755 Nessus Jobs

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks. Key responsibilities: Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities. Assesses the potential risks associated with identified vulnerabilities. Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses. Utilizes manual testing techniques and industry-standard methodologies. Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage. Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization. Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis. Identifies root causes, provide recommendations for improvement, and drive preventive measures. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals. Builds relationships and influence stakeholders to drive remediation efforts. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Performs any other related task as required. To thrive in this role, you need to have: Understanding of vulnerability assessment methodologies, tools, and industry best practices. Good understanding of networking concepts, operating systems, and common software vulnerabilities. Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders. Familiarity with security frameworks, standards, and regulatory compliance requirements. Ability to collaborate and work effectively with stakeholders and cross-functional teams. Academic qualifications and certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial. Required experience: Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts. Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

You’ll be Responsible for? Implement, configure, and maintain infrastructure and monitoring tools across on-prem Data Centers (Servers, Networks, Storage, Firewalls) and hybrid Cloud (Azure/AWS). Work closely with Security, Network, Server, and Cloud teams to strengthen overall IT infrastructure posture and align tool deployments with organizational policies. Deploy and manage enterprise monitoring platforms (SolarWinds, Grafana, NTT data) for proactive visibility and alerting. Assist in implementing server/network baselines, access controls, and integrations with Security platforms. Deploy and maintain vulnerability scanning tools (Qualys, Nessus, Rapid7) and coordinate with teams for patch compliance. Implement and maintain Privileged Access Management (PAM) tools such as CyberArk for critical server and network infrastructure. Configure and manage enterprise Antivirus/Endpoint Protection solutions and integrate with monitoring dashboards. Support firewall and network tool integrations, including rule-set monitoring, configuration backups, and device health checks. Provide logs, metrics, and dashboards during incident response and RCA, working alongside Security teams. Maintain documentation, runbooks, and SOPs for tool configurations, integrations, and operational procedures. Assist in automation and AIOps for tool deployment, alert correlation, and reporting. You’d have? Bachelor’s degree in computer science, Information Technology, or a related field. 6 to 10 years of hands-on experience in IT Infrastructure (Servers, Networks, Storage) with a focus on tool implementation and monitoring. Practical exposure to CyberArk PAM deployments, enterprise Antivirus/Endpoint Protection platforms, and integration with DC and server environments. Hands-on experience with vulnerability scanning platforms (Qualys, Nessus, Rapid7) and remediation workflows. Familiarity with any of the Antivirus tools like Microsoft Defender for Servers, Defender for Cloud, Azure Sentinel, and AWS GuardDuty/Security Hub. Experience with Windows/Linux servers, VMware/Hyper-V virtualization, enterprise network devices, and storage systems. Understanding of network infrastructure tools (NetFlow analyzers, Wireshark, Cisco Prime, SNMP-based monitoring). Exposure to firewall platforms (Palo Alto, Fortinet, Cisco ASA) and ability to collaborate with network teams for tool alignment. Scripting/automation skills in PowerShell, Python, or Ansible for tool deployment and reporting automation. Ability to collaborate effectively with cross-functional teams for securing and monitoring enterprise infrastructure. Preferred Certifications: Tool-Focused: SolarWinds Certified Professional, Qualys/Nessus, CyberArk Defender/Trustee, Microsoft Defender Certifications. Cloud & Hybrid: Azure Security Engineer Associate / Administrator, AWS Security Specialty. Infrastructure: Data Center Certifications (Cisco CCNA/CCNP DC), Server/Storage (MCSE, VMware VCP-DCV, Dell EMC, HPE). Network: CCNA/CCNP (Routing & Switching or Security), Firewall vendor certs (Palo Alto, Fortinet). Foundational: CompTIA Security+, ITIL v4 Foundation. Tools & Technologies (Preferred Knowledge): Monitoring: SolarWinds, PRTG, Zabbix, Nagios, Azure Monitor Security & PAM: CyberArk, Microsoft Defender, Azure Sentinel, AWS GuardDuty Scanning: Qualys, Nessus, Rapid7 Antivirus/EDR: Symantec, CrowdStrike, Trend Micro, Microsoft Defender ATP Network: Cisco Prime, NetFlow analyzers, Wireshark, SNMP tools Automation: PowerShell, Ansible, Python Why join us? Impactful Work : Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry. Tremendous Growth Opportunities : Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development. Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated. Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com

