271 Ceh Jobs - Page 10

Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: Job Overview This role will be responsible for supporting 24x7 operations thus requires working night / weekend shifts on a rotational basis to support the business requirements of the organization Primary responsibilities include monitoring and triaging all security events coming into SOC / CDC from multiple sources. Security events include but not limited to; social engineering attacks, malware, DDoS, data exfiltration, ransomware etc.Triage for first 20 minutes as per standard operating procedure, and post which engage Tier2 for further assistanceIdentifying and Analyzing of security event and incident data by leveraging Orchestration tool workflows and knowledge baseUpdating the Ticketing system thoroughly and timelyCommunicating with stake holders for making sound recommendations on mitigation and or prevention techniquesFollow up and resolution of issues/tickets timely per SLA"™sFollow-up on pending tickets and issues ensuring SLA"™sWorking closely with Tier3 teamsEscalating security events in a timely mannerStaying current with new Use Cases and process changesActively participate in brown bag sessions Min. Qualifications The individual must also have a good awareness of current and developing security threats and technologiesStrong proficiency in security event investigations, also in written and spoken EnglishStrong interpersonal skills and a good team playerPrior professional services experience in 24x7 SOC or CDC operations is desiredBachelor"™s degree or Master"™s Degree in Computer Sciences or in Cyber Security Preferred Qualifications 3 - 5 years of experience working in a SIEM tool with strong background in security incident response and system operationsCEH, Security+, OSCP or other industry-relevant cyber-security certifications and ITIL V3.0 knowledge is a plus Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of cybersecurity-relevant work experience. OR High school diploma or equivalent and 4+ years of cybersecurity-relevant work experience. Physical Requirements: Frequently transports and installs equipment up to 40 lbs.

Security Analyst Job Summary The Security Analyst will perform initial triage and investigation activities, gather relevant data and escalate alerts for additional action, if necessary. Additionally, this role will investigate phishing emails detected by security tools or reported to the Security Team from users. The analyst will investigate the email contents and take corrective actions as needed. Duties & Responsibilities Triage alerts originating from security tools, such as intrusion detection/prevention systems, security information and event management (SIEM), firewalls and host based security systems Conduct log based and endpoint based threat detection to detect and protect against threats coming from multiple sources Investigate reported phishing emails, malicious files / URLs and take appropriate action Assist with incident tracking and documentation Stay current on emerging threats and vulnerabilities to aid in the identification of incidents Provide users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary Perform security standards testing against IT Assets before implementation to ensure security Validate people, processes, and technology comply with IT policies Experience & Education Requirements 4 7 years of relevant experience in Information Security Awareness of Information Security, compliance, and/or other security standard methodologies and principles, such as NIST/SANS, MITRE ATT&CK, and CIS Controls Familiarity with security data analysis, including UEBA, using analytic tools and other query language In depth knowledge of networking, client / server operations, packet analysis Experience leveraging SIEMs to investigate and respond to alerts Understanding of Cyber Kill Chain and associated APT methodologies Phishing analysis response experience, to include:email header review, open source tools, and attack vector analysis Malware analysis of attachments, to include:Sandboxing, open source tools, isolated environments. Preferred Requirements Security certifications, i.e., CompTia, CEH, GIAC, Offensive Security, etc. Hands on experience in Incident Response Monitoring, Forensics, or related specialty. Skills & Abilities Ability to work collaboratively across multiple teams Strong communication skills to effectively convey technical data to non technical audiences Dedicated work ethic Strong work prioritization and planning skills Strong troubleshooting and problem solving skills Should be able to support 24*7 rotational shifts

BE / MCA Data security main role is making strategy about data management. And he should auditing department/dealership/vendor/etc. Candidate needs strong data security analytical skills to identify and mitigate potential security threats. Required Candidate profile Certifications like CompTIA Security+, Certified ISO 27001, Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker (CEH) Manage Information Security policies

Job Role: Offensive Security Engineer Location: Bangalore Job Type: Full-time Experience: 3+ years in Offensive Security / Penetration Testing About Zybisys At Zybisys , we are committed to securing digital ecosystems by proactively identifying and mitigating cyber threats. As we expand our security team, we are looking for a highly skilled Offensive Security Engineer who thrives in ethical hacking, red teaming, and vulnerability exploitation to strengthen our security posture. Role Overview As an Offensive Security Engineer , you will be responsible for simulating real-world cyberattacks to identify vulnerabilities, assess risks, and improve security defenses. You will work closely with security analysts, DevOps, and IT teams to enhance the organization's resilience against cyber threats. Key Responsibilities Penetration Testing & Red Teaming Conduct advanced penetration testing on web apps, networks, APIs, cloud, and mobile applications. Simulate real-world attack scenarios to evaluate security defenses. Perform internal/external network and infrastructure security assessments. Vulnerability Research & Exploitation Identify, analyze, and exploit vulnerabilities across various systems. Develop custom scripts or exploits for proof-of-concept attacks. Work with security teams to ensure timely patching and risk mitigation. Security Tool Development & Automation Develop and maintain security testing tools and automation scripts. Integrate offensive security techniques into CI/CD pipelines. Threat Hunting & Adversary Simulation Conduct red team and purple team exercises to test detection & response capabilities. Stay ahead of cyber threats by researching latest hacking trends, zero-days, and TTPs. Security Reporting & Collaboration Document security findings with detailed remediation steps. Work with engineering teams to implement security best practices. Contribute to security awareness training within the company. Required Skills & Qualifications Experience: 3+ years in offensive security, penetration testing, or red teaming. Technical Expertise: Strong knowledge of penetration testing tools (Burp Suite, Metasploit, Nmap, Kali Linux, etc.). Deep understanding of network security, web security, and cloud security . Proficiency in exploit development, reverse engineering, and malware analysis . Experience with scripting languages ( Python, Bash, PowerShell ). Hands-on experience with Active Directory attacks, privilege escalation, and lateral movement . Certifications (Preferred, Not Mandatory): OSCP (Offensive Security Certified Professional) OSWE / OSEP / OSEE (Advanced Offensive Security Certifications) CEH (Certified Ethical Hacker) CRTO (Certified Red Team Operator) GPEN (GIAC Penetration Tester) Why Join Zybisys? Work on cutting-edge security projects with real-world impact. Be part of an elite cybersecurity team tackling advanced threats. Continuous learning with access to security tools, training, and certifications. Competitive salary, benefits, and performance-based incentives.

