464 Ceh Jobs - Page 8

The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.e AQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

Responsibilities Conduct security assessments on Web, Mobile and APIs REST/SOAP/GraphQL. Perform penetration tests on both public and private network infrastructure assets. Conduct adversary emulations and red teaming exercises, both internally and externally. Perform source code review for applications developed in different languages. Develop testing scripts and procedures to fulfil comprehensive assessment requirements. Produce executive and technical reports and provide recommendations based on findings. Conduct external and internal segmentation testing on client infrastructure. Develop penetration testing strategies and test cases for complex enterprise applications. Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects. Thoroughly document exploits chain/proof of concept scenarios for client use. Perform Red Team activities in coordination with the Security Operations Centre and incident response teams to validate Blue Team monitoring & detection processes. Essential Skills A minimum of 2 years of professional experience in Pentesting Development or scripting experience and skills. Strong knowledge of Web, Mobile and API Security assessments and source code review of applications. Excellent communication skills and ability to clearly articulate complex security issues. Strong interpersonal and presentation skills. Ability to work with minimal levels of supervision or oversight. Additional Desired Skills Knowledge of Cloud Security Assessments (AWS/Azure/GCP). Knowledge of Active Directory and Exploitation. Knowledge of phishing and social engineering simulations and tools. Familiarity with Malware Development & Defense Evasion Techniques. Experience in Bug Bounty programs. Education Requirements Bachelors in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree. At least one of the following certifications or similar is preferred: OSCP, PNPT or CRTP

About The Role Exciting opportunity for an experienced Security Incident Responder to join our IT Security team in Pune. Take a key role in driving success by enabling a seamless, global security incident response capability. This is a full-time, on-site position based in our Baner office. About You You have a curious mindset and are highly passionate about security engineering and the evolving role of AI in this domain. You also have: - Experience between 2 to 5 years working as a SOC Analyst, Incident Responder or Detection Engineer. - Knowledge applications of security frameworks DFIR, Cyber Kill Chain, MITRE ATT&CK. - Confidence and the ability to remain calm under pressure. It would be beneficial if you possess: - Understanding of software development practices, DevSecOps, enterprise security tools. - Knowledge Artificial Intelligence utilization within the Incident management process. - Awareness of regulatory environment and requirements (e.g. GDPR) - Experience securing cloud-based services (preferably hosted in AWS or Microsoft Azure cloud environments), combined with insight into vulnerability management and scanning tools. - Knowledge of techniques to tune SIEMs, threat hunting, and implementing security best practices. - Security qualifications e.g. GIAC Certifications, AWS, Azure, CEH, OSCP. Key Responsibilities - Act as Incident Commander, coordinating security incident response across teams and time zones, ensuring seamless handoffs. - Collaborate with in-house analysts and MDR partners for timely detection, alerting, and monitoring of security events. - Manage and triage security alerts, document incidents, and maintain detailed reports. - Develop, maintain, and test Incident Response playbooks while driving process and capability improvements. - Design use cases for automation and AI to enhance incident management speed and efficiency. - Review and optimize security platform configurations, ensuring compliance, stability, and alignment with IT best practices. Benefits and Perks Join us for a rewarding career with competitive compensation, leave entitlements, health coverage, and financial security. Enjoy work-life balance, growth, and recognition for your exceptional performance. Our team will unveil the intricacies of our benefit package during the selection process. Company Overview Hansen Technologies (ASX: HSN) is a global software and services provider, serving energy, water/utilities, and telecommunications industries. With customers in 80+ countries, we foster collaboration across 36 global offices. From 5G advancements to renewable energy transitions, we empower customers to overcome challenges, innovate, and drive new business models.

Role & responsibilities 1. Ability to conduct Vulnerability Assessments on systems, web applications, mobile applications and network devices. 2. Have basic knowledge of Penetration Testing & Exploitation. 3. Have Good Knowledge and experience of working on Application Level and Network Level Audit. 4. Should have the understanding of OWASP Top 10, SANS Top 25, NIST and other relevant framework. 5. Should have knowledge of server-side languages (any programming language). 6. Must be Familiar with Kali, Metasploit etc. 7. Should have good knowledge of Vulnerability Assessment tools - Application (Rational Appscan, Acunetix, Netsparker, Qualys, BurpSuit etc), Network (Nessus, Nexpose, NMap, OpenVAS etc.). Preferred candidate profile 1. B. Tech (CS/IT)/BCA/MCA/BSC/Diploma (No bar for deserving candidates). 2. CEH is mandatory. CHFI, OSCP, ECSA, ISO27k LA, etc. will be an added advantage. 3. Must have Good Communication skills. 4. Must be Passionate about information security.