The role will involve the following responsibilities: - Performing Web Application Security Testing - Conducting Mobile Application Security Testing - Scanning Network for Security Vulnerabilities - Coordinating with clients for Project related queries - Participating in meetings with client teams to discuss security issues and recommendations - Generating detailed security reports - Monitoring project progress and providing regular updates - Researching Open source security tools and new security topics - Establishing a Security Knowledge base for the team The ideal candidate should have a strong understanding of application security concepts, including mitigation techniques such as: - Web Application Security - OWASP Top 10 - Mobile Application Security - Mobile OWASP Top 10 - Threat Modelling - Risk Rating Frameworks - Web Traffic Interception (For Web/Mobile apps) - SSL - Network Concepts - Basics of Web Development - HTTP/HTML/JavaScript - Basic Mobile Application Concepts (either Android or iOS) Skills required: - Proficiency in Web application security and Mobile security - Experience with tools such as Nessus, Burp suite, and OWASP - Strong reporting and presentation skills,

As a Security Testing professional with 3-10 years of experience in SAST, DAST, API, Network, Mobile Security, DevSecOps, Cloud Security, Threat Modelling, Vulnerability Management, Logging & Audit, GRC, Security Operations, and IAM, you will be an integral part of the Infosys delivery team. Your main responsibility will be to ensure effective Design, Development, Validation, and Support activities, aiming to meet and exceed client expectations in the technology domain. Your role will involve gathering requirements and specifications to deeply understand client needs, subsequently translating them into system requirements. You will also play a crucial part in estimating work requirements accurately to provide project estimations to Technology Leads and Project Managers. Your contribution will be significant in the development of efficient programs and systems. If you believe you possess the necessary skills and expertise to assist our clients in navigating their digital transformation journey, then this opportunity is tailored for you! This job opening is available at multiple locations including Bangalore, Hyderabad, Trivandrum, Chennai, and Pune.,

Position: Freelance White Hat Ethical Hacker (CEH Certified) Company: Akku Cybersecurity Solutions Pvt. Ltd. Location: Remote (India preferred) Engagement: Freelance / On-Demand (with potential to scale to Retainer or Full-Time) About Akku: Akku is a cybersecurity product suite offering IAM, PAM, IGA, endpoint security, and MDM capabilities, designed to address the most common enterprise security and compliance requirements in a unified platform. To help our clients strengthen their overall security posture, we are building a network of experts to conduct authorized white hat penetration testing and VAPT assessments and offer actionable remediation strategies mapped to how Akku can address identified vulnerabilities. Role Overview: We are looking for a freelance, CEH-certified white hat hacker who can work with us on an on-demand basis to conduct VAPT assessments for client environments (with prior consent and NDA). The role involves identifying vulnerabilities, preparing professional reports, and collaborating with the Akku team on recommended solutions. Key Responsibilities: Perform authorized VAPT and ethical hacking assessments for client systems (cloud, on-prem, hybrid). Identify and document vulnerabilities, misconfigurations, and weaknesses in infrastructure, applications, or identity/access setups. Produce detailed, structured vulnerability assessment reports , including risk levels and recommended remediations. Collaborate with the Akku team to map remediation steps to product features for solution-oriented delivery to clients. Maintain compliance with ethical hacking standards, NDA obligations, and responsible disclosure practices. Stay current with emerging threats, exploit techniques, and security tools. Required Qualifications: CEH (Certified Ethical Hacker) certification is mandatory. Additional certifications (e.g. OSCP, eJPT, CompTIA PenTest+) are a plus. Hands-on experience conducting VAPT assessments for web apps, cloud environments, endpoints, and identity systems. Familiarity with tools such as Burp Suite, Nmap, Metasploit, Nessus, Nikto, Wireshark, etc. Strong ability to draft client-facing reports that balance technical depth with executive-level clarity. Understanding of IAM, PAM, and access governance is highly desirable. High integrity and professionalism in handling sensitive environments and confidential data. Bug bounty experience (e.g., HackerOne, Bugcrowd, Synack) is a strong plus. Engagement Model: On-Demand Basis : You will be brought in for specific client engagements post-NDA and approval. Remote : Work from anywhere, but India time zone availability is preferred. Scale-up Opportunity : If the need grows and there’s mutual interest, we are open to moving to a retainer or full-time role .