Role & responsibilities [CEH certification is prefferred] Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents affecting the enterprise. This includes analysis of logs from: IDS/IPS. Firewall. Proxies. Anti-virus and end-point protection. Servers and workstations. Cloud security technologies and devices. Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions or escalates up to senior members of the team as appropriate. Leverage fundamental understanding of Operating Systems (Windows, Unix/Linux,) in support of identifying security incidents and to have a proper overview of risk profile. Execute analysis of email based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures. Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination. Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery. Leverage network security tools and capabilities to support Cyber Threat Monitoring activities. Document results of cyber threat analysis effectively and prepares comprehensive handoff and/or escalation for Incident Reponses or other teams within the TMC. Support in writing technical articles for knowledge sharing within the team, when necessary. Preferred candidate profile & Skills Required B.Tech (Any specialization) Knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, Routers, etc. Knowledge of Security principles, techniques and technologies Knowledge of Ethical hacking Knowledge of SIEM tools is good Experience with Vulnerability scanners Analytical and problem-solving skills Ability to manage multiple tasks Basic knowledge of IT technologies, ideally related to Security Basic knowledge of Windows server and Unix/Linux operating systems Proficiency in written and spoken English Willingness to learn and improve Perks and benefits On par with industry standard

5+ years of exp in a Security Analyst or related role.Hands-on exp with security monitoring, vulnerability management, penetration testing tools & incident response.Excellent understanding of network protocols (TCP/IP,DNS,HTTP, etc.).Exp in Risk Mgt. Required Candidate profile Maintain & manage security tools(e.g.Next gen AV,EDR,SIEM & Network protocol).Compliance with security standards & frameworks(e.g.,ISO 27001).Certified (Optional)-CEH,CISM,ISO 27001:2022 Lead Auditor.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment ..Interested candidate can share resume to ankita.patari@happiestminds.com Work Location: Belapur, Navi Mumbai Experience: 11-15 Years General Shift who can join with 30 days notice period Skills: Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10,OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Job Description: Project Management - Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Thanks And Regards, Ankita Ghosh ankita.patari@happiestminds.com

Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate whats next. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap for all of HPE. This includes managing the design, development, and product portfolio of our next-generation cloud platform, Green Lake. Working with customers, we help them reimagine their information technology needs to deliver a simple, consumable solution that helps them drive their business results. Join us redefine what’s next for you. What you’ll do: We are seeking a Software Engineer with strong coding expertise and a solid background in systems engineering and security . The ideal candidate should have experience working with security tools and processes, possess in-depth knowledge of system architecture, and demonstrate the ability to identify and resolve security vulnerabilities. This role involves contributing to the design, implementation, and maintenance of secure systems and applications while ensuring adherence to the best practices in security. This roles involves in Identification and evaluating new technologies, innovations, to ensure alignment with the technology roadmap and business value; creates plans for integration and update into architecture Reviews and evaluates designs and project activities for compliance with development guidelines and standards; provides tangible feedback to improve product quality and mitigate failure risk. Key Responsibilities Coding and Development Write clean, efficient, and secure code using modern programming languages (C# (preferred)). Collaborate with teams to design and develop secure systems and applications. Implement and integrate security tools and frameworks into the development lifecycle. Security Practices Perform security assessments and identify vulnerabilities in existing systems and applications. Deep expertise in software systems design, development methodologies, and integration across diverse platforms and technologies Proficient in cloud-based security concepts like using Identity and Access Management, firewalls, VPN and in-plane switching (IPS) systems Integrate and configure security tools (e.g., static and dynamic code analysis, vulnerability scanners, penetration testing tools). Define and enforce security policies, processes, and best practices across development and deployment. Monitor, analyze, and respond to security incidents and events. System Background Work with system-level components to ensure security in software, operating systems, and networks. Optimize performance and security in multi-threaded, distributed, or cloud-based systems. Collaborate with infrastructure and DevOps teams to enhance the overall system security posture. History of innovation with multiple patents or deployed solutions in the field of software design Collaboration and Documentation Collaborate with cross-functional teams, including product management, DevOps, and QA, to embed security in all stages of the SDLC. Create and maintain detailed documentation of security processes, tools, and guidelines. Provide technical guidance and mentoring to junior team members. Implement Agile practices to ensure continuous delivery and incremental progress. Promote and apply the left-shift strategy by identifying and addressing potential issues early in the development process. Actively participate in daily stand-ups, sprint planning, retrospectives, and backlog grooming sessions. What you need to bring: 10+ years of experience Strong coding skills in C# (.NET) (preferred) programming languages. Solid understanding of security tools (e.g., OWASP, SonarQube, Burp Suite, Nessus, Metasploit) and their integration. Familiarity with secure coding standards and best practices (e.g., OWASP Top 10). Experience with system-level programming and debugging. Knowledge of system security principles , including authentication, authorization, encryption, and secure protocols. Hands-on experience with cloud platforms (AWS, Azure, or GCP) and securing cloud infrastructure. Strong understanding of operating systems, networking, and system architecture. Experience in performing threat modeling , vulnerability management , and risk assessment . Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. Preferred Skills Certifications like CISSP , CEH , OSCP , or equivalent are a plus. Experience with container security (e.g., Docker, Kubernetes). Knowledge of compliance standards (e.g., GDPR, HIPAA, PCI-DSS). Experience in cryptographic libraries and protocols. Educational Qualifications Bachelor’s/Master’s degree in Computer Science, Cybersecurity, Systems Engineering, or a related field. What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Diversity, Inclusion & Belonging We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. Job: Engineering HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT and Affirmative Action employer. We are committed to diversity and building a team that represents a variety of backgrounds, perspectives, and skills. We do not discriminate and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global diverse team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate whats next. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap for all of HPE. This includes managing the design, development, and product portfolio of our next-generation cloud platform, Green Lake. Working with customers, we help them reimagine their information technology needs to deliver a simple, consumable solution that helps them drive their business results. Join us redefine whats next for you. What you’ll do: We are seeking a Software Engineer with strong coding expertise and a solid background in systems engineering and security . The ideal candidate should have experience working with security tools and processes, possess in-depth knowledge of system architecture, and demonstrate the ability to identify and resolve security vulnerabilities. This role involves contributing to the design, implementation, and maintenance of secure systems and applications while ensuring adherence to the best practices in security. This roles involves in Identification and evaluating new technologies, innovations, to ensure alignment with the technology roadmap and business value; creates plans for integration and update into architecture Reviews and evaluates designs and project activities for compliance with development guidelines and standards; provides tangible feedback to improve product quality and mitigate failure risk. Key Responsibilities Coding and Development Write clean, efficient, and secure code using modern programming languages C#/.Net (preferred). Collaborate with teams to design and develop secure systems and applications. Implement and integrate security tools and frameworks into the development lifecycle. Security Practices Perform security assessments and identify vulnerabilities in existing systems and applications. Deep expertise in software systems design, development methodologies, and integration across diverse platforms and technologies Proficient in cloud-based security concepts like using Identity and Access Management, firewalls, VPN and in-plane switching (IPS) systems Integrate and configure security tools (e.g., static and dynamic code analysis, vulnerability scanners, penetration testing tools). Define and enforce security policies, processes, and best practices across development and deployment. Monitor, analyze, and respond to security incidents and events. System Background Work with system-level components to ensure security in software, operating systems, and networks. Optimize performance and security in multi-threaded, distributed, or cloud-based systems. Collaborate with infrastructure and DevOps teams to enhance the overall system security posture. History of innovation with multiple patents or deployed solutions in the field of software design Collaboration and Documentation Collaborate with cross-functional teams, including product management, DevOps, and QA, to embed security in all stages of the SDLC. Create and maintain detailed documentation of security processes, tools, and guidelines. Provide technical guidance and mentoring to junior team members. Implement Agile practices to ensure continuous delivery and incremental progress. Promote and apply the left-shift strategy by identifying and addressing potential issues early in the development process. Actively participate in daily stand-ups, sprint planning, retrospectives, and backlog grooming sessions. What you need to bring: 14+ years of expereinceStrong coding skills in C# (.NET) (preferred) programming languages. Solid understanding of security tools (e.g., OWASP, SonarQube, Burp Suite, Nessus, Metasploit) and their integration. Familiarity with secure coding standards and best practices (e.g., OWASP Top 10). Experience with system-level programming and debugging. Knowledge of system security principles , including authentication, authorization, encryption, and secure protocols. Hands-on experience with cloud platforms (AWS, Azure, or GCP) and securing cloud infrastructure. Strong understanding of operating systems, networking, and system architecture. Experience in performing threat modeling , vulnerability management , and risk assessment . Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. Preferred Skills Certifications like CISSP , CEH , OSCP , or equivalent are a plus. Experience with container security (e.g., Docker, Kubernetes). Knowledge of compliance standards (e.g., GDPR, HIPAA, PCI-DSS). Experience in cryptographic libraries and protocols. Educational Qualifications Bachelor’s/Master’s degree in Computer Science, Cybersecurity, Systems Engineering, or a related field. What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Diversity, Inclusion & Belonging We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. Job: Engineering HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT and Affirmative Action employer. We are committed to diversity and building a team that represents a variety of backgrounds, perspectives, and skills. We do not discriminate and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global diverse team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories. Explore Location

Preferred candidate profile: Notice period: Looking for immediate joiners only. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS) Strong understanding of security risks in networks and application platforms Strong understanding of network security, infrastructure security and application security Strong understanding of OSI, TCP/IP model and network basics Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms Broad knowledge of security technologies for applications, databases, networks, servers, and desktops Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones. Scripting and programming experience is beneficial Ability to perform manual penetration testing Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actor. Good Understanding of OWASP top 10 and mitigation techniques Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues Database testing: MySQL, Oracle, NoSQL Understanding of cyber security management, cyber analytics, security intelligence platforms and threat intelligence frameworks Writing business proposals and response to client RFP/ RFIs Identifying business opportunities and lead delivery and program management for large cyber security programs Delivery team and client relationship management. Preferred Certifications: CEH, ECSA, OSCP, CISSP, CCSK, OCSE, CCSP, AWS Security

