the United States. - The candidate should be open to work in the afternoon shift (i.e., from 11 pm to 8 pm). - Contributes to team effort by accomplishing related results as needed. - Well-developed project management and stakeholder relationship management skills - Strong analytical and problem-solving skills - Outstanding time management and organization skills - Superior attention to detail and conscientious quality of work product - Professional demeanor with superior verbal and written communication skills - Potential of 25% overnight travel Additional Company Details: Plante Moran is committed to maintaining a diverse workplace where each individual feels accepted and valued. The company believes in recognizing and celebrating human differences to create a workplace where all staff members have the opportunity to succeed. Plante Moran is an Equal Opportunity Employer and maintains a drug-free workplace. The company follows a Workplace for Your Day model, promoting flexibility and balance while valuing face-to-face interactions for individual and collective development.,

* Mentor and guide training resources across Kerala, ensuring effective knowledge transfer. * Deliver comprehensive training on RedTeam courses, including but not limited to ADCD, CPT, CICSA, CSA, CCSA, CRTA, CEH, P+, S+, CYSA+, CHFI, etc.

Understand common cyber attacks, e. g. , social engineering, phishing, identity theft. Obfuscation, trojans, dumpster diving, insider attacks, etc. Strong Knowledge of Information Security & Ethical Hacking Concepts. Required Candidate profile Freshers B.Tech | BCA | MCA | Must have Knowledge about Ethical Hacking , Cyber Security Proficiency in testing tools (Kali Linux, Metasploit, Burp Suite, Wireshark) Whatsapp Resume: 7042302345

Job Overview : ISSQUARED Inc is looking for a Senior Information Security Operations Analyst to be the lead role in maintaining and enhancing the Cybersecurity posture for clients and the company. The ideal candidate maintains a hands-on approach to major facets of Information Security: incident Response, Vulnerability Management, End Point Detection and Response, Logging and Monitoring and exhibits an ability to work collaboratively with various stakeholders to ensure success with all InfoSec related programs. This will encompass a wide variety of systems (Windows and Linux), networks and telecommunication infrastructure components to meet business security needs. This position will need to implement and maintain security best practices while coordinating with the Leadership teams to complete that work. Ongoing work will also include remediation of items identified in internal/external Audits, PEN Testing, and tickets/alerts from the SOC and security tools. The Senior Operations Analyst/Manager will also be responsible for providing monthly metrics and reporting for ongoing Security work and overall security posture. Additional tasks will include but not limited to Qualification s : Bachelor's degree (BA, BS) or equivalent experience in the Computer Science or related field Working Conditions : Flexible to wo rk in Shifts . Key Responsibilities : Have experience in SOC monitoring, working knowledge in any of the SIEM tools like FortiSIEM, ArcSight, Qradar, Splunk, McAfee Nitro, and AlienVault USM Anywhere. Preference for candidates with prior FortiSIEM experience. 24x7 Active monitoring of Security events using SIEM (based on standard operating procedure). Monitor network security events on SIEM consoles and other systems available and take appropriate action based on security policy. Responsible for troubleshooting agent software issues. Reviewing reports to ensure quality and accuracy. Analysis of log files, including forensic analysis of system resource access. Working on connected firewalls and IDS/IPS systems Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns is a must. Strong analytical and problem-solving skills. Understand cyber - attack methods, perform analysis of security logs in an attempt to detect unauthorized behavior, provide daily reports to Manager. Analyze network traffic patterns, system logs, and audit files for compliance with security policies. Ability to communicate and listen effectively. Hands-on experience and ability to do Root cause analysis, Problem & Capacity Management. Experience in FortiSIEM, McAfee DAM / NIPS / SIEM / DDOS / ArcSight / Symantec DLP / Websense DLP / DLP / Bluecoat / Websense Proxy / MacAfee Web Security / Force point / Splunk. Preferred Skills : Not less than 4 years of relevantexperience. Excellent customer facing skills with fluency in written and spoken English. Bachelors degree in Science or higher. (B.E/B.Tech preferred). CCNA / SIEM technology certified (FortiSIEM, ArcSight, Qradar, Splunk, and McAfee Nitro). Stakeholder management & should have excellent communication skills Preferred certification CEH, CCNA, CCNP, MCSE Knowledge of ISO 27001:2013, PCI DSS compliance Ability to quickly scale up and learn technologies outside of core areas of expertise. Understanding of ITIL concepts and processes.