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Roles and Responsibilities: Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Analyze vulnerability assessment results to identify and prioritize risks. Develop and maintain vulnerability management processes and procedures. Coordinate vulnerability remediation activities with relevant stakeholders. Perform penetration testing to assess the effectiveness of security controls. Stay up-to-date on the latest security threats and vulnerabilities. Relevant Skills and Experience: 5-7 years of experience in vulnerability assessment, penetration testing. Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, Gray box, white box) and custom scripting. Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Familiar with KALI Linux & Parrot OS Qualifications: Bachelor's degree in computer science, information technology, or a related field. Security certifications (e.g., CISSP, CISM, CEH, OSCP). Strong problem-solving and analytical skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Additional Skills (Preferred) Experience with source code analysis tools. Experience with web application security testing. Experience with mobile application security testing. Experience with security incident response.

Job Title: SOC & VAPT Analyst (Entry-Level) Location: Indore Experience: 0–1 Years Certification: CEH (Certified Ethical Hacker) – Mandatory Preferred: Local candidates from Indore or nearby regions Job Summary: We are seeking a highly motivated and detail-oriented SOC & VAPT Analyst to join our cybersecurity team. This is an entry-level role ideal for individuals with a passion for cybersecurity, a foundational understanding of ethical hacking, and CEH certification. You will play a crucial role in monitoring security events, analyzing threats, and supporting vulnerability assessment and penetration testing activities. Key Responsibilities:SOC (Security Operations Center) Responsibilities: Monitor security alerts and events from SIEM tools and other monitoring systems. Analyze and triage incidents to determine their severity and impact. Perform initial investigation and threat analysis on potential security incidents. Escalate validated incidents to senior analysts or incident response teams. Document incident details, response steps, and follow-up actions. VAPT (Vulnerability Assessment & Penetration Testing): Assist in performing internal and external vulnerability scans. Support penetration testing under the guidance of senior team members. Identify, analyze, and report vulnerabilities with actionable recommendations. Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques. Required Skills & Qualifications: CEH (Certified Ethical Hacker) certification is mandatory . Basic knowledge of security monitoring tools, firewalls, IDS/IPS, and SIEM solutions. Familiarity with vulnerability scanning tools like Nessus, OpenVAS, etc. Understanding of common attack vectors, exploits, and countermeasures. Strong analytical and problem-solving skills. Good communication and documentation abilities. Educational Qualification: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. Additional Preferences: Localized candidates from Indore or nearby areas are highly preferred . Internships or academic projects in cybersecurity will be an added advantage. Job Type: Full-time Pay: ₹15,000.00 - ₹16,000.00 per month Benefits: Cell phone reimbursement Paid time off Provident Fund Work Location: In person