We are hiring for Security Engineer- Navi Mumbai Location (Belapur) for one of our project. Interested candidate can share resume to ankita.patari@happiestminds.com Experience: 2 to 5 Years Location: Navi Mumbai Location (Belapur) Office Timings: Monday to Friday (First Saturday and Third Saturday working) Looking for max 15 Days Joiners only Immediate Joiners please mentioned in Subject Line(Immediate Joiner_AppSec) General Shift Exp Range-2 to 5 Years Skills Source Code :- Secure Code Review / Static Application Security Testing Software Composition Analysis AppSec (Web, Mobile, Thick Client) & API :- Web Application & Thick Client Penetration Testing (DAST) API Security Testing Mobile Application Security Testing (MAST) Network Security:- Network Security VAPT IT Infrastructure VAPT Network Security Configuration Review Process/Architecture Review :- Secure SDLC Process Review Network Security Architecture Review SCD/VA/DFRA/DB Review ;- Database Security Configuration Review Digital Forensics Readiness Assessment Secure Configuration Document Vulnerability Assessment Thanks And Regards, Ankita P Ghosh ankita.patari@happiestminds.com

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Managed Services Information Security Analyst is a seasoned subject matter expert, responsible for working with security tools and other security teams to monitor, analyze, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services. This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients. What you'll be doing Key Responsibilities: Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts. Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting. Monitors security tools to review and analyze security logs from client environments. Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience. Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards. Utilizes and documents best practices and amends existing documentation as required. Identifies opportunities to make automations which will help the clients and security delivery teams. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics., Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure. Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required. Performs defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information. Undertakes threat hunting activities across both individual client estates, as well as cross client hunting. Manages unresolved incidents and follows up until incidents are resolved. Works closely with client delivery teams to support their activities related to client delivery. Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client. Performs any other related task as required. Knowledge and Attributes: Seasoned knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts. Seasoned knowledge on security architecture, worked across different security technologies. Seasoned knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised. Displays excellent customer service orientation and pro-active thinking. Displays problem solving abilities and is highly driven and self-organized. Excellent attention to detail. Excellent analytical and logical thinking. Excellent spoken and written communication abilities. Team player with the ability to work well with others and in group with colleagues and stakeholders. Ability to remain calm in pressurized situations. Ability to keep current on emerging trends and new technologies in area of specialization. Academic Qualifications and Certifications: Bachelor's degree or relevant qualification in Information Technology or Computing or a related field. Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous. Required Experience: Seasoned experience in SOC Analysis Operations. Seasoned experience in SIEM usage for investigations. Seasoned experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy. Seasoned experience in dealing with technical support to clients. Seasoned experience in handling security incidents end to end. Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools. Seasoned experience in Security Analysis or Engineering preferably gained within a global services organization. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

We are seeking an experienced Cybersecurity Analyst to join our Security Operations Center (SOC) team. The SOC provides 24x7 security operations monitoring for the Russell Investments environment. Youll use various tools and dashboards to monitor the environment, triage events to detect legitimate security concerns, and respond according to established processes. Youll interact regularly with other members of the Cybersecurity team as well as other IT support teams. Interested candidates please share your updated resume to vdias@russellinvestments.com Job Location: Goregaon East Role Responsibilities Monitor and analyze security events and incidents using advanced security tools to identify potential threats, vulnerabilities, and suspicious activities. Recognize potential, successful, and unsuccessful intrusion attempts Conduct in-depth analysis of security incidents, leveraging various sources of threat intelligence, to determine the scope and impact of security threats and incidents. Stay up to date with the latest cybersecurity news and trends, and provide insights and recommendations to enhance our security posture. Engage with various teams to expand your knowledge of the environment Research new and evolving threats that have the potential to impact the environment Serve on the incident response team for major or high-profile security incidents in tandem with external providers. Propose procedural updates and process improvements Be an escalation point for the SOC analysts Preferred candidate profile Minimum 4 years experience in Cybersecurity or related field Due to the nature of 24x7 SOC monitoring requirements, this position requires, subject to compliance with applicable laws, occasional weekend work and alternate shifts as needed to ensure adequate coverage and meet the demands of our operations. Certifications such as CISSP and CEH are desirable Knowledge of cybersecurity principles, concepts, and practices Knowledge of networks, firewalls, and operating systems Strong analytical and problem solving skills, with the ability to collate and interpret data from various sources, assess complex security issues, and propose effective solutions. Experience with security incident detection and response Familiarity with security technologies, such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners. Familiarity with industry standards and frameworks, such as NIST Cybersecurity Framework and ISO 27001. Core Values Strong interpersonal, oral, and written communication and collaboration skills Strong organizational skills including the ability to adapt to shifting priorities and meet frequent deadlines, Proactive approach to problem-solving with strong judgment and decision-making capability. Highly resourceful and collaborative team-player, with the ability to also be independently effective and exude initiative and a sense of urgency. Exemplifies our customer-focused, action-oriented, results-driven culture. Forward looking thinker, who actively seeks opportunities, has a desire for continuous learning, and proposes solutions. Ability to act with discretion and maintain complete confidentiality. Dedicated to the firms values of non-negotiable integrity, valuing our people, exceeding client expectations, and embracing intellectual curiosity and rigor.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education About The Role ::Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Key responsibilities: Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware. Perform hardware penetration testing to identify vulnerabilities in electronic systems. Assess the security of medical devices, ensuring compliance with industry regulations and standards. Identify and address security risks associated with healthcare information systems and connected medical instruments. Evaluate and prioritize security risks based on potential impact and likelihood. Provide recommendations and collaborate with cross-functional teams to implement effective security controls. Stay current with emerging security threats, vulnerabilities, and testing methodologies. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle. Document security testing processes, findings, and remediation recommendations. Generate comprehensive reports for stakeholders, including technical details and actionable insights.Technical experience: Hands on experience with penetration testing tools and methodologies. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments. Knowledge of secure coding practices and the ability to review code for security vulnerabilities. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines. Experience with threat modeling and risk assessment frameworks. Familiarity with secure development practices for embedded systems. Understanding of regulatory requirements for medical device security. Strong understanding of networking protocols, encryption, and authentication mechanisms.Professional attributes: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. Ability to manage multiple tasks and deadlines. Qualifications: Bachelor's or master's degree in engineering or computer science, Information Security, or a related field. Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). Qualifications 15 years full time education

