4 Cve Analysis Jobs

Qualcomm India Private Limited is seeking a Staff Engineer to take on a pivotal role in spearheading the end-to-end development of cloud systems. You will be responsible for designing well-architected applications that demonstrate efficient scalability and high responsiveness. Your expertise in developing APIs and interfaces across various microservices, following best practices, and guiding junior engineers will be essential for success in this position. As a qualified candidate, you should hold a Bachelor's degree in computer science or a related field and possess 10 to 13 years of Java programming experience. Your background should include providing technical leadership, backlog management, and familiarity with system architecture and design encompassing both cloud and device realms. Proficiency in object-oriented concepts, Spring/Spring Boot, Hibernate, and designing and constructing backend REST APIs is required. Hands-on experience with AWS, Azure, or GCP managed services/PaaS customization, along with a certification, will be advantageous. Prior exposure to building highly scalable and available systems, various database technologies, data systems, data life cycle management processes, and version control systems like Git is expected. Moreover, you should be adept at leveraging microservice architecture patterns to craft scalable and responsive systems, employing agile development methods, CI/CD best practices, and conducting CVE analysis and containment. Excellent communication skills are essential for engaging with customers and third parties effectively. Desirable qualifications include proficiency in other languages like Python or Node, test automation tools such as JMeter, fundamental front-end technologies like HTML, CSS, and JavaScript frameworks, and a Master's degree in CS/IS or a related discipline. Cloud and security certifications are considered a bonus. Minimum qualifications entail a Bachelor's degree in Engineering, Information Systems, Computer Science, or a related field with 4+ years of Software Engineering experience, or a Master's degree with 3+ years of experience, or a Ph.D. with 2+ years of experience. Additionally, you should have at least 2 years of work experience with programming languages such as C, C++, Java, Python, etc. Qualcomm is an equal opportunity employer committed to providing accessible processes for individuals with disabilities. Reasonable accommodations can be requested by contacting disability-accommodations@qualcomm.com. Employees are expected to adhere to all applicable policies and procedures, including those related to security and safeguarding confidential information. Note to Staffing and Recruiting Agencies: Qualcomm's Careers Site is exclusively for individuals seeking job opportunities directly with Qualcomm. Agencies and their represented individuals are not authorized to submit profiles, applications, or resumes through this platform. Unsolicited submissions will not be accepted, and Qualcomm does not assume responsibility for any fees related to unsolicited applications. For further inquiries about this role, please reach out to Qualcomm Careers.,

Key Job Responsibilities: VOC - VI (Vulnerability Intelligence), ASM (Attack Surface Management) & VM (Vulnerability Management) Expert. Environment / Context Saint Gobain, world leader in the habitat and construction market, is one of the top 100 global industrial groups. Saint-Gobain is present in 68 countries with 171 000 employees. They design, manufacture and distribute materials and solutions which are key ingredients in the wellbeing of each of us and the future of all. They can be found everywhere in our living places and our daily life: in buildings, transportation, infrastructure and in many industrial applications. They provide comfort, performance and safety while addressing the challenges of sustainable construction, resource efficiency and climate change Saint-Gobain GDI Grou p (250 persons at the head office, including 120 that are internal) is responsible for defining, setting up and managing the Group&aposs Information Systems (IS) and Telecom policy with its 1,000 subsidiaries in 6,500 sites worldwide. The GDI Groupe also carries the common means (infrastructures, telecoms, digital platforms, cross-functional applications ). IN DEC, the IT Development Centre of Saint-Gobain, is an entity with a vision to leverage Indias technical skills in the Information Technology domain to provide timely, high-quality and cost-effective IT solutions to Saint-Gobain businesses globally.Within the Cybersecurity Department, t he Cybersecurity Vulnerability Operations Cent er mission is to Identify, assess and confirm vulnerability and threats that can affect the Group. The CyberVOC teams are based out of Paris and Mumbai and consist of skilled persons working in different Service Lines. Mission We are seeking a highly experienced cybersecurity professional to serve as an VOC Expert supporting the Vulnerability Intelligence (VI), Attack Surface Management (ASM), and Vulnerability Management (VM) teams. This role is pivotal in shaping the strategy, defining technical approaches, and supporting day-to-day operationsparticularly complex escalations and automation efforts. The ideal candidate will combine technical mastery in offensive security with practical experience in vulnerability lifecycle management and external attack surface discovery. The expert will act as a senior advisor and technical authority for the analyst teams, while also contributing to the design, scripting, and documentation of scalable security proceess. The VOC Expert is responsible for: Vulnerability Intelligence (VI) Drive the qualification and risk analysis of newly disclosed vulnerabilities. Perform exploit PoC validation when needed to assess practical risk. Maintain and enhance the central VI database, enriched with (EPSS, CVSS, QVS, SG-specific scoring models, and EUVD) Define and automate workflows for: Vulnerability qualification, exposure analysis, and prioritization Ingestion of qualified vulnerability data into the enterprise Data Lake Collaborate on documentation of VI methodology and threat intelligence integration Support proactive communication of high/critical vulnerabilities to asset and application owners Attack Surface Management (ASM): Operate and enhance external asset discovery and continuous monitoring using ASM tools Integrate asset coverage data from CMDB, and other internal datasets Design and implement scripts for: WHOIS/ASN/banner correlation Data enrichment and alert filtering Deploy and maintain custom scanning capabilities (e.g., Nuclei integrations) Provide expert input on threat modeling based on exposed assets and external footprint BlackBox Pentesting: Maintain the service delivery of the BlackBox Pentesting platform Automate the export of pentest data and integrate into Data Lake and Power BI dashboards Define and document onboarding workflows for new applications Actively guide analysts in prioritizing pentest requests and validating results. Vulnerability Management: Vulnerability review, recategorization, and false positive identification Proactive vulnerability testing and replay Pre-analyze and consolidate vulnerability data from various scanning tools Prepare concise syntheses of available vulnerabilities Offer guidance to the SO and CISO on vulnerabilities Collaborate with key stakeholders to develop strategies for vulnerability management Assist in defining vulnerability management KPIs and strategic goals Prepare concise, actionable summaries for high-risk vulnerabilities and trends Automate testing actions: Develop scripts and tooling to automate repetitive and complex tasks across VI, ASM and VM. Implement data pipelines to sync outputs from ASM/VI tools to dashboards and reporting engines. Design streamlined workflows for vulnerability lifecyclefrom detection to closure. Collaborate with both offensive and defensive teams to support App managers and Asset managers in remediating vulnerabilities and issues. Skills and Qualifications: Bachelor&aposs degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus Proven experience (10+ years) working within the Cybersecurity field, with a focus on offensive security, vulnerability intelligence and attack surface analysis. Proven experience on Penetration testing actions (web application, infrastructure, ) Proven expertise in: CVE analysis, exploit development/validationExternal asset discovery & mapping Threat modeling and prioritizationAdvanced knowledge of tooling such as: ASM platforms Nuclei, Shodan, Open Source CTI, vulnerability scanners (Qualys, Tenable, ) Pentester tools (Burp, SQLmap, Responder, IDA and Kali environment) Experience in investigating newly published vulnerabilities, assessing their risks, severity. Strong scripting languages (e.g., Python, Bash, Powershell, C#, ) for automation and customization Experience with Pentester tools (Burp, SQLmap and Kali environment) Strong technical skills with an interest in open-source intelligence investigations Experience building dashboards in Power BI or similar tools. Familiarity with data lakes, API integrations, and ETL processes. Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. Personal Skills: Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience Excellent ability to think critically underpressure Strong communication skills to convey technical concepts clearly to both technical and non-technical stakeholders Willingness to stay updated with evolving cyber threats, technologies, and industry trends Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measures Additional Information: The position is based in Mumbai (India) Show more Show less

