3 Ibm Appscan Jobs

Job Title: Vulnerability Engineer Experience: 5 - 12 Years Location: Bengaluru / Noida Employment Type: Full-time About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP)

Job Title: SIEM Engineer Experience: 5 - 15 Years Location: Bengaluru / Noida Employment Type: Full-time About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation

The Selected candidate report to Program Cybersecurity Manager and will work with a highly motivated Cybersecurity team involved in vulnerability monitoring, vulnerability assessment, scanning and penetration testing of Alstom's solutions and products. The candidate will be positioned at Bangalore Technology Center of Alstom Digital & Integrated System division. INTERNAL The candidate will have strong links internally with Cybersecurity Services Center Director EXTERNAL Program Managers Program / Project Cybersecurity Managers Project and Program Teams Product / Software Development Teams Regional Cybersecurity Managers Platform Cybersecurity Managers Alstom IT Organisation OVERALL PURPOSE OF THE ROLE : We are currently seeking individuals interested to maintain and improve security posture of Alstom Products and Solutions. Cybersecurity expected to lead vulnerability assessments for Alstom products and solution, Perform vulnerability scan, policy scan, penetration test and other security assessments. He also performs vulnerability monitoring and alert the Products and Platforms for existing or new vulnerabilities that could potentially impact them. Maintain the vulnerability management system and ensure SLAs of the vulnerability management process. He will also be part of the incident response team (PSIRT), perform first level of analysis and participate in vulnerability remediation workflow. RESPONSIBILITIES : The Cybersecurity Engineer perform the following activities: Work with a team of Cybersecurity Engineers and responsible for the vulnerability assessment and penetration test, vulnerability scan, policy compliance scan and web Application scan with the help of tools like Qualys or any other industry standard tools and provide the analysis to the programs/projects. Responsible to evaluate the system or product security by safely trying to exploit vulnerabilities that may exist in OS, services, application flaws, improper configurations or risky end-user behaviour. Perform vulnerability monitoring on Alstom's solution and projects and alert the responsible teams for existing or new vulnerabilities that could potentially impact them. Monitor published vulnerabilities and security advisories globally and provide communications on discovered vulnerabilities or security threats to internal groups Identify required Cybersecurity tools and practices. Provide documentation and training/guidance to the users of the tool and secure the deployment Part of the incident response team (PSIRT), perform first level of analysis and participate in vulnerability remediation workflow. Provide internal training on Cybersecurity, vulnerability management process and tools. Qualifications & Skills: Prior experience in vulnerability assessment, vulnerability management and application security or demonstrated security experience in either a forensic or an offensive security focused role. Minimum 5 years of experience in performing vulnerability scan, pen tests/vulnerability assessments and vulnerability management, desirable from product development or industrial control system background. Preferable to have from Railway Cybersecurity domain. EDUCATION (Engineer) Bachelors or Masters in Computer Science, Information Technology or equivalent CEH or approved Pen Test equivalent certification is mandatory for this position ISA 62443 certification and/or OSCP certifications preferred. Desirable to have Cybersecurity certification in any one or few of GICSP, CISSP, GSEC, ECSA, CISM, and Comptia Pen test+. TECHNICAL COMPETENCIES & EXPERIENCE Having good experience and able to work independently on atleast few of security tools (Qualys, Kali Linux, Nessus, Netsparker, OpenVAS, Nexpose, Wireshark, Metasploit, IBM AppScan, HP Webinspect, Burp Suite, SQLmap, nmap, fuzzers, password recovery tools and other penetration testing tools). Strong experience in performing penetration tests and/or vulnerability assessments on products, web applications and networks. Prior knowledge of security assessment on SCADA and IOT devices prfrable Under standing of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming / Scripting languages (C, Java, Python, Shell). Excellent knowledge on configuration review of Linux, Windows and Network devices with respect to CIS Benchmark. Experience with static analysis tools and software composition analysis tools. Knowledge of Common Vulnerabilities and Exposures (CVE), Common Platform Enumeration (CPE) and Common Weakness Enumeration (CWE). A strong understanding of technologies and associated protocols such as HTTPS, TLS, DNS, SSL etc. Considerable knowledge on programming languages (e.g. Java, C, C++, C#.NET, Scripting languages) prfrable. Main standards and regulations such as : ISO 2700X, ISA 62443 and NIST are prfrable. Experience presenting to or training technical audiences a plus. A technical writing experience is a plus. BEHAVIORAL COMPETENCIES: Strong individual and a team Player. Strong autonomy Sense of Service Delivery oriented Capacity to work in complex environment Negotiation skills Problem solving Demonstrate excellent communication skills and able to guide, influence and convince others in a matrix organization. Prior experience in working with European customer is desirable.