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary : We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 1-10 Years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Vulnerability Assessments Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Role: Software Architect - Embedded You are an Energetic, Passionate, and Innate Software Technology Leader having excellent knowledge of designing and developing Linux based embedded products and having an 8+ years of experience with at least 4-5 years of experience of technical leadership. You possess very good knowledge of Software Architecture and Design, Design Patterns, OOPS concepts, Data Structures and Algorithms, Messages Queues, Multi-threading applications, Networking concepts and software security. You are competent to design, develop and deliver Software applications and embedded products. Technical Skills Required : - Hands-on experience in C/ C++, Embedded C (Very strong exposure in C Programming concepts). - Linux, Command of Linux OS. - IPC – Inter-Process Communication exposure (Multithreading and Socket Programming). - Working experience or Knowledge with Microprocessors like Arm 7/9, Cortex A8/A15, Qualcomm, Intel, IMX,NXP etc will be a huge plus. - You have sound knowledge and hands-on experience in one or more Technologies/Platform like Socket Programming, Multi-Threading, ONVIF/RTSP, Video codecs H264/H265, Video Parsing of H264/H265, Image processing, Embedded Web Server, BLE, WIFI, RS485. UART, Push Notification (FCM), VoIP (SIP & RTP). - You possess good knowledge and working experience in one or more Tech Stacks/Frameworks like Ffmpeg, Gstreamer, QT/QML, LIVE555, OpenCV(Image Processing), Networking Fundamentals, Basic Linux commands. - You are proficient in at least two or more languages from among C, JAVA, Python, C++, HTML/CSS, JQuery/Javascript. - You take complete ownership of timely product delivery with impeccable software quality. - You have experience in building, leading, and managing multi-engineer project teams. - You have the ability to navigate the teams through fast changing market needs. - You possess strong people leadership skills in growing/nurturing/mentoring the young engineers. - You have a good understanding of JIRA, Confluence, SVN, Fisheye, Crucible, Sonar/Parasoft/LDRA and Nessus/Nexpose.

The role will involve the following responsibilities: - Performing Web Application Security Testing - Conducting Mobile Application Security Testing - Scanning Networks for Security Vulnerabilities - Coordinating with clients for Project-related queries - Participating in meetings with client teams to discuss security issues and recommendations - Generating detailed security reports - Monitoring project progress and providing regular updates - Researching Open Source security tools and new security topics - Developing a Security Knowledge base for the team The ideal candidate should possess a strong understanding of application security concepts, including mitigation techniques in the following areas: - Web Application Security (OWASP Top 10) - Mobile Application Security (Mobile OWASP Top 10) - Threat Modelling - Risk Rating Frameworks - Web Traffic Interception (for Web/Mobile apps) - SSL - Network Concepts - Web Development Basics (HTTP/HTML/JavaScript) - Basic Mobile Application Concepts (either Android or iOS) Skills required for this role include proficiency in: - Web application security - Mobile security - Nessus - Burp Suite - OWASP - Reporting and Presentation Skills,

As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients" systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. You will perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients" IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients" systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients" IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: - Bachelor's degree in Computer Science, Information Technology, or related field. - 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. - Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. - Hands-on experience with various operating systems, including Windows, Linux, and Unix. - Strong understanding of network protocols, web application architecture, and common security vulnerabilities. - Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. - Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. - Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. - Proven track record of delivering high-quality security assessments and actionable recommendations.,