What youll be doing The Network Repair Bureau (NRB) seeks driven and highly motivated talented individuals to join our team. The NRB operates 24x7 to provide continuous management and support of the wireless network. The Engineer III position is responsible for centralized Tier 1 troubleshooting, operation, and management of the Verizon Wireless Network. As a part of a highly visible team, you are accountable for ensuring high network availability and attainment of service levels. As an Engineer III, you will learn and apply new technical skills to support the interdepartmental objectives including: effectively communicating and escalating network issues to ensure quick resolution; utilizing a network management system to detect network events; and creating trouble tickets to document issues. Additional responsibilities include answering incoming telephone calls to the NRB. Key responsibilities: Performing Triage, fault isolation, and remediation of network events Working with external and internal Verizon organizations coordinating and troubleshooting network events Providing Timely and accurate network technical assistance to external teams by communicating technical details and status to customer service centers, technical support organizations, and executive management teams during network events and major outages. Where Youll Be Working... This role will have a defined work location that may include work from home and assigned office days as set by the manager. What were looking for Youre a motivated self-starter and quick learner who thrives in a fast-paced environment. You meet all new challenges with a commitment to quality and team collaboration. You are flexible, dependable, and work well in varying environments. Youll need to have: Bachelors degree or one or more years of related work experience. Experience in Microsoft Office (Word, Excel), Google Suite (Mail, Docs, Sheets, Slides), Slack, and general computer skills. Previous experience with Remedy, NSP, CNS, and/or other ticketing tracking systems. Previous experience engaging with customers, ensuring follow-through for ticket resolution. Willingness to work rotating shifts including weekends and holidays Demonstrated strong analytical and problem-solving skills. Ability to work from 6am - 3pm local time including weekends and holidays based on the needs of the business. Even better if you have one or more of the following Bachelors degree in Computer Science, Software Engineering, Electrical Engineering, or any other related discipline. Knowledge of LTE Networks and 4G to 5G Technologies. Knowledge of Cloud and Virtualized solutions (OpenStack/ VMWare). Scripting with Python, No-JS, Perl, or equivalent languages. Ability to follow established guidelines, policies, and procedures. Ability to work in a high-pressure, dynamic environment and adjust to priority changes. Commitment to quality and the ability to work well in a team environment. #NRBNONCDIO

