Job Title: Vulnerability Management Location: Pune Exp: 5+ Years Responsible for leading the VM program from a technical standpoint within our multi-cloud and containerized environment. This role requires deep knowledge of Common Vulnerabilities and Exposures (CVE), misconfigurations, and common ways to exploit vulnerabilities in cloud and third-party software. The ideal candidate will have the technical expertise to resolve root causes of vulnerabilities and the ability to collaborate optimally with development teams to remediate exposures. Key Responsibilities: Vulnerability Identification and Assessment: Use various tools to continuously scan, identify, and assess vulnerabilities Container Security: Ensure the security of container images, base images, lambdas, and other entry points for vulnerabilities. Root Cause Analysis (RCA): Conduct detailed RCA to resolve underlying issues of identified vulnerabilities and security misconfigurations. Remediation Planning: Develop and implement remediation plans to address identified vulnerabilities, working closely with development and operations teams to ensure timely resolution. Security Best Practices: Promote and implement security practices and standards across all cloud and environments that are containerized. Documentation and Reporting: Maintain detailed documentation of vulnerability findings, remediation efforts, and overall vulnerability management processes. Provide regular reports to senior management on the state of vulnerabilities and remediation progress. Collaborate with cross-functional teams, including developers, operations, and IT, to address security concerns. Continuous Improvement: Continuously improve the VM program by integrating new tools, technologies, gaps in our environment and methodologies to improve security posture. Qualifications: Education: Bachelor's degree in Information Security, Computer Science, or a related field. Experience: Minimum of 5 years of experience in vulnerability management, cybersecurity, with a focus on containerized environments Extensive knowledge of CVEs, understanding our vulnerabilities are exploited, and vulnerability assessment tools. Experience with cloud platforms including GCP, Azure, and AWS. Proficiency in RCA and remediation planning. Vulnerability Management compliance and NIST standards
Job Title: Security Project Manager Location: Pune Exp: 8+years Key Responsibilities: Continuously monitor security dashboards to identify and prioritize vulnerabilities based on CV scores and other relevant metrics. Ensure that Service Level Agreements (SLAs) are met by keeping track of vulnerability timelines and escalating issues as needed. Interpret vulnerability data to determine urgency and impact, ensuring that critical issues are addressed promptly. Provide timely updates and alerts to relevant teams about vulnerabilities approaching SLA deadlines, emphasizing high-priority issues. Recognize when to escalate issues and ensure they receive the necessary attention, maintaining a strong presence to avoid being overlooked. Identify and involve the appropriate stakeholders to address vulnerabilities effectively. Keep vulnerabilities top of mind for teams, nudging them to take action before issues become critical. Assist in managing a backlog of past-due vulnerabilities and within SLA, working to reduce these numbers. Qualifications: Intermediate to mid-level experience in project management, preferably within a security context. Understanding of vulnerability management concepts and the ability to interpret CV scores. Strong ability to communicate effectively with technical and non-technical stakeholders, including the ability to speak truth to power. Security certifications (e.g., CISSP, CISM) are a plus. Ability to understand and prioritize based on dashboard data. Strong presence and the ability to escalate issues effectively without being sidelined.
Job Title: Penetration Tester, Information Security Exp: 3 to 7 Location: Pune Pen test team consists of highly skilled security engineers, independently completing vulnerability. Assessments and pen tests end-to-end. Team members are driven to apply and hone their skills, fostering an exciting and challenging team culture that helps team members grow. Responsibilities: Guides the team in pen test engagements as well as Red Team / Blue Team activities Sets and adjusts the focus and engagement strategy for the team Motivates the team, and inspires a fun and highly productive work environment Performs pen tests to locate security issues Analyzes vulnerabilities to determine exploitability and value Actively communicates and coordinates within the team Documents explains and demonstrate findings within the team as well as to other teams Proactively engages with stakeholders to eliminate obstacles to the team objectives Writes, reviews and approves assessment reports Helps other team members grow Experience: Must be detail oriented and highly organized 3-5 years of Red Team and/or hands-on pen test work structured as regular external engagements, preferably for a reputable pen testing company, in at least 2 of the following areas Web applications Mobile applications Application services (non-web) Infrastructure 2+ years of hands-on experience in the following areas highly desired Operating Systems and Hardening Government, Risk and Compliance Digital Forensics Certifications as expert in any of the above areas of expertise a plus CISSP or similar certification a plus Skills and Knowledge: Exceptional pen testing skills, applicable certifications a plus Exceptional communication, presentation and interpersonal skills, team catalyst a must Applied cryptography, crypto algorithms, PKI, certificates, key management PCI, SOX, FIPS 140, JITC, CVE, CWE, OWASP Threat modeling, fuzzing, reverse engineering, exploit automation