Job Name: Infrastructure Security Engineer Location- Onsite- Ahmedabad Job Type- Full Time Position Overview We are seeking an experienced Infrastructure Security Engineer to join our cybersecurity team and play a critical role in protecting our organization's digital infrastructure. This position requires a versatile security professional who can operate across multiple domains including cloud security, vulnerability management/patch management, endpoint protection, and security operations. Key Responsibilities AWS Cloud Security Design, implement, and maintain security controls across AWS environments including IAM policies, security groups, NACLs, and VPC configurations Configure and manage AWS security services such as CloudTrail, GuardDuty, Security Hub, Config, and Inspector Implement Infrastructure as Code (IaC) security best practices using CloudFormation, Terraform, or CDK Conduct regular security assessments of cloud architectures and recommend improvements Manage AWS compliance frameworks and ensure adherence to industry standards (SOC 2, ISO 27001, etc.) Vulnerability Management Lead enterprise-wide vulnerability assessment programs using tools such as Nessus Develop and maintain vulnerability and patch management policies, procedures, and SLAs, regular reporting Coordinate with IT and development teams to prioritize and remediate security vulnerabilities Generate executive-level reports on vulnerability metrics and risk exposure Conduct regular penetration testing and security assessments of applications and infrastructure Patch Management Design and implement automated patch management strategies across Windows, Linux, and cloud environments Coordinate with system administrators to schedule and deploy critical security patches Maintain patch testing procedures to minimize business disruption Monitor patch compliance across the enterprise and report on patch deployment status Develop rollback procedures and incident response plans for patch-related issues Endpoint Security Deploy and manage endpoint detection and response (EDR) solutions such as CrowdStrike Configure and tune endpoint security policies including antivirus, application control, and device encryption Investigate and respond to endpoint security incidents and malware infections Implement mobile device management (MDM) and bring-your-own-device (BYOD) security policies Conduct forensic analysis of compromised endpoints when required Required Qualifications Education & Experience Bachelor's degree in computer science, Information Security, or related field Minimum 5+ years of hands-on experience in information security roles 3+ years of experience with AWS cloud security architecture and services Technical Skills Cloud Security: Deep expertise in AWS security services, IAM, VPC security, and cloud compliance frameworks Vulnerability Management: Proficiency with vulnerability scanners (Qualys, Nessus, Rapid7) and risk assessment methodologies Patch Management: Experience with automated patching tools (WSUS, Red Hat Satellite, AWS Systems Manager) Endpoint Security: Hands-on experience with EDR/XDR platforms and endpoint management tools SIEM/SOAR: Advanced skills in log analysis, correlation rule development, and security orchestration Operating Systems: Strong knowledge of Windows and Linux security hardening and administration Security Certifications (Preferred) AWS Certified Security - Specialty CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) CEH (Certified Ethical Hacker) Key Competencies Strong analytical and problem-solving skills with attention to detail Excellent communication skills and ability to explain complex security concepts to technical and non-technical stakeholders Project management capabilities with experience leading cross-functional security initiatives Ability to work in fast-paced environments and manage multiple priorities Strong understanding of regulatory compliance requirements (PCI-DSS, HIPAA, SOX, GDPR) Experience with risk assessment frameworks and security governance Reporting Structure This position reports to the Engineering Manager Cyber Security and collaborates closely with IT Operations, Development Teams.

As a Security Testing professional with 3-10 years of experience in SAST/DAST/API, Network, Mobile Security, DevSecOps, Cloud Security, Threat Modelling, Vulnerability Management, Logging & Audit, GRC, Security Operations, and IAM, your role as a part of the Infosys delivery team will encompass various responsibilities. Your main responsibility will be to ensure effective Design, Development, Validation, and Support activities to meet and exceed client expectations in the technology domain. This will involve gathering requirements and specifications to deeply understand client needs and translating them into system requirements. Additionally, you will be pivotal in estimating work requirements accurately to provide vital input on project estimations to Technology Leads and Project Managers. Your contribution will be essential in the creation of efficient programs and systems that align with client requirements and industry best practices. If you are passionate about aiding clients in their digital transformation journey and possess the required expertise, then this opportunity is tailored for you! This job opening is available in multiple locations including Bangalore, Hyderabad, Trivandrum, Chennai, and Pune.,