Novo Nordisk Global Business Services ( GBS) India DepartmentGlobal Information Security Advisory Are you passionate about IT security and eager to make a difference in safeguarding critical sys-temsDo you thrive in a global, collaborative environment where your exper-tise can help protect a leading healthcare organisationIf so, we invite you to join us as a Security Operations Analyst at Novo Nordisk. Read on and apply today for a life-changing career! About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets. The position As a Cybersecurity Analyst I, you will play a pivotal role in enhancing and maintaining the IT security posture at Novo Nordisk. Your responsibilities will include: Effectively monitor and manage IT security incidents by analyzing logs, identifying vulnerabilities, managing unauthorized user activity, and handling security notifications from users and regional teams to ensure timely resolution and ad-herence to SLAs. Analyzing and responding to suspicious and malicious emails received through the Phish alarm solution. Provide support to the Vulnerability Management Office (VMO) in the Critical Vul-nerability Response (CVR) process while collaborating with the GSO Data Analyt-ics team to en-hance the SIEM system's accuracy by reducing false positives, demonstrating strong analytical skills and a commitment to cybersecurity excel-lence Managing the Global Intrusion Defense (GID) system, ensuring services like log collection, intrusion detection, and vulnerability assessment are operational. Actively participates in incident response drills and the Major IT Security Incident Response Process (MSIRP), while engaging stakeholders to communicate risks, facilitate vulnera-bility remediation, and support global security initiatives. Qualifications Bachelor of Engineering with relevant IT experience and business experience. Overall 5+ years of core IT security experience with at least 3+ years in relevant security tool. Demonstrated proficiency in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms, coupled with expertise in Windows Operating Systems and enterprise network security. Solid knowledge of Security Operations Center (SOC) operations with Standard Operating Procedure (SOP). Familiarity with forensics, Email Analysis and Cloud. Coordinate with internal teams and external stakeholders to manage the incident response process and collaborate cross-functionally to ensure adherence to secu-rity policies and procedures. Respond to and investigate security incidents such as data breaches, malware in-fections, and unauthorized access attempts while analyzing incidents to deter-mine root cause, scope, and impact. Develop and implement comprehensive incident response plans and procedures for timely and effective responses to security incidents. Security certifications like CEH etc (Good to have). About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets.

The Security Operation Specialist has the end-to-end responsibility for the physical and logical security of the Network/Services, OSS/SQM, and Infrastructure in accordance with the security policy technically manage and operate components of security services provided to end users of Nokia customers, within service levels agreed with those customers. You have: 10+ years of extensive relevant experience and a graduate / postgraduate equivalent degree. Exposure to telecom technologies Security analytics and working knowledge of SOC technologies like SIEM, SOAR, etc. Scripting capabilities Industry certifications like CISSP/CEH/CISM/CISA It would be nice if you also had: Understanding of hacking techniques Understanding of 3GPP security requirements, ITU-T x.805, ISO27001, NIST, Mitre attack framework Build and maintain a library of threat hunting or analytics use cases for non-signature-based threat detection Build and maintain a library of pre-developed connectors to integrate leading SIEMs with diverse network elements Build and maintain a customizable library of remediation workflows or cyber playbooks Use cases should cover the entire kill chain, starting from reconnaissance, weaponization, delivery, exploitation, installation, C2, exfiltration, remediation, etc. Provide SME support to the delivery organization Testing and PoC of use cases in a lab environment Support in building use case demos. Work with different product lines to validate and test the feasibility of security use cases Build risk-driven cyber attack scenarios by clearly identifying threats, vulnerabilities, business impact, likelihood, approach, use case, scenarios, rules, remediation workflows, or a cyber playbook.

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What Ill be doing your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelors degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED.

What youll be doing your accountabilities Leading a squad of skilled cyber security practitioners delivering new security controls and enhancements. Ensuring that delivery work is aligned with strategy and feeding outcomes and learning back into strategy. Developing Agile business cases in conjunction with key stakeholders. Prioritising squad work to deliver the greatest impact for the investment. Mobilising and overseeing end-to-end delivery of epics (from concept to closure). Ensuring that all required policies and procedures are complied with. Setting up and maintaining accurate epic financial forecasting and tracking glide-path to budget. Risk/issue and management. Managing change. Working across BT Group ensuring that deliveries of changes/risk controls are embedded in the operational organisation Working across BT Group ensuring that the operational effectiveness of delivered changes/risk controls are measured. Working across BT Group ensuring that benefits are realised and measured. Providing reporting to Security Portfolio Board (stakeholders up to BT CISO and BT CIO) and Security governance forums e.g. Security Council, Security Forum. Experience youd be expected to have MANDATORY 5+ years demonstrable experience of successfully leading complex, high value deliveries in an IT domain Excellent communication skills Strong stakeholder management skills Self-starter and able to manage time effectively Able to work accurately with numbers and data In receipt of formal training in Agile methodologies and can apply the knowledge to specific circumstances (accreditation doesnt need to be current) Demonstrable experience of successfully using Agile methodologies for delivery PREFERRED Degree or equivalent qualification/experience Experience leading complex cyber security deliveries Knowledge and experience of cyber assessment frame works Knowledge and experience of cyber risk management Experience of managing a significant budget in excess of 1m