Job Title: Product Security Risk & Compliance Analyst Exp: 8+years Location: Pune Job Summary: We are seeking a Product Security Risk & Compliance Analyst Contractor to support the ongoing development of cybersecurity risk management capabilities within a leading engineering business unit. This role is ideal for an experienced professional with a strong background in cyber risk governance, product security, and secure software development lifecycles (S-SDLC) particularly in IoT and network-connected device environments. This individual will help drive the maturity of the product security risk register, provide expert guidance to risk owners, and support compliance and security incident response readiness. This will be done while ensuring alignment with frameworks and regulatory standards such as MITRE ATT&CK, EMB3D, CVE/CWE, OWASP IoT/AppSec, NIST 218, and ETSI IoT. Key Responsibilities: Serve as a subject matter expert supporting product-focused cyber risk, compliance, and governance initiatives for a broad network device product line. Collaborate with security, engineering, and product teams to identify, assess, and manage cybersecurity risks related to IoT and networked devices. Support the development and continuous improvement of a Product Security Risk Register, including documentation of risks, ownership, remediation and mitigation plans, communication, and closure timelines. Lead and document risk assessments, including threat, likelihood, criticality, and impact modeling, while providing actionable mitigation recommendations. Assist in establishing and evolving governance models aligned with internal policies and external standards/regulations. Support security compliance and audit initiatives, including both company-led and market certification-related efforts. Assist in coordinating risk response activities for escalated vulnerabilities or product security incidents. Contribute to the creation and tracking of KPIs, risk metrics, and dashboards, and support communication of risk posture to leadership. Interface with ServiceNow GRC modules across business units for structured risk tracking and reporting. Collaborate across product, engineering, security, and compliance teams to enhance security posture throughout the product lifecycle. Required Qualifications: 3+ years in a cybersecurity risk analyst or governance role. 8+ years of direct experience in a cybersecurity role. Strong understanding of IoT and networked device security threats, vulnerabilities, controls, and mitigations. Hands-on experience with risk management programs, product security assessments, and compliance frameworks. Working knowledge of CVE and CWE scoring systems and cyber risk scoring methodologies. Familiarity with MITRE ATT&CK, EMB3D, and threat modeling. Solid understanding of secure SDLC practices and integrating security controls into product development. Excellent communication skills with the ability to translate complex cyber risks into actionable business insights. Familiarity with Slack/Teams, Jira, and Confluence.
Job Title: Cybersecurity PSIRT Engineer Experience: 4-8Yrs Job Location: Pune Job Summary: We are seeking a mid-to-senior level Cybersecurity PSIRT (Product Security Incident Response Team) Engineer Contractor to strengthen our product security posture through vulnerability triage, coordinated disclosure, and hardware-aware threat modeling. This individual will play a key role in enhancing our incident response and vulnerability management workflows, with an emphasis on IoT and network embedded device security, hardware-centric bug bounty support, and security hackathon initiatives. This is an exciting opportunity to contribute to both operational response and strategic development, supporting the continuous improvement of product security controls and the security quality feedback loop. Key Responsibilities: Lead or assist in the triage, technical analysis, severity scoring, and remediation coordination, and coordinated disclosure processes for product security vulnerabilities. Investigate and manage hardware and firmware-related security vulnerabilities across hardware products (e.g., routers, switches, IoT devices). Perform code analysis and vulnerability reproduction testing to identify potential security issues. Collaborate cross-functionally with engineering, threat intelligence, incident response, and vulnerability research teams to analyze, triage, and resolve firmware vulnerabilities. Support the full lifecycle of incident response: detection, analysis, containment, mitigation, and postmortem. Conduct impact and risk assessments on vulnerability submissions to inform appropriate prioritization and response actions. Engage with external security researchers and bug bounty platforms (e.g., HackerOne, Bugcrowd) to handle submissions, validate findings, and close the loop with engineering. Help build out and evolve hardware-focused bug bounty and security hackathon programs, including defining scope, engagement guidelines, and validation workflows. Contribute to the security quality feedback loop by ensuring lessons learned from incidents and vulnerabilities inform secure development practices, testing, and tooling. Develop and maintain threat intelligence feeds relevant to our product and device ecosystem. Support the creation of attack surface maps and device risk modeling profiles, aligned with MITRE ATT&CK, EMB3D, and internal threat models. Apply and interpret CVE, CVSS, CWE, and CWSS scoring to measure and communicate risk. Author internal reports, vulnerability advisories, and coordinate with external researchers and CERTs when needed. Develop and refine internal tools, frameworks, and processes in support of work processes and activities. Document incident workflows, threat analyses, and remediation guidance in Atlassian tools (Jira, Confluence) and coordinate via Slack. Required Qualifications: Bachelors degree in computer engineering, Computer Science, Cybersecurity, or related field. 48+ years in cybersecurity, with experience in product security, PSIRT, or vulnerability management, ideally in an embedded or device-centric environment. 3+ years of experience in embedded systems or firmware development, security research, or vulnerability analysis. Experience with secure software development lifecycles, fuzzing, or static/dynamic analysis tooling. Solid understanding of common vulnerability types (buffer overflows, privilege escalations, etc.) in low-level code. Proficient in IoT/embedded systems security architecture (firmware, trust anchors, bootloaders, secure boot, memory safety, and wireless protocols). Familiar with MITRE ATT&CK and EMB3D frameworks, and how to apply them to threat modeling or response. Able to replicate and assess exploitability and business impact of submitted vulnerabilities. Working experience with bug bounty operations and direct researcher interaction. Skilled in vulnerability triage, severity scoring (CVSS, CWE/CWSS), and root cause identification.