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data's Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills and Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Job Title: Penetration Tester Experience Required: 4 to 5 Years Location: [Insert Location or Remote] Job Type: Full-Time Job Summary: We are looking for a skilled and experienced Penetration Tester to join our cybersecurity team. The ideal candidate will have 4 to 5 years of hands-on experience in conducting security assessments, identifying vulnerabilities, and simulating real-world attacks to evaluate the strength of our infrastructure, applications, and systems. Key Responsibilities: Perform network, web application, mobile, and API penetration tests . Simulate real-world cyberattacks to assess organizational security posture. Identify, document, and report vulnerabilities and exploits with remediation recommendations. Collaborate with internal teams to assist in risk mitigation and remediation strategies . Use tools like Burp Suite, Metasploit, Nmap, Nessus, Wireshark , etc. Conduct social engineering assessments , such as phishing simulations (optional based on role). Keep up to date with the latest threats, tools, and techniques in the cybersecurity landscape. Prepare and deliver clear, concise, and technical penetration testing reports . Participate in Red Team/Blue Team exercises , if applicable. Required Skills & Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology , or related field. 45 years of hands-on experience in penetration testing or ethical hacking . Proficiency in Kali Linux and other offensive security tools. Strong knowledge of OWASP Top 10 , MITRE ATT&CK framework , and common attack vectors . Experience with scripting languages (Python, Bash, or PowerShell). Familiarity with cloud security testing (AWS, Azure, GCP) is a plus. Excellent analytical, problem-solving, and reporting skills . Certifications (Preferred): OSCP (Offensive Security Certified Professional) Highly preferred CEH (Certified Ethical Hacker) GPEN (GIAC Penetration Tester) Other relevant security certifications Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Role Proficiency: Maintain and improve security posture by identifying scoping and prioritizing vulnerabilities in our systems. Provide guidance and drive accountability of risk-based vulnerability remediation across business and technology teams. Outcomes: Identification of vulnerabilities in the organization's network and IT infrastructure. Identification of risk for the company and the required remediation performed. Perform gap analysis of current vulnerability remediation policies and processes versus industry best practices for the client and identify opportunities for improvement. Vulnerabilities prioritization based on their severity and impact. Accountable for the identification and subsequent use of remedial methods to improve the outcome Measures of Outcomes: Average time to action Mean time to remediation Rate Of Recurrence Total Risk Remediated Average Vulnerability Age Provide 3-5 reports and analysis follow-up on a weekly basis Provide at least 2 vulnerability analysis Produce 2 reports for management in each quarter Own and manage at least 2 identified threats & vulnerabilities Outputs Expected: Daily Activities : Daily/Weekly/Monthly Reports on the status of the Platform Execute the latest 1 threat variants to test detection and prevention capabilities. Priority assistance in agent upgrades (scenarios include - Agent update patching) Creating one Standard policy recommendation and configuration according to environment each month. IOC & IOA management. Security research community: Stay on top of the security research community. Will be up to date on current attacks campaigns and trends to initiate innovative research activities. Continuous Learning innovation and optimization: Ensure completion of the learning program suggested by Managers Suggest ideas that will help innovation and optimization of processes Skill Examples: Experience in IT optimally in Security with exposure to infrastructure and application vulnerability scan configurations vulnerability assessments and vulnerability management Good understanding of network protocols design and security operations Strong analytical skills and efficient problem solving Proficient in scripting languages such as Python Security hardening techniques and hardening standards patching Ability to design and document security operational procedures Understanding of attacker behaviors and techniques is required. Knowledge Examples: Knowledge Examples A strong understanding of the current threat landscape including the latest tactics tools and procedures common malware variants and effective techniques for detecting this malicious activity. Familiarity with basic security concepts in vulnerability management network security systems administration or other areas of technology is required. Hands-on experience with Vulnerability management tools such as Spotlight Rapid7 Nessus Tenable or Qualys. Knowledge of security principles techniques and technologies Knowledge in exploit development. Security certifications such as CEH GPEN GSEC CISSP. Additional Comments: # Areas Must to Have 1 Vulnerability Operations The candidate should have hands-on experience in vulnerability handling within large-scale or regulated environments (preferably financial services). strong understanding of theVulnerability management process including vulnerability lifecycle, including asset discovery, scanning, CVSS-based prioritization, remediation. Experience implementing or improving vulnerability lifecycle workflows Ability to interpret threat feeds (e.g., CISA KEV, AlienVault OTX, ThreatConnect) and map those threats to assets. Oversee vulnerabiliy consolidation system and promptly report any operational issues Monitor the health of interconnected environments updating the central planning platform,escalate and resolve failures, and coordinate with the internal engineering team. Ensure clear and concise senior management reporting Coordinating and leading regular meeting with internal business team focussed on vulnerability management 3 Stakeholder Management & Soft skills Experience in influencing and managing stakeholder with strong interpersonal skills to build relationships and collaborate within teams Strong communication skills to effectively coordinate with global infrastructure, application, and compliance teams. Skillled in preparing reports and presentations for senior management and delivering them to large audience 4 Tools and Technologies Experience in using Microsoft teams,JIRA Skilled in MS Excel for data analysis, including filtering, pivoting, and dashboarding Experience in analyzing large datasets to identify issues and gaps Proficient in Servicenow and Confluence 5 Education and experience Bachelor's degree in Computer Science, Engineer or Related field Minimum of 5 years in cybersecurity, specifically in vulnerability management, risk management, or cyber operations Good to have Knowledge of API, python Scripting Prior experience in handling JIRA tickets Expertize in Advanced excel or any other reporting tools Required Skills Advanced Excel,Vulnerability Management,Patch Management