Job Summary: The Cybersecurity Engineer focuses on vulnerability assessments and penetration testing (VAPT), identifying risks and developing strategies to secure critical systems. Key Responsibilities: Conduct penetration testing on IT infrastructure and applications. Identify and exploit vulnerabilities in systems and applications. Collaborate with development teams to remediate security issues. Experience on vulnerability assessments to identify and address system weaknesses and potential risks. Maintain up-to-date knowledge of emerging cybersecurity threats and tools. Qualifications: Bachelors degree in Computer Science, IT, or related field. 5+ years of experience in cybersecurity with a focus on VAPT. Certifications: OSCP, CEH, or equivalent. Experience with penetration testing tools such as Burp Suite and Metasploit Note – Immediate Joiners will be preferred.

About The Role Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Lead, you will lead the effort to design, build, and configure applications, acting as the primary point of contact. Your typical day will involve collaborating with various teams to ensure that application requirements are met, overseeing the development process, and providing guidance to team members. You will also engage in problem-solving activities, ensuring that the applications are functioning optimally and meeting the needs of the organization. Your role will require you to stay updated with the latest technologies and methodologies to enhance application performance and security. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate knowledge sharing sessions to enhance team capabilities.- Monitor project progress and ensure timely delivery of application features. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of application design and architecture principles.- Experience with incident response and security monitoring.- Familiarity with compliance frameworks and security best practices.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Your role will also include reviewing and refining security policies and procedures to adapt to evolving threats and compliance requirements, ultimately contributing to the overall security strategy of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in One Identity Manager.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Ability to analyze security incidents and implement effective remediation strategies. Additional Information:- The candidate should have minimum 5 years of experience in One Identity Manager.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

10+ years of IT/cybersecurity experience with 4+ years as a Security Architect . Strong knowledge of security frameworks and standards (NIST CSF, ISO 27001, TOGAF, SABSA, MITRE ATT&CK). Expertise in cloud security (Azure, AWS, GCP) and cloud-native security controls. Solid understanding of SIEM, SOC, IAM, PAM, DLP, EDR, IDS/IPS, WAF, PKI, and encryption technologies . Hands-on experience with threat modeling, risk assessment, penetration testing methodologies. Knowledge of DevSecOps, CI/CD pipeline security, and secure software development lifecycle (SSDLC) . Experience in regulatory compliance and audit requirements (GDPR, HIPAA, PCI-DSS, SOX). Excellent communication skills to influence stakeholders and present complex security concepts clearly.

Experience & Role: Internship, project work, or academic exposure to IT Risk, Information Security, or GRC topics will be beneficial. Will work under the guidance of the Risk Management team on real-time projects and operational support tasks. Key Responsibilities: Support in tracking risk items and control remediation status across departments. Participate in drafting or reviewing internal policies, procedures, and documentation. Help coordinate meetings, training, or awareness sessions related to IT risk and governance. Aid in the preparation of risk reports and dashboards. Support third-party risk assessments and follow-ups with stakeholders. Assist in documenting IT General Controls (ITGC) processes and observations. Contribute to projects related to regulatory compliance, control testing, and cybersecurity awareness. Skills and Requirements: Understanding of fundamental IT principles, systems architecture, and IT process flows. Knowledge of Risk Management frameworks and IT Governance processes. Basic understanding of IT/cybersecurity frameworks (ISO 27001, NIST, COBIT, etc.). Interest in IT General Controls (ITGC) and IT Application Controls (ITAC). Desire to explore GRC tools. Analytical mindset and attention to detail. Good communication and coordination skills. Ability to work with cross-functional teams in a supportive role. Learning Opportunities: Exposure to real-world IT and cybersecurity risk management practices. Hands-on experience with risk assessment processes and compliance monitoring. Understanding the intersection of enterprise IT systems and cybersecurity controls. Opportunity to collaborate with cross-functional teams in a dynamic IT environment