Job Title: Prompt Engineer Parloa Platform Location: Pune, India (Hybrid) Employment Type: Full-Time About Knowledgeforce IT Services India Pvt. Ltd. Knowledgeforce IT Services India Pvt. Ltd. is the India Development Center (IDC) of Kforce Inc., a leading staffing and solutions provider headquartered in the US. We deliver high-quality technology and business solutions for our global clients, leveraging innovation, talent, and cutting-edge tools to solve complex challenges. Role Overview We are standing up next-generation conversational AI experiences on Parloa while we gradually transition from Google Dialogflow (voice remains on Dialogflow through next spring). As a Senior Parloa Prompt Engineer, you will design, implement, and optimize prompts and flows that power AI-assisted customer experiences across voice and digital channels. Youll own prompt strategy, knowledge ingestion, API integration, and escalation logic on Parloa, while collaborating closely with our integration partner (Presidio) on the Cisco/Webex routing and custom API connectivity. This is a hands-on role for a senior practitioner who can ship quickly, document thoroughly, and help us migrate knowledge from Intercom into a Parloa-ingestible formatbalancing short-term delivery with a scalable architecture for the future. What Youll Do (Key Responsibilities) Prompt & Conversation Design Lead prompt strategy for Parloa: system prompts, few-shot examples, guardrails, and prompt chaining for multi-turn flows. Design voice and chat experiences with robust error recovery, safe fallbacks, and escalation logic to live agents. Establish evaluation frameworks (A/B tests, prompt drift detection, prompt performance dashboards). Parloa Build & Orchestration Build and optimize Parloa flows, intents, entities, and connectors/webhooks; tune NLU and policy behaviors for voice. Implement session and context management, disambiguation flows, and content moderation/guardrails. Define and enforce versioning, promotion paths (dev test prod), and release notes for conversational assets. Knowledge Base Migration & RAG Lead migration of knowledge from Intercom to a Parloa-ingestible structure (chunking, metadata, taxonomies). Stand up retrieval patterns (e.g., FAQ/RAG-style lookups where appropriate) with quality thresholds and citations. Partner with content owners to maintain a single source of truth and governance for knowledge updates. APIs, Integrations & Telephony Collaboration Design and implement RESTful/webhook integrations (auth, timeouts, retries, idempotency) used by Parloa flows. Collaborate with Presidio on Cisco/Webex routing design; build the custom integration logic Parloa requires (no native Cisco connector). Instrument telemetry, logging, and observability across Parloa and integration layers; define SLIs/SLOs for conversational services. Transition from Google Dialogflow Maintain/improve Dialogflow voice bots during the transition; ensure feature parity and a smooth phased cutover to Parloa. Map intents/entities/flows and port training data; validate ASR/TTS tuning, latency, barge-in, and call-handling behaviors. Quality, Compliance & Ops Establish automated testing for conversation paths, regression checks, and contract tests for APIs. Define analytics and reporting (containment, resolution, fallback rate, deflection, escalation, AHT, CSAT proxy). Adhere to privacy-by-design principles for PII/PCI/PHI as applicable; guide redaction, access, and retention patterns. Create runbooks, architectural docs, and handoff materials; mentor designers/engineers on Parloa best practices. What Youll Bring (Minimum Qualifications) 6+ years building production conversational AI (voice and/or chat) with 2+ years in prompt engineering or advanced LLM orchestration. Hands-on Parloa experience or strong, transferable experience on Google Dialogflow (CX/ES) with demonstrated ability to ramp quickly on Parloa. Deep expertise in prompt design (system/user/tool prompts), evaluation, guardrails, and LLM safety patterns. Proven track record integrating REST APIs (OAuth 2.0, JWT, secrets management), JSON schema design, and webhook patterns. Experience with voice fundamentals: ASR/TTS tuning, latency management, barge-in, error handling, call flows. Practical skills in Node.js or Python, Git, CI/CD, and structured release management. Strong analytics orientation: define KPIs, build dashboards, and use data to iterate conversational performance. Excellent documentation and cross-functional collaboration, including with external vendors/integrators. Nice to Have Prior Parloa production launches (voice + digital) and familiarity with its connectors, analytics, and deployment lifecycle. Cisco/Webex Contact Center (or similar CCaaS) exposure; understanding of SIP/telephony routing patterns. Experience working with Presidio or similar telephony/CCaaS systems integrators. Knowledge base engineering (taxonomy, chunking, relevance scoring) and Intercom Parloa migration experience. Cloud exposure (Azure/AWS/GCP) for secrets, logging, and serverless integration services. Familiarity with security frameworks and data handling in regulated environments. Tools & Stack Parloa , Google Dialogflow (CX/ES) (during transition) Intercom (source KB) Parloa-ingestible format Node.js/Python , REST APIs, OAuth/JWT, Git, CI/CD Observability/analytics (platform-native + custom dashboards)