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Required Skills Siem,Splunk,Troubleshooting

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : Java Enterprise EditionMinimum 3 year(s) of experience is required Educational Qualification : Bachelor or higher degree in related field or equivalent work experience Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Expand upon the provided project role description and actively contribute to enhancing security measures within the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Implement security measures to protect enterprise systems and data.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures.- Collaborate with cross-functional teams to enhance overall security posture.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with Java Enterprise Edition.- Strong understanding of identity and access management principles.- Knowledge of security protocols and standards.- Experience in implementing security controls and measures.- Ability to analyze and respond to security incidents. Additional Information:- The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ.- This position is based at our Hyderabad office.- A Bachelor or higher degree in related field or equivalent work experience is required. Qualification Bachelor or higher degree in related field or equivalent work experience

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNowMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security solutions for cloud environments- Conduct security assessments and audits to identify vulnerabilities- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ- Good To Have Skills: Experience with SailPoint IdentityNow- Strong understanding of identity and access management- Knowledge of cloud security best practices- Experience in designing and implementing security controls for cloud environments Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities:- Expected to be an SME in Security Architecture Design.- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Architecture Design.- This position is based in Mumbai.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with industry standards and best practices. Engaging in continuous improvement initiatives will be a key part of your role, as you strive to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure security requirements are integrated into all phases of project development. Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with security compliance standards and regulations.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 3 years of experience in Okta Identity Management.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your role will play a crucial part in safeguarding the organization's data and infrastructure in the cloud environment. Roles & Responsibilities:- Expected to be an SME in Okta Identity Management- Collaborate and manage the team to perform effectively- Responsible for team decisions and ensuring adherence to security best practices- Engage with multiple teams and contribute to key decisions- Expected to provide solutions to problems that apply across multiple teams- Ensure the implementation of cloud security controls align with the defined framework- Document the cloud security architecture and ensure it meets business requirements- Transition to cloud security-managed operations Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management- Strong understanding of cloud security frameworks and best practices- Experience in designing and implementing secure cloud architectures- Knowledge of identity and access management principles- Experience with cloud security tools and technologies Additional Information:- The candidate should have a minimum of 12 years of experience in Okta Identity Management- This position is based in Noida- A 15 years full-time education is required Qualification 15 years full time education

Must-Have Skills: Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities: Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Required Skills L3 SOC Analyst, Qradar OR Sentinel OR Splunk or Google Chronicle) - Any 2 of the SIEM tools required EDR tools (Crowdstrike OR Defender OR SentinelOne) - Any 2 of the EDR tools required

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon/Noida. This is a hybrid role that has a requirement of working at least three days a week in the office. Senior Manager - Cyber Security Risk Vulnerability Scoring What can you expect Work on Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 7+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Global Cyber Defense Security Operations Center What can you expect We are looking for someone to join and grow in our Security Operations Center (SOC) in a technical analyst role on various daytime business hours shifts. As an Analyst, you will be responsible for analyzing security event data, assessing the potential impact of events, and creating recommendations to defend against emerging threats. You will follow security events through the triage and response lifecycle and document all processes in a centralized knowledgebase. In this role, you will participate in ongoing security incidents and continuous SOC initiatives, such as new content development and enrichment. Additionally, you will collaborate across multiple teams on various efforts to continue to strengthen the security posture of Marsh & McLennan Companies. What is in it for you Be able to work with a global team with a company with a strong brand and strong results to match. Be part of an organization with a culture of internal mobility, collaboration, valued partnership from the business and drive for innovation in data & analytics, including the latest AI technology Grow your career with direct exposure to Senior Technologists, Business Leaders, and s which provide access relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations. Competitive pay (salary and bonus potential), Full benefits package starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account.) Entitled to vacation, floating holidays, time off to give back to your community, sick days, and national holidays. We will count on you to: Analyzing network traffic, endpoint security events, and other various log sources to identify threats, assess potential impact, and recommend mitigations Supporting other security functions and teams to ensure the holistic implementation of security controls, technologies, practices, and programs Contributing to the development and improvement of response processes, documentation, tool configurations, and detection logic Assisting in additional Security Operation Center initiatives, including playbook development and documentation, new rule creation, and tool evaluations Maintaining an operational knowledge of global threat trends, known threat actors, common tactics, techniques, and procedures (TTPs), and emerging security technologies Collaborating on Security Operation Center team training opportunities and other cross training opportunities Operating as a subject matter expert on various security topics across multiple domains Supporting 24x7 operations by assisting in ongoing incidents during non-standard hours What you need to have Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience 2+ years of information security experience and/or 2-4 years of experience in security analysis in a non-security focused role Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences Demonstrated experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies Knowledge in one or more of the following domainsNetwork Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography What makes you stand out Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously Knowledge of common attacks, current threats, threat actors, and industry trends Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework Professional or technical certifications, such as Security+, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or other related certifications Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