As an Industrial Control System (ICS) Architect, your primary role will involve system design and architecture for ICS environments, including SCADA systems, Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), and other control systems. You will be responsible for developing and maintaining architecture designs, ensuring compliance with industry standards such as ISA/IEC 62443, NERC CIP, and other best practices. Your expertise in cybersecurity implementation will be crucial in integrating robust protocols to safeguard against hacking, malware, and unauthorized access. Key Responsibilities: - Develop and maintain architecture designs for ICS environments - Ensure compliance with industry standards and regulations - Implement cybersecurity measures to protect ICS systems - Conduct risk assessments and develop mitigation strategies - Proficiency in programming languages used in ICS environments - Possess relevant certifications such as CSSA or CISSP - Design ICS environments for critical infrastructure sectors - Perform vulnerability assessments using ICS tools - Stay updated on emerging technologies in industrial automation and AI-driven control systems - Ability to work under pressure in high-stakes industrial environments Qualifications Required: - Bachelor's degree in a relevant field - Hands-on experience with ICS vulnerability assessment tools - Knowledge of programming languages like C++, Python, and ladder logic - Familiarity with cybersecurity certifications like CISSP - Experience in designing ICS environments for critical infrastructure sectors - Strong understanding of compliance standards such as NERC CIP, IEC 62443, NIST 800-82 In terms of the work environment, you can expect a hybrid or on-site work model depending on the location and project requirements. There may be occasional travel involved to industrial sites or partner/vendor locations, with travel expected to be up to 25%. It is essential to ensure that all designs align with relevant compliance standards to maintain the integrity of the systems. Please note that the job code for this position is GO/JC/918/2025, and the recruiter responsible for this role is Christopher.,

Position :- VAPT Junior Security Analyst - 2+yrs Job location:- Ghansoli Work from office Shifts:- rotational shifts No of Vacancy :- 1 Walkin for interview dated :- 12th sept between 2pm to 5pm. 13th Sept at 9am to 12pm Interview SPOC- RUCHIKA HR Roles and Responsibilities:- 1. Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). 2. Analyze vulnerability assessment results to identify and prioritize risks. 3. Develop and maintain vulnerability management processes and procedures. 4. Coordinate vulnerability remediation activities with relevant stakeholders. 5. Perform penetration testing to assess the effectiveness of security controls. 6. Stay up-to-date on the latest security threats and vulnerabilities. Relevant Skills and Experience:- . Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box) and custom scripting. Knowledge of c ommon security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Familiar with KALI Linux & Parrot OS Experience with source code analysis tools. Experience with web application security testing. Experience with mobile application security testing. Experience with security incident response. Strong problem-solving and analytical skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Qualifications:- Bachelor's degree in computer science, information technology, or a related field. Security certifications (e.g., CISSP, CISM, CEH, OSCP). Experience :- 2-5 years of experience in vulnerability assessment, penetration testing including Qualys, Nessus, Kali Linux, Parrot OS. Preferred candidate from Mumbai ( Central & Harbour line ) under 20 kilometers Interested candidate can share or carry updated cv in mgs.rec@mizuho-cb.com or can directly Walkin for interview.

Conduct VAPT on apps, networks, cloud & APIs Simulate real-world attacks & report risks Validate findings & prioritize vulnerabilities Provide remediation guidance & re-testing Enhance VAPT methods & stay updated on threats

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality Check: Conduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls Evaluation: Test and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing Documentation: Document control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and Reporting: Identify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance Reporting: Prepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional Collaboration: Collaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team Certification: CISA preferred Mandatory Skills: GRC Consulting. Experience: 5-8 Years.