We are seeking a seasoned MERN Developer to join our agile DevOps team focused on building, testing, and deploying web-based applications that power client's internal automation systems. These tools enable the design and configuration of network services, streamlining the deployment of client's cutting-edge mobility infrastructure. Your Day-to-Day Responsibilities Design and implement web application components using React, Node.js, and MongoDB. Automate workflows and unit testing using JEST . Collaborate closely with requirements engineers to translate business needs into technical designs. Write clean, maintainable, and well-documented code. Conduct peer reviews and contribute to design discussions and sprint planning sessions. Test implementations before deployment and assist QA teams in identifying and resolving issues. Guide automation strategy and test case creation with the QA team. Log and manage tasks via Jira and participate in deployment decisions. Provide post-deployment support to end users. Required Skills & Experience 7+ years building full-stack web applications using the MERN or MEAN stack. Proficiency in React , Node.js , MongoDB , and optionally Angular . Deep understanding of HTML5 , CSS3 , JavaScript , SCSS/LESS . Hands-on experience with JEST and other testing tools; strong testing fundamentals. Skilled in Git , Jira , and modern DevOps environments. Experienced with structured/unstructured data formats like JSON , YAML . Comfortable working in Agile/Scrum environments and supporting cross-functional teams. Preferred Skills Knowledge of data visualization libraries such as D3.js , Highcharts , etc. Familiarity with Linux/UNIX systems. Python development experience. Relational database experience (e.g., PostgreSQL, MySQL). Understanding of networking concepts (IP, routing, etc.) is a big plus. Why Join Us? You'll be part of a mission-critical team, building applications that play a direct role in delivering next-gen mobility solutions. Youll work with cutting-edge tech, collaborate with a passionate team, and contribute to meaningful infrastructure that impacts millions.
Job opportunity for Freshers Job Title: Warehouse & Logistics Executive / Associate Working Days: Monday to Saturday Timings: 9:30 AM 6:30 PM (may vary slightly based on dispatch cycles) Perks: Monthly travel, petrol, and mobile allowance on top of salary Role Overview We are looking for a dynamic and responsible Graduate Trainee to take charge of warehouse operations and logistics. This role is ideal for a young, energetic candidate who is eager to learn and grow into a leadership position in warehouse and e-commerce operations. You will be responsible for: Managing warehouse inventory and stock levels Handling inward/outward goods, order fulfilment and dispatch Working with courier and shipping partners (including Amazon FBA & Easyship) Coordinating closely with our e-commerce team for seamless operations Using inventory software/tools to track movement and demand Ensuring compliance with basic regulatory norms and safety practices You'll be guided and supported with industry best practices and will get exposure to modern logistics, warehouse automation, and e-commerce integrations. Key Responsibilities Receive, inspect, and organize inventory (Arduino products, kits, components) Maintain real-time stock updates using software tools (training provided) Prepare orders for packing, dispatch, and tracking including B2C (website + Amazon) and B2B shipments Coordinate returns, damaged stock, and reconciliation Manage Amazon FBA inventory and Easyship daily orders Liaise with courier partners for timely pickup, delivery issues, and SLAs Maintain clear documentation for invoicing, inventory, and audits Ensure a clean, efficient, and safe warehouse environment Who Should Apply Recent graduates (BCom, BBA, BSc, BA, Diploma / ITI or equivalent) with strong interest in logistics, e-commerce, and operations Strong analytical and logical skills Good spoken and written communication (basic English proficiency required) Tech-savvy and eager to learn warehouse/inventory software tools High sense of ownership, accountability, and integrity Flexible and willing to work in a growing startup environment