4 Cve Jobs

Cowbell is signaling a new era in cyber insurance by harnessing technology and data to provide small and medium-sized enterprises (SMEs) with advanced warning of cyber risk exposures bundled with cyber insurance coverage adaptable to the threats of today and tomorrow. Championing adaptive insurance, Cowbell follows policyholders" cyber risk exposures as they evolve through continuous risk assessment and continuous underwriting. In its unique AI-based approach to risk selection and pricing, Cowbell's underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Founded in 2019 and based in the San Francisco Bay Area, Cowbell has rapidly grown, now operating across the U.S., Canada, U.K., and India. This growth was recently bolstered by a successful Series C fundraising round of $60 million from Zurich Insurance. This investment not only underscores the confidence in Cowbell's mission but also accelerates our capacity to revolutionize cyber insurance on a global scale. With the backing of over 25 prominent reinsurance partners, Cowbell is poised to redefine how SMEs navigate the evolving landscape of cyber threats. In support of business objectives, we are actively looking for an ambitious person, who is not afraid of hard-work and embraces ambiguity as it comes to join our Information Security Team as a Sr. Developer, Application Security. The InfoSec team drives security, privacy, and compliance improvements to reduce risk by building out key security programs. We enable our colleagues to keep the company secure and support our customers" security journey with tried and true best practices. We are a Java, Python, and React shop combined with world-class cloud infrastructure such as AWS & Snowflake. Balancing proper security while enabling execution speed for our colleagues is our ultimate goal. It's challenging and rewarding! If you are up for the challenge, come join us. You will be instrumental in curing security defects in code, burning down any new and existing vulnerabilities. You can fix the code yourself and continuous patching is your north star. You will be the champion for safeguards and standards that will keep our code secure and reduce the introduction of new vulnerabilities. Partner and collaborate with internal stakeholders in assisting with the overall security posture with an emphasis on the Engineering and Operations/IT areas. Work across engineering, product and business systems teams to enhance and evangelize security in applications (& infrastructure). Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts. Develop and maintain application scanning solutions to inform stakeholders of security weaknesses & vulnerabilities. Review outstanding vulnerabilities with product teams and assist in remediation efforts to reduce risk. Bachelor's degree in computer science or another STEM discipline and 8 to 10+ years of professional experience in security software development. Majority of prior experience as a Security Engineer focused on remediation of security vulnerabilities and defects in Java and Python. Must have prior in-depth demonstrable experience developing in JAVA and Python; Basically you are developer first and a security engineer second. Applicants that do not have this experience will not be considered. Experience developing in, and securing, Javascript and React a plus. Experience securing integrations and code that utilizes Elasticsearch, Snowflake, Databricks, RDS a big plus. Detail-oriented with problem-solving, communication, and analytical skills. Expert understanding of CVE and CVSS scoring and how to utilize this data for validation, prioritization, and remediation. Excellent understanding and utilization of OWASP. Demonstrated ability to secure API; Techniques, patterns, will be assessed. Experience designing and implementing application security solutions for web and or mobile applications. Experience developing and reporting vulnerability metrics as well as articulating how to reproduce and resolve those security defects. Experienced in application penetration testing; and understanding of remediation techniques for common misconfigurations and vulnerabilities. Demonstrable experience in understanding patching and library upgrade paths including interdependencies. Familiarity with CI/CD tools. Previous admin experience in CI/CD is not required but a big plus. Capability to deploy, provide maintenance for, and operationalize scanning solutions. Hands-on ability to conduct scans across application repositories and infrastructure. Must be willing to work extended hours and weekends as needed. Great at and enjoys documenting solutions; creating repeatable instruction for others, operational documentation, developing technical diagrams, and similar artifacts. Preferred Qualifications: You can demonstrate and document threat modeling scenarios using well-known frameworks such as STRIDE. Proficient with penetration testing tools such Burp suite, Metasploit or ZAP. You are already proficient with SAST & SCA tools; proficiency with DAST and/or OAST tool usage and techniques would be even better. As a mentor you also have the experience and desire in providing fellow engineering teams with technical guidance on the impact and priority of security issues and driving remediation. Capability to develop operational process from scratch or improve current processes and procedures through well-thought-out hand-offs, integrations, and automation. Familiarity with multiple security domains such as application security, infrastructure security, network security, incident response, and regulatory compliance and certifications. Understanding of modern endpoint security technologies/concepts. Adept at working with distributed team members. What Cowbell brings to the table: Employee equity plan for all and wealth enablement plan for select customer-facing roles. Comprehensive wellness program, meditation app subscriptions, lunch and learn, book club, happy hours, and much more. Professional development and the opportunity to learn the ins and outs of cyber insurance, cybersecurity as well as continuing to build your professional skills in a team environment. Equal Employment Opportunity: Cowbell is a leading innovator in cyber insurance, dedicated to empowering businesses to always deliver their intended outcomes as the cyber threat landscape evolves. Guided by our core values of TRUE Transparency, Resiliency, Urgency, and Empowerment, we are on a mission to be the gold standard for businesses to understand, manage, and transfer cyber risk. At Cowbell, we foster a collaborative and dynamic work environment where every employee is empowered to contribute and grow. We pride ourselves on our commitment to transparency and resilience, ensuring that we not only meet but exceed industry standards. We are proud to be an equal opportunity employer, promoting a diverse and inclusive workplace where all voices are heard and valued. Our employees enjoy competitive compensation, comprehensive benefits, and continuous opportunities for professional development.,