Job Purpose Information security team member (with skip level reporting to CISO) who is proficient in maintaining & managing Source Code Security and SBoM (Software Bill of Material). Information Security tool management & governance. Understanding of regulatory requirements. Driving information Security projects & Monitoring Key Risk Indicators (KRIs) for Software Security. Duties and Responsibilities Minimum required Accountabilities for this role 1. Secure Code Review and Vulnerability Remediation Perform and drive regular secure code reviews for web, Android, and iOS applications to proactively identify security weaknesses. Provide actionable remediation guidance and ensure timely tracking and closure of identified code vulnerabilities. 2. SBOM Compliance and Regulatory Alignment Ensure the organizations Software Bill of Materials (SBOM) is accurate and compliant with industry and government regulatory standards. Support audits and compliance efforts by maintaining evidence of SBOM integrity and traceability. 3. Cross-Functional Engagement Work closely with technology teams, business units, and external partners to drive resolution of security issues within defined SLAs. Facilitate communication of security findings and timelines to non-technical stakeholders. 4. Security Dashboards and Reporting Design and maintain security scorecards and dashboards that provide clear visibility into vulnerability status, remediation progress, and risk trends. Present findings and metrics to leadership to support informed decision-making. 5. Enterprise Threat and Vulnerability Management Continuously track, prioritize, and communicate security threats and vulnerabilities affecting the organization. Stay updated on emerging threats and coordinate with relevant teams for timely mitigation. Additional Accountabilities pertaining to the role Develop and maintain secure coding standards and policies. Collaborate with developers and IT teams to ensure adherence of secure coding practices. Discover and Mitigate Cyber Risks and exploitable vulnerabilities in the internet facing apps/assets Work with partners in carrying out comprehensive VAPT assessment Ethical Hacking and performing VAPT activity Latest technology security API, Microservices, RPA, IOT etc. Maintain compliance as per organization compliance policy Highlight risk & mitigation plan Responsible for Reports & Technical documentation. Should be capable to guide the team/individual on requirement basis. Communicate effectively with stakeholders & cross function teams Strong troubleshooting, analytical, and communication skills Good attitude towards corporate environment. Team player & Mentor to the team. Key Decisions / Dimensions Identification of right mitigation for secure code. Review the observation and suggest alternate code fixes if primary fix is not feasible. Discuss observation response as applicable & improve security controls. Face applicable audits. Major Challenges Handling multiple stakeholders at a time Reviewing and validating issues identified in SAST Coordination with third party consultants who assist in auditing and compliance initiatives Required Qualifications and Experience a)Qualifications Engineering Graduate with 35 years of total experience in DevSecOps or related application security roles. b)Work Experience Hands-on experience as a Security Champion or in a similar cross-functional role, actively performing source code reviews. Strong expertise in Software Bill of Materials (SBOM) management and good understanding of third-party dependency risks are essential. Familiarity with security tools such as GHAS (GitHub Advanced Security), Checkmarx, Burp Suite, OWASP ZAP, etc. Strong understanding of OWASP Top 10, secure coding practices, and security testing methods. Solid programming knowledge in languages such as Java, Python, Flutter, JavaScript, C#, or Go. Experience with CI/CD environments and integrating security tools into pipelines. Sound knowledge on IT infrastructure, Information Security concept, regulatory guidelines related to IT and cyber for NBFCs Positive attitude, Hard Worker and team player Excellent Communication and Leadership Skills Certifications like CEH (Ethical Hacking), Azure/AWS Security, application penetration testing would be an added advantage