What youll be doing... Youll be finding the right technology to help ensure our customers keep their systems secure and spot risks before they become real threats. But youll be doing more than just providing SOX and IT securityyoull help customers prepare for the unexpected, defend their systems, and protect their business, brand, and bottom line. Designing solutions to mitigate risk and close security gaps and reduce vulnerability. Managing SOX Audit. PM/Engineering effort for tracking Security vulnerabilities. Working closely with VCG Application Development, App Security teams and other Key stakeholders in strategizing SOX and Security Engineering Practices and mitigating the Security Vulnerabilities. Adhering to industry standards and best practices and understanding emerging technologies and trends to continuously improve the systems, application, infrastructure, and processes. Performing SOX QA Support for Controls to ensure minimal SOX findings by auditors. Conducting quarterly Lesson Learned with SOX POCs/Directors/Performers to prevent the same issues from happening quarter over quarter. Supporting SOX BOT automation enhancements and testing in partnership with Control Performers. Supporting SOX Ops - Maintain and enhance SOX SOP documents for effective QA reviews by team. Where you'll be working... In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. What were looking for... Application Security Skills: Secure Coding Practices: Deep understanding of secure coding principles and common vulnerabilities (OWASP Top 10, SANS 25) in various languages (e.g., Java, Python, .NET, JavaScript). SAST/DAST/IAST Expertise: Proficiency in using and interpreting results from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and ideally Interactive Application Security Testing (IAST) tools. Open Source Software (OSS) Security: Knowledge of common OSS vulnerabilities, license compliance issues, and tools for managing OSS risks. Threat Modeling: Ability to perform threat modeling exercises to identify potential security weaknesses in application architectures and designs. Cloud Security (for Cloud-Native Apps): Familiarity with cloud security concepts, including secure configuration of cloud services (e.g., AWS, Azure, GCP), identity and access management (IAM), and cloud-native security tools. Logging and Monitoring: Experience with implementing and analyzing security logs, setting up security information and event management (SIEM) systems, and using intrusion detection/prevention systems (IDS/IPS). DevSecOps Practices: Understanding of integrating security into the software development lifecycle (SDLC) using DevSecOps methodologies and tools. Platform Security Skills: Cloud Security: Strong knowledge of cloud security best practices, including securing cloud infrastructure (compute, storage, network), managing cloud access, and implementing security monitoring in cloud environments. Container Security: Expertise in securing containerized applications and their underlying infrastructure (e.g., Docker, Kubernetes), including image scanning, runtime security, and container orchestration security. Vulnerability Management: Proficiency in using vulnerability scanning tools (like Tenable) for both network and application layers, prioritizing vulnerabilities, and coordinating remediation efforts. Hardware Security: Understanding of hardware security concepts, including firmware security, hardware-based encryption, and physical security measures. Incident Response: Experience with incident response processes, including detection, containment, eradication, and recovery, as well as post-incident analysis. SOX Auditing Exposure/ Experience: We are seeking a highly motivated and detail-oriented SOX Audit person to join our growing team. In this role, you will play a crucial part in ensuring the effectiveness of our internal control environment and compliance with the Sarbanes-Oxley Act (SOX). Plan, execute, and document SOX testing procedures for key financial and IT controls. Identify and assess the design and operating effectiveness of internal controls. Evaluate control deficiencies and recommend remediation strategies. Collaborate with process owners to remediate control deficiencies and enhance the control environment. Stay abreast of SOX compliance requirements and industry best practices. Assist with the development and maintenance of SOX documentation, including process narratives, flowcharts, and risk control matrices. Participate in special projects and other duties as assigned Additional Important Skills: Automation and Scripting: Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automating security tasks and integrating security tools. Communication and Collaboration: Excellent communication skills to effectively convey security findings to technical and non-technical audiences and collaborate with development and operations teams. Problem-Solving and Analytical Skills: Strong analytical and problem-solving abilities to investigate security issues, identify root causes, and develop effective solutions. Youll need to have: Bachelors degree or four or more years of work experience. Four or more years of relevant experience required, demonstrated through work experience and/or military experience. Worked as a consultant. Four or more years of relevant experience in Application Security Skills, Platform Security Skills & SOX Auditing Exposure/ Experience. Even better if you have one or more of the following: A degree in engineering or computer science. Experience with security risk procedures, security patterns, authentication technologies and security attack pathologies. Certifications in one or more of the following: Security: CISSP, CISM, CEH, GCIH, GPEN, CCSK, Security+, Cisco, F5, BlueCoat, Check Point. Network: Cisco, Juniper, Palo Alto. Architecture: TOGAF. Service Delivery/Governance: ITILv2/3.

OVERALL PURPOSE OF THE ROLE: The primary responsibility of the specialist security Operationsis to ensure security risks are identified and managed within acceptable limits. The Security specialist will work closely with Design Authority, Solution Architects, IS Design,IS&T operations and Business teams to manage security of the organization RESPONSIBILITIES: To analyse and update critical and non critical log sources and their health status check for redundant log sources and take necessary steps working with right stake holders daily health check and monitoring of SOC infra Co-relationship, framework management for SOC use cases responsible for analytics and data crunching or data analysis and represenation of outcome for leadeship to make next decisions KPI definition, revision and imprvement for SOC infra, health and use cases TECHNICAL COMPETENCIES & EXPERIENCE To be considered for this role, candidate need to demonstrate the following skills experience and attributes: Bachelors/Masters degree in Engineering/Technology or related field Minimum 6-8 years of relevant IT experience Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc. Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode Proficient handson experience and understanding of various security tools and technologies. Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management Solid understanding of ITIL process framework Must understand and have worked in an operational environment such as a NOC or SOC for 2 4 years Demonstrated leadership experience in the area of Security Operations Proven planning, prioritization, and organizational skills Demonstrated drive for continuous learning, results orientation, and teamwork Ability to drive change through innovation & process improvement Ability to manage projects and drive action items with customers and crossfunctional peers Proven crisis management skills Professional & concise communication (written & verbal) Ability and flexibility to adapt to change, including shifting and competing priorities Demonstrated ability to be a big picture thinker, strategist, and long term planner Strong analytical skills with demonstrated problem solving ability Project management skills with a proven ability to design workable solutions will be an added advantage Exposure to ISO 27002 and ISO 27005

Role & responsibilities Project Role Description : Instrumental in keeping technology talent market relevant, by upskilling and cross skilling them. Primarily responsible for delivering foundational training in technology, delivery, professional development and industry content. Contribute to course content development and creation of questions for certification and assessments. Job Requirements : Key Responsibilities : Train employees on various Security Principals, Practices and security tools.Design, Develop, Review security training content and assessment creation through training need analysis. Open to learn new security skills and excel to conduct trainings in these areas Innovate and collaborate along with other team member Technical Experience : knowledge on OWASP application security fundamentals, Cloud fundamentals or Cyber security fundamentals or Cloud security fundamentals etc. Experience of 4-8 years. Professional Attributes : Quick learner, good presentation and articulation skills, collaboration, diligent, responsible, proactive and responsive Educational Qualification: Professional BE/BTech/MCA or equivalent Additional Info : Driving learning initiatives across organization as needed

Hiring Cyber Security Pros (No Beginners) -Teach VAPT/ethical hacking -4mo paid internship to polish teaching. -Confidentiality guaranteed; no employer exposure. -Need: 2-3yrs corp pentest experience (OSCP/CEH must) -Must Speak Hindi & English. Required Candidate profile VAPT: Web/Mobile/API. Tools: Burp/Metasploit/Kali. Core: OS internals, buffer/ROP, network (firewall/VLAN). Vuln analysis, reverse engg, social engg, cloud (AWS/Azure). Domain: OWASP, wireless, crypto Perks and benefits Bonus as per performance

Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: This role will be responsible for supporting 24x7 operations thus requires working night / weekend shifts on a rotational basis to support the business requirements of the organizationPrimary responsibilities include monitoring and triaging all security events coming into SOC / CDC from multiple sources. Security events include but not limited to; social engineering attacks, malware, DDoS, data exfiltration, ransomware etc.Triage for first 20 minutes as per standard operating procedure, and post which engage Tier2 for further assistanceIdentifying and Analyzing of security event and incident data by leveraging Orchestration tool workflows and knowledge baseUpdating the Ticketing system thoroughly and timely Communicating with stake holders for making sound recommendations on mitigation and or prevention techniquesFollow up and resolution of issues/tickets timely per SLAs Follow-up on pending tickets and issues ensuring SLAsWorking closely with Tier2 and Tier3 teams Escalating security events in a timely mannerStaying current with new Use Cases and process changesActively participate in brown bag sessions 'The individual must also have a good awareness of current and developing security threats and technologiesStrong proficiency in security event investigations, also in written and spoken EnglishStrong interpersonal skills and a good team playerPrior professional services experience in 24x7 SOC or CDC operations is desiredBachelors degree or Masters Degree in Computer Sciences or in Cyber Security '3 - 5 years of experience working in a SIEM tool with strong background in security incident response and system operationsCEH, Security+, OSCP or other industry-relevant cyber-security certifications and ITIL V3.0 knowledge is a plus Minimum Qualifications: Bachelors degree in Engineering, Information Systems, Computer Science, or related field. OR High school diploma or equivalent and 2+ years of cybersecurity-relevant work experience. Physical Requirements: Frequently transports and installs equipment up to 40 lbs. Applicants :Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies :Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Key Responsibilities : Adversarial Simulations : Plan and execute red team engagements to simulate real-world adversary attacks, including network infiltration, social engineering, web application exploitation, and physical security testing. Vulnerability Assessment : Identify vulnerabilities in the organization's infrastructure, applications, and networks by conducting simulated attacks, including penetration testing and security assessments. Threat Emulation : Develop and simulate advanced persistent threats (APTs), insider threats, and other sophisticated adversary tactics, techniques, and procedures (TTPs) to evaluate defense mechanisms. Collaboration : Work closely with other cybersecurity teams, such as blue teams (defensive security) and incident response, to enhance the security posture of the organization through proactive threat identification and remediation. Security Improvement Recommendations : Provide detailed reports and recommendations after each red team engagement, ensuring that identified vulnerabilities are addressed and mitigated in a timely manner. Exploit Development : Design and develop proof-of-concept exploits to demonstrate the feasibility of identified vulnerabilities. Social Engineering : Perform social engineering assessments, including phishing campaigns, pretexting, and physical security assessments to evaluate an organizations susceptibility to human factors in security. Incident Reporting : Document findings and vulnerabilities in a clear, concise manner and present them to stakeholders, including executives, technical teams, and IT staff, in both written and verbal formats. Continuous Learning : Stay current with the latest cybersecurity threats, tools, techniques, and industry best practices to continuously improve the red team’s effectiveness. Tool Utilization and Development : Use commercial and open-source tools to conduct red team operations. Additionally, develop custom scripts or tools to facilitate specific attack scenarios. Qualifications : Education : Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience. Experience : 3+ years of experience in offensive security, penetration testing, or red teaming. Experience with conducting and leading red team exercises, vulnerability assessments, and penetration tests. Strong understanding of security concepts, network protocols, operating systems (Linux, Windows, macOS), and web application security. Certifications : Certified Red Team Expert (CRTE) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker (CEH) - Preferable GIAC Penetration Tester (GPEN) - Preferable Certified Information Systems Security Professional (CISSP) - Preferable Technical Skills : Proficiency in programming/scripting languages such as Python, Bash, PowerShell, or others. Experience with red team tools (e.g., Cobalt Strike, Metasploit, Burp Suite, Nmap, etc.). Familiarity with attack simulation platforms, threat emulation frameworks (e.g., MITRE ATT&CK). Strong knowledge of attack methodologies and the tactics, techniques, and procedures (TTPs) of advanced persistent threats (APTs). Soft Skills : Strong analytical and problem-solving skills. Ability to communicate complex technical findings to both technical and non-technical stakeholders. Strong attention to detail and ability to work independently or as part of a team. Proactive, self-motivated, and eager to learn new security techniques and