We are Hiring for one of our MNC client Job Title: Patching Engineer Location: [Mohali Office, India] Job Type: Full-time Department: Infrastructure Management Job Summary We are seeking a highly skilled Patching Engineer to oversee and execute patch management processes across our cloud-hosted environments and enterprise network infrastructure. This role plays a critical part in ensuring system security, compliance, and optimal performance by proactively managing software updates, firmware patches, and vulnerability remediation strategies. Key Responsibilities Patch Management & System Updates: Plan, schedule, and execute patching for Windows and Linux virtual machines in a cloud-hosted environment. Manage and maintain firmware and software updates for networking devices, including switches, firewalls, and wireless controllers . Automate patch deployment and compliance reporting using endpoint management tools . Security & Compliance: Collaborate with security teams to conduct vulnerability assessments and ensure timely remediation of identified threats. Ensure patching processes align with industry security, the best practices, regulatory requirements, and internal IT policies . Track and report on compliance metrics to ensure adherence to organizational and security standards. Monitoring & Troubleshooting: Continuously monitor patching status, performance, and success rates across all environments. Diagnoses and resolve patching failures, compatibility issues, and system performance concerns . Generate detailed reports for internal stakeholders and audits on patch deployment status, security improvements, and compliance tracking. Documentation & Process Improvement: Maintain comprehensive documentation of patching schedules, configurations, rollback procedures, and compliance records. Develop and refine best practices and automation strategies to improve patch deployment efficiency. Provide guidance and training to IT teams on patching strategies and security hardening. Qualifications & Experience Technical Skills: Extensive experience in managing Windows and Linux virtual machines in cloud environments (Azure, AWS, or Google Cloud) . Strong knowledge of networking concepts and experience configuring and patching switches, firewalls, and wireless controllers . Hands-on experience with endpoint management and patching tools such as Microsoft SCCM, Intune or Endpoint Central Familiarity with vulnerability management tools (Rapied7, Nessus, Tenable, etc.) and security patching methodologies. Proficiency in automation and scripting (PowerShell, Bash, Python, or Ansible) to streamline patching processes. Soft Skills: Strong problem-solving and troubleshooting abilities to address patching failures and system performance issues. Excellent documentation and communication skills for collaboration with IT, security, and compliance teams. Ability to work in a fast-paced, high-availability environment while ensuring minimal downtime. Preferred Qualifications: Certifications such as Microsoft Azure Administrator (AZ-104), Red Hat Certified Engineer (RHCE), Cisco Certified Network Associate (CCNA), or CompTIA Security+ . Experience working in retail, enterprise IT, or highly distributed environments . Understanding of ITIL processes and best practices in change management, incident handling, and security compliance . Why Join Us? Opportunity to work in a dynamic, cloud-first environment ensuring the security and stability of enterprise infrastructure. Hands-on experience with leading cloud, security, and automation technologies . A key role in enhancing cybersecurity resilience and ensuring high availability for business-critical systems.