Job Purpose Information security tech team member (with skip level reporting to CISO) who is proficient in maintaining & managing NBAD technology, Information Security tool management & governance. Understanding of regulatory requirements, maintaining the tool compliance, configuring the tool policy, logs review & alert/incident handling. Driving information Security projects & Monitoring Key Risk Indicators (KRIs) Duties and Responsibilities A-Minimum required Accountabilities for this role Deployment & Configuration Lead or assist in the deployment of DAM tools (e.g., Imperva SecureSphere, IBM Guardium, DataSunrise, Oracle Audit Vault). Configure agents/connectors for various database platforms (Oracle, SQL Server, MySQL, PostgreSQL, etc.). Ensure proper integration with SIEM and other security infrastructure. Validate data collection and ensure coverage across critical databases. Management & Maintenance Create, Maintain and update DAM policies, rules, and configurations. Monitor DAM tool health, performance, and data integrity. Perform regular audits of DAM coverage and ensure alignment with compliance requirements. Manage user access and role-based permissions within the DAM platform. Incident Detection & Handling Monitor alerts and logs for suspicious database activity (e.g., unauthorized access, privilege escalation, data exfiltration). Investigate DAM-generated incidents and coordinate with SOC/IR teams. Document incident findings and support forensic analysis. Recommend and implement remediation actions based on incident outcomes. Collaboration & Knowledge Sharing Work closely with DBAs, InfoSec, and IT teams to ensure secure database operations. Provide training and guidance on DAM tool usage and best practices. Stay updated on DAM tool enhancements and database security|A-Additional Accountabilities pertaining to the role Design, implement, and manage SNA policies to protect infa and network. Maintain compliance as per organization compliance policy Highlight risk & mitigation plan Conduct and manage security assessments (vulnerability scans) for infra and network, SNA tool. Work with SOC team to investigate security alerts and improve detection rules. Document security policies, configurations, and incident reports. Flexible to extend beyond work hours towards accomplishing assigned tasks. Risk analysis and mitigation Interaction with OEM for Highly Critical technical support. Responsible for Reports & Technical documentation. Should be capable to guide the team/individual on requirement basis. Communicate effectively with stakeholders & cross function teams Responsible for MIS Reports/ Technical documents Vendor Co-ordination Excellent spoken and written English Communication. Strong troubleshooting, analytical, and communication skills Good attitude towards corporate environment. Team player & Mentor to the team. Energetic, self-motivated and self-sufficient in accomplishing tasks. Good analytical and problem-solving skills. Key Decisions / Dimensions Identification of right contacts to channelise the issue/problem for closure. Review the alert/incident and categorised True positive / False positive and take require steps. Discuss observation response as applicable & improve security controls. Decide if the policy and procedure documents need changes based on new regulations or audit outcomes Major Challenges Handling of fast changing environment with variety of cloud service providers Handling of compliance expectations in stringent timelines Handling multiple stakeholders at a time Coordination with third party consultants who assist in auditing and compliance initiatives Required Qualifications and Experience Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). Minimum 4+ years of experience in network security, cybersecurity operations, or a similar role. Minimum 2+ years in Information / Cyber / network security. a)Work Experience Knowledge & hands-on experience in information security tool compliance & incident management (SNA, AV/EDR, Vulnerability management tool, SIEM tool, Tenable nessus) Sound knowledge on IT infrastructure, Information Security concept & tools, ISMS & BCMS frameworks, regulatory guidelines related to IT and cyber for NBFCs Experience in Project management. Positive attitude, Hard Worker and team player Excellent Communication and Leadership Skills Certifications like CEH (Ethical Hacking), Cisco Certified CyberOps Associate, Cisco Secure Network Analytics (Stealthwatch) Training would be an added advantage

Position :- VAPT Junior Security Analyst - 2+yrs Job location:- Ghansoli Work from office Shifts:- rotational shifts No of Vacancy :- 1 Walkin for interview dated :- 11th sept & 12th sept between 2pm to 5pm. 13th Sept at 9am to 12pm Roles and Responsibilities:- 1. Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). 2. Analyze vulnerability assessment results to identify and prioritize risks. 3. Develop and maintain vulnerability management processes and procedures. 4. Coordinate vulnerability remediation activities with relevant stakeholders. 5. Perform penetration testing to assess the effectiveness of security controls. 6. Stay up-to-date on the latest security threats and vulnerabilities. Relevant Skills and Experience:- . Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box) and custom scripting. Knowledge of c ommon security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Familiar with KALI Linux & Parrot OS Experience with source code analysis tools. Experience with web application security testing. Experience with mobile application security testing. Experience with security incident response. Strong problem-solving and analytical skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Qualifications:- Bachelor's degree in computer science, information technology, or a related field. Security certifications (e.g., CISSP, CISM, CEH, OSCP). Experience :- 2-5 years of experience in vulnerability assessment, penetration testing including Qualys, Nessus, Kali Linux, Parrot OS. Preferred candidate from Mumbai ( Central & Harbour line ) under 20 kilometers Interested candidate can share or carry updated cv in mgs.rec@mizuho-cb.com or can directly Walkin for interview.