Role & responsibilities Job Description As a Cyber Security Analyst, you will be responsible for protecting our organization's sensitive information and systems from cyber threats. Implement security measures to safeguard digital assets, including in-house web applications, iOS applications, Android applications, network infrastructure, and AWS cloud services. You will analyze potential security risks, develop strategies to mitigate these risks, and implement security measures to safeguard our digital assets. Your role will involve monitoring vulnerabilities and risk associated with web application, ios application, android application, investigating security incidents, and staying abreast of the latest security trends and technologies to ensure our organization remains resilient against cyber-attacks. Duties & Responsibilities: Conduct Vulnerability Assessment and Penetration Testing (VAPT) on in-house web applications, iOS applications, Android applications, network infrastructure, and AWS (Cloud) services. Identify and analyze security vulnerabilities, weaknesses, and misconfigurations in the above mentioned systems. Develop comprehensive reports detailing identified vulnerabilities, potential risks, and recommended remediation strategies. Collaborate with development, operations, and IT teams to prioritize and implement security fixes and improvements. Continuously monitor and assess the security posture of internal systems and recommend proactive measures to enhance security. Stay updated with the latest security threats, vulnerabilities, and industry best practices related to web applications, mobile applications, networks, and cloud environments. Participate in incident response activities, including investigating security incidents and providing support in remediation efforts. Contribute to the development and maintenance of security policies, procedures, and standards. Provide training and awareness sessions to staff on the latest cyber security trends, best practices, and emerging threats to enhance the overall security posture of the organization. Skills: Proven experience in conducting VAPT assessments on web applications, mobile applications, networks, and cloud environments (AWS). Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), mobile application security principles, network protocols, and cloud security best practices(CIS). Experience with VAPT tools and methodologies such as Burp Suite, Nessus, Metasploit, Nmap, Wireshark, and AWS security services. Ability to analyze and interpret security assessment results and provide actionable recommendations for remediation. Excellent communication skills with the ability to effectively communicate technical findings to both technical and non-technical stakeholders. Relevant certifications such as OSCP, OSWE, CEH, or GIAC certifications are a plus. Minimum 2 Years of experience Preferred candidate profile Perks and benefits

Job Title Application Security/Vulnerability Management Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional Requirements: Primary skills:Application Security,Application Security->Application Risk Profiling,Application Security->Burpsuite,Application Security->Devsecops,Application Security->Ethical Hacking(CEH),Application Security->Nessus,Application Security->SSL(Secure Sockets Layer),Application Security->Threat Modeling,Application Security->Vulnerability Assessment/Penetration Testing,Application Security->Vulnerability Management,Application Security->Web Security,Application Security->Webservices Security,Application Security->Wireshark,Security testing->Vulnerability testing,Technology->Application Security->Vulnerability Management->Qualys,Technology->Application Security->Vulnerability Management->Rapid 7 Nexpose,Vulnerability Management Preferred Skills: Application Security Vulnerability Management Application Security->Vulnerability Assessment/Penetration Testing Application Security->Nessus Application Security->Vulnerability Management Application Security->Wireshark Application Security->Burpsuite Application Security->Threat Modeling Application Security->Web Security Application Security->Application Risk Profiling Application Security->Ethical Hacking(CEH) Application Security->Webservices Security Application Security->SSL(Secure Sockets Layer) Application Security->Devsecops Security testing->Vulnerability testing Technology->Application Security->Vulnerability Management->Rapid 7 Nexpose Technology->Application Security->Vulnerability Management->Qualys Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data Awareness of latest technologies and trends Logical thinking and problem solving skills along with an ability to collaborate Ability to assess the current processes, identify improvement areas and suggest the technology solutions One or two industry domain knowledge Educational Requirements Master of Computer Science,MCA,Intergrated course BCA+MCA,Post Graduate In Computer Science Application (PGDCSA),Bachelor Of Comp. Applications,Bachelor of Comp. Sc. & Engg.,Bachelor of Engineering,BCA Service Line Cyber Security * Location of posting is subject to business requirements

Primary Responsibilities: Conduct security assessments for new and existing clinical technologies to protect organizational data assets Review and prepare architectural diagrams to ensure secure technology deployment Collaborate with vendors and business partners to obtain and evaluate technical documentation Define security requirements based on corporate policies, best practices, team input, security frameworks, and compliance regulations Document assessment findings and requirements for technology implementation and operation Work with vendors and partners to develop remediation plans for technologies posing unacceptable risks Independently research technologies or topics beyond current expertise Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree in a technical or scientific discipline, or equivalent experience 5+ years in IT operations 2+ years in cybersecurity Experience identifying security risks in technology Proficiency in creating and interpreting architectural diagrams Security certifications (e.g., CISSP, CCSP, CEH) Solid understanding of network security principles and best practices. Proven critical thinking and problem-solving skills Solid work ethic and attention to detail Ability to work independently and collaboratively Ability to align security requirements with business objectives Solid relationship-building skills with partners, clients, and peers Ability to clearly communicate technical concepts to both technical and non-technical stakeholders Adaptability in a large, fast-paced, and rapidly changing organization Preferred Qualification: Experience in a regulated industry, preferably healthcare

Role - Client Support Engineer No of Vacancy - 5 (Delhi) + 4 (Bangalore) Location - New Delhi (Candidate need to travel as per work requirements) Qualification BE/B.Tech/MCA or Equivalent Qualification Experience 1+ Years Roles and responsibilities Client Support Engineer: Implementation of Security solution, applications at client end, debug the deployment issues, LDAP and Active Directory management, Operating Systems administration Job Requirements Knowledge of operating systems, IT equipment and technologies, Knowledge of OSI Layer and TCP/IP networking Experience in securing and working with any operating systems like Windows, RHEL, Ubuntu, CentOS, etc. and any hypervisors like VMWare, Ovirt, etc. Experience in installing and troubleshooting of Desktop, Laptop, Workstation, working experience in installing, configuring, and troubleshooting Windows & /Linux based system Collaborate with the other security teams to contain and investigate major incidents Must have excellent reporting and analytical skills. Excellent oral/written communication and documentation skills, Able to work under pressure and tight deadlines. Candidate should be willing to travel anywhere in India for support activities. Should be able to handle the clients efficiently for deployment of C-DOT solutions. Open to learn new technologies Working knowledge and willing to track the resolution of issues on Ticket Monitoring system with stringent response time Place of posting would be Bangalore / Delhi Certification Any certifications such as CISSP, CEH, CISA, CEH, ECSA, SSCP, RHCE or MCSE shall be an advantage.