We are looking for a motivated Information Security Analyst to run Information Security processes . The main focus area will be Vulnerability Management . You will be responsible for: - Analysing vulnerabilities, - Providing necessary information and guidance to IT Technology Owners, - Monitoring remediation actions. You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e.g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Vulnerability Management processes. You will participate in assessing and evaluating vulnerabilities. You will have the opportunity to work with vulnerability assessment technologies from industry leaders. Your task will be to get understanding of the issue, inform respective IT Technology Owner and provide guidance on recommended action and monitor the execution. In the constantly changing world of emerging vulnerabilities and bit IT landscape of Eurofins you will have numerous opportunities to learn new aspects of vulnerabilities and get better, in-depth understanding of their underlying details. Your role is strategic for the organization running the vulnerability management process is key to secure the Company, build strong layer of defence and improve Companys external posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Experience: If you have: Previous experience in IT Security or Vulnerability Management with having experience (at least 5 years) Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Senior Information Security Analyst, you can utilize your technical skills: understanding of various IT technologies (IT infrastructure and application level), IT general knowledge, principles of software development and understanding of web technologies, utilizing CVEs, collecting and processing information from vulnerability databases, working with leading industry products and services (e.g. Qualys, Nessus, Security Scorecard, BitSight, ServiceNow etc. ), assessing and evaluating cloud-based solutions and cloud services. As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are orientation on details, team collaboration, problem solving. Qualifications Educational background in IT or Information Security. Any related IT Security certification would be an added advantage.

We're Hiring: Vulnerability Management Engineer (Permanent Role) Location : Indiqube Platina, Commissariat Rd, Ashok Nagar, Bangalore Shift : Rotational | Type : Full-Time, Permanent Email to Apply : ankitm@infotreeservice.com Infotree Global Solutions is looking for a Vulnerability Management Engineer who is passionate about cybersecurity and risk mitigation. This is a great opportunity to join a dynamic team and work on cutting-edge security operations that make a real impact. What You'll Do: Lead the end-to-end vulnerability management lifecycle . Operate tools like Tenable Nessus , Cisco Kenna , and Vonahi vPentest . Analyze scan results, assess CVSS/CVE risks, and drive remediation efforts. Engage directly with clients to communicate findings and recommend improvements . Monitor zero-day threats and stay ahead of the threat landscape. What You Bring: 3+ years of hands-on experience with vulnerability scanning tools . Strong understanding of CVSS, CVE, NIST , and OWASP Top 10 . Technical know-how across Windows, Unix/Linux, AWS, and VMware . Ability to clearly explain technical results to both clients and stakeholders. Nice to Have: Certifications: CEH , Security+ , or PenTest+ . Experience in compliance frameworks like ISO, NIST, SOC . Join a company that values innovation, collaboration, and continuous learning. Ready to secure the future with us? Send your resume to: ankitm@infotreeservice.com

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges. We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customer's business critical applications. What is Security Products Group at OCI OCI Security Products Group is building comprehensive product portfolios to protect customers cloud environments with innovative approaches and hyperscale efficiency. Our core security pillars are: customer isolation, data encryption, security controls, visibility. Our vision is to build the most secure cloud environment for our customers to build their applications confidently on top of OCI. We are making strategic decision to heavily invest on detecting system vulnerabilities and threat activities, correlate and analyze problems, then remediate, notify and block attacks from malicious actors against customer cloud environment. We offer a rich set of services to help our customer to secure their data, flexible access to their environment, detect the vulnerabilities and treats in their environment, source code, applications and containers, take remediations to protect customers based on the industry best practice such as CVE and CIS. Our solutions will ensure customers confidently build their business in Oracle Cloud. Career Level - IC5 Who are we looking for We are looking for engineers with distributed systems experience. You should have experience with the design of major features and launching them into production. You've operated high-scale services and understand how to make them more resilient. You work on most projects and tasks independently. You have experience working with services that require data to travel long distances, but have to abide by compliance and regulations. The ideal candidate will own the software design and development for major components of Oracle's Cloud Infrastructure. You should be both a rock-solid coder and a distributed systems generalist, able to dive deep into any part of the stack and low-level systems, as well as design broad distributed system interactions. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. What are the biggest challenges for the team The biggest challenges for the team are reliability, performance and keep up in cybersecurity space. The dynamic and fast growth of the business is driving us to improve the ability of our systems to scale out and handle traffic patterns with full coverage that are several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We need engineers who can build services that can reliably protect our customer cloud environment. We need engineers who can figure out how we can keep up our solution in a fast pace to securely protect our customers. We need engineers who can build services that enable us to offer even more options to customers and contribute to the overall growth of Oracle Cloud. Required Qualifications 10+ years distributed service engineering experience in a software development environment Experience driving feature design reviews, documentation, UX reviews, and working with Product Managers through the entire launch process Strong development experience in Java, C++, C#, or similar OO languages Strong knowledge of data structures, algorithms, operating systems, and distributed systems fundamentals Working familiarity with networking protocols (TCP/IP, HTTP) and standard network architectures Good understanding of databases, NoSQL systems, storage and distributed persistence technologies Experience building multi-tenant, virtualized infrastructure a strong plus Preferred Qualifications Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle) Building continuous integration/deployment pipelines with robust testing and deployment schedules Expertise in applying threat modeling or other risk identification techniques to develop security solutions Experience and understanding of Cryptography, DDoS, CVE, CIS, SAST, DAST, or similar security and compliance knowledge Career Level - IC5