As a global leader in cybersecurity, CrowdStrike protects the people, processes, and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe, and their lives moving forward. We are also a mission-driven company that cultivates a culture giving every CrowdStriker the flexibility and autonomy to own their careers. We are always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation, and a fanatical commitment to our customers, our community, and each other. Are you ready to join a mission that matters The future of cybersecurity starts with you. This role will lead our Data Engineering team, focusing on tools, services, and pipelines for Data scientist, analysts, threat researchers, and internal partners. The manager will lead the Data Engineering team in developing tools, services, and pipelines for data scientists, analysts, threat researchers, and internal partners. Close collaboration with cross-functional teams, product management, and security researchers is required to advance research and development while cultivating team culture and supervising direct reports. You will lead the development of next-generation experimental ML models that help customers identify and detect threats while establishing technical vision and roadmap. Managing a distributed team of engineers and technical leads, fostering a collaborative culture while coordinating across time zones to deliver high-quality initiatives. The role necessitates partnership with product management and engineering teams to translate experiments into customer-facing products that influence CrowdStrike's CTO organizational strategy. You will own validation processes for internal services, implementing automated workflows that maintain CrowdStrike's high standards for security solutions. Qualifications: - 10+ years in development and shipping products. - 3+ years of management experience with a proven ability to lead technical teams. - Hands-on technical leadership in Data Engineering. - Excellent communication skills for executive and technical audiences. - Experience with Agile/Scrum methodology and the ability to scale processes. - Programming skills in Go, Python, or similar languages. Bonus Points: - Experience in the cybersecurity space. - Experience with AWS tools, distributed systems such as Kafka, Cassandra. - Experience in CI/CD tools and automation. - Remote/distributed multi-team leadership experience. - Understanding of CVE analysis. - Experience with organizational scaling, SDLC, and process optimization. - GenAI/Agentic AI automation experience. Benefits of Working at CrowdStrike: - Remote-friendly and flexible work culture. - Market leader in compensation and equity awards. - Comprehensive physical and mental wellness programs. - Competitive vacation and holidays for recharge. - Paid parental and adoption leaves. - Professional development opportunities for all employees regardless of level or role. - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections. - Vibrant office culture with world-class amenities. - Great Place to Work Certified across the globe. CrowdStrike is proud to be an equal opportunity employer, committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.,

We are looking for a motivated Information Security Analyst to run Information Security processes . The main focus area will be Vulnerability Management . You will be responsible for: - Analyzing vulnerabilities, - Providing necessary information and guidance to IT Technology Owners, - Monitoring remediation actions. You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e.g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Vulnerability Management processes. You will participate in assessing and evaluating vulnerabilities. You will have the opportunity to work with vulnerability assessment technologies from industry leaders. Your task will be to get understanding of the issue, inform respective IT Technology Owner and provide guidance on recommended action and monitor the execution. In the constantly changing world of emerging vulnerabilities and bit IT landscape of Eurofins you will have numerous opportunities to learn new aspects of vulnerabilities and get better, in-depth understanding of their underlying details. Your role is strategic for the organization running the vulnerability management process is key to secure the Company, build strong layer of defence and improve Companys external posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Experience: If you have: - Previous experience in IT Security or Vulnerability Management with having experience (at least 5 years) Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Senior Information Security Analyst, you can utilize your technical skills: understanding of various IT technologies (IT infrastructure and application level), IT general knowledge, principles of software development and understanding of web technologies, utilizing CVEs, collecting and processing information from vulnerability databases, working with leading industry products and services (e.g. Qualys, Nessus, Security Scorecard, BitSight, ServiceNow etc. ), assessing and evaluating cloud-based solutions and cloud services. As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are orientation on details, team collaboration, problem solving. Qualifications Educational background in IT or Information Security. Any related IT Security certification would be an added advantage.