About Us SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. Join us to shape the future of digital payment in India and unlock your full potential. What’s in it for YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment. Role Accountability Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks Provide technical expertise for information security policies and standards Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience Perform vulnerability risk profiling and prioritization of vulnerabilities Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.) Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards Provide technical & program management expertise and oversight over vendor teams Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership Ensure process documentation and compliance adherence Measures of Success Reduction in security vulnerabilities in SBI Card IT platforms Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card Reduction in information leakage and exploitation from vulnerabilities Security metrics / SLA / KPIs are within acceptable threshold Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents No adverse observations in Internal / External Audits Process Adherence as per MOU Technical Skills / Experience / Certifications Understanding of Vulnerability Management Program including Assessment and Remediation Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation. Understanding of the overall threat and vulnerability management process, including metrics to measure performance Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.) Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open-source tools Competencies critical to the role Stakeholder Management Analytical ability Innovation & Problem Solving Market Awareness Qualification Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science Preferred Industry BFSI / NBFC /E-commerce/IT & ITES / Telecom

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. CAPABILITIES Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. #LI-JK1 Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

🔐 We're Hiring: Cyber Security Expert (4–5 Years Experience) 📍 Location : CS Soft Solutions Pvt. Ltd., I-18, Sector 101, IT City Rd, JLPL Industrial Area, Sahibzada Ajit Singh Nagar, Punjab – 160062 📧 Email: shivani-kanwar@cssoftsolutions.com At CS Soft Solutions, we're not just about building digital products—we’re about building trust in every digital interaction. We're expanding our cybersecurity division and are on the lookout for a Cyber Security Expert who’s ready to take ownership, drive strategic initiatives, and protect our clients across industries. 🚀 Key Responsibilities : Act as a trusted advisor to clients, assessing posture & identifying risks Conduct vulnerability assessments, penetration tests & risk analyses Design and implement tailored cybersecurity policies & frameworks Respond to incidents & coordinate response with internal and client teams Ensure compliance (GDPR, HIPAA, ISO 27001, NIST, SOC 2) Lead client workshops, trainings, and briefings Collaborate with DevOps, IT, and Engineering for secure solution design Engage directly with CXOs to understand needs & propose solutions Drive proposal creation, pre-sales, and client success Mentor and lead junior cybersecurity professionals ✅ Required Qualifications : Bachelor’s/Master’s in Cybersecurity, InfoSec, or related field 5+ years hands-on cybersecurity experience Expertise in threat detection, incident response, and network security Hands-on with SIEMs (Splunk, QRadar), Nessus, Qualys, Metasploit, etc. Cloud security exposure (AWS, Azure, GCP) Knowledge of compliance & frameworks (ISO 27001, NIST, SOC 2) Industry exposure: IT, BFSI, Healthcare, Manufacturing Certifications Preferred: CEH, CISSP, OSCP, CISM, ISO 27001 LA/LI 💡 Nice to Have : MSSP or cybersecurity consulting experience DevSecOps and secure SDLC familiarity Forensics or threat hunting background 🧠 Key Traits : Strategic mindset with strong business acumen Excellent communication & client-handling skills Ownership-driven, independent, and team-oriented 📩 If you're passionate about securing digital transformation journeys and thrive in a dynamic, high-growth environment—CS Soft wants you on board! #CyberSecurityJobs #HiringNow #CSSoftSolutions #InformationSecurity #CybersecurityExpert #MSSP #ISO27001 #SIEM #DevSecOps #CloudSecurity #CISSP #OSCP #JoinOurTeam