: Job Title- I&A On-boarding Information Security Analyst, Associate Location- Pune, India Role Description: As I&A On-boarding Information Security Analyst you will be part of Access Lifecycle On-boarding global family which includes access management for application end user recertification On-boarding, user access for request & approval, user provision On-boarding and Functional Taxonomy SoD On-boarding & maintenance as well as IDAHO (Access concept) SME as central DB services. Deutsche Bank is looking for bright and open-minded individuals to support Business Identity & Access Services within Access Lifecycle Solution On-boarding team for application end user request & approval as well as end user access provision central service On-boarding. A key success factor of the Access Lifecycle Solution On-boarding team is the quick understanding of complex application set ups for Identity & Access Management and support Information Security Officer (ISO) and IT Application Owner (ITAO) along end-to-end central solution On-boarding process across DB. You will gain insights into the complete Identity & Access Management lifecycle as you will learn about the roles and entitlements and their set up, segregation of duties, application authentication and authorization process. What well offer you . 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities As I&A On-boarding Information Security Analyst you will be responsible to perform On-boarding assessments if an IT asset is applicable for end user application access for request & approval and business requirement gathering (based on existing KOP ID Admin procedures) to identify, how future user provisioning (ID Admin via automated connector or manual, centrally or decentral managed) will be set up between central request & approval platform and to be on-boarded application in adhering to Information Security (IS) internal and regulatory requirements. Efficiently engage, manage, and influence the main stakeholders, along with application On-boarding process including Information Security Officer, IT Application Owner, Engineering and Operations teams Provide process improvement inputs to various stakeholders involved. Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions. Report and escalate potential risks to the management to help avoid / minimize the impact. Work with multiple, distributed teams (across different locations) Support develops key operational procedures where necessary and ensure adherence to all such defined policies. Comfortable with associated disciplines of Security Policy and Governance in banking domain Very good presentation and communication skills allowing to communicate with our stakeholders. A structured and methodological way of working with the objective to deliver high quality results. Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance. Pro-active and flexible working approach, Team spirit Your skills and experience Minimum 5 years working experience in Identity & Access Management, Governance, Risk and Control related topics. Team management experience Basic knowledge and/or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL Good business analyses knowledge of system design, development, implementation, and user support principles and practices Knowledge of IT Service Management or IT Governance or IT Delivery Management or IT Project Management or IT Delivery background or IT Security Knowledge on Database Systems, application interactions and server operating systems Excellent Excel knowledge Competencies: Self-motivated and flexibility to work autonomously in virtual and multicultural teams. Good communication skills (both written and verbal), fluent in English (written/verbal) Good analytical skills and problem-solving abilities Pro-active and flexible working approach A structured and methodological way of working with the objective to deliver high quality results. Flexible mindset with an eye for detail and continuous improvement Good understanding in business related information Being flexible, open minded, able to share information, transfer knowledge and expertise to stakeholders and other team members. How well support you . . . .

Hi all , we are looking for a role Information Security Risk Specialist experience : 7 -9 years notice period : Immediate - 15 days location : Bengaluru Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Job Summary: We are seeking an experienced Information Security Risk Manager to join our team at Daimler Truck Innovation Center India, Bengaluru. The ideal candidate will lead the risk management and coordination efforts related to the overall security of enterprise systems, ensuring the development, implementation, and oversight of strategies that safeguard the information assets from cybersecurity threats, vulnerabilities, and attacks. This role requires strong collaboration across internal teams, including engineering, IT, legal, and regulatory bodies, as well as with external partners, such as suppliers and industry organizations. The ideal candidate will have a deep understanding of cybersecurity risk management methodologies, and the ability to oversee multiple initiatives aimed at strengthening the risk management practices at Daimler Truck Key Responsibilities: Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Flipkart is looking for Senior Security Engineer - Cyber Defense to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results