1267 Nessus Jobs

Nelito Systems Ltd is looking for Security Analyst to join our dynamic team and embark on a rewarding career journey Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans

Nelito Systems Ltd is looking for Security Analyst to join our dynamic team and embark on a rewarding career journey Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans

L2 (4 to 7 yrs experience) : Working knowledge in IT / IT Security & Compliance role In depth & Hands on Knowledge of Latest Vulnerability Assessment & Risk Prioritization process and tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Ability to respond appropriately in case of Cyber Security Incidents as per Response & Remediation SLAsKnowledge of identifying IT Threats proactively Understanding of Network Devices like Firewall, Switches, routers, Micro-segmentation etc Understanding of Servers, Databases & Application Security basics & hardening procedures Knowledge of Windows as well as Non-Windows OS Platforms Vulnerability gaps assessments, patch recommendations to close gapsKnowledge of CIS, NIST, DoT regulatory understanding etc based hardening of infrastructure (both on premise and cloud)Knowledge of latest technologies and Cloud Security, CSPM, Micro-segmentation Identify, assess, track and report on security risks and issues identified in due diligence processes, self-assessments, architectural reviews, change management, cyber exercises, reviews, and audits Ideate and leverage Gen AI to identify and visualize cybersecurity risk at scaleCloud Risk and Compliance ManagementUnderstanding of security design principles, controls, guardrails, across multi cloud platformsWell versed with the Zero Trust Architecture Framework and implementation and maturityPartner with Technology, Cloud, Infrasec, Info-Sec and Gen AI engineering teams, in both leading and supporting capacities L3 (7 Years+ experience) : Tools and Technology : Certification: IT / IT Security & Compliance role Tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Aware of Cyber Security process

L2 (4 to 7 yrs experience) : Working knowledge in IT / IT Security & Compliance role In depth & Hands on Knowledge of Latest Vulnerability Assessment & Risk Prioritization process and tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Ability to respond appropriately in case of Cyber Security Incidents as per Response & Remediation SLAsKnowledge of identifying IT Threats proactively Understanding of Network Devices like Firewall, Switches, routers, Micro-segmentation etc Understanding of Servers, Databases & Application Security basics & hardening procedures Knowledge of Windows as well as Non-Windows OS Platforms Vulnerability gaps assessments, patch recommendations to close gapsKnowledge of CIS, NIST, DoT regulatory understanding etc based hardening of infrastructure (both on premise and cloud)Knowledge of latest technologies and Cloud Security, CSPM, Micro-segmentation Identify, assess, track and report on security risks and issues identified in due diligence processes, self-assessments, architectural reviews, change management, cyber exercises, reviews, and audits Ideate and leverage Gen AI to identify and visualize cybersecurity risk at scaleCloud Risk and Compliance ManagementUnderstanding of security design principles, controls, guardrails, across multi cloud platformsWell versed with the Zero Trust Architecture Framework and implementation and maturityPartner with Technology, Cloud, Infrasec, Info-Sec and Gen AI engineering teams, in both leading and supporting capacities L3 (7 Years+ experience) : Tools and Technology : Certification: IT / IT Security & Compliance role Tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Aware of Cyber Security process

L2 (4 to 7 yrs experience) : Working knowledge in IT / IT Security & Compliance role In depth & Hands on Knowledge of Latest Vulnerability Assessment & Risk Prioritization process and tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Ability to respond appropriately in case of Cyber Security Incidents as per Response & Remediation SLAsKnowledge of identifying IT Threats proactively Understanding of Network Devices like Firewall, Switches, routers, Micro-segmentation etc Understanding of Servers, Databases & Application Security basics & hardening procedures Knowledge of Windows as well as Non-Windows OS Platforms Vulnerability gaps assessments, patch recommendations to close gapsKnowledge of CIS, NIST, DoT regulatory understanding etc based hardening of infrastructure (both on premise and cloud)Knowledge of latest technologies and Cloud Security, CSPM, Micro-segmentation Identify, assess, track and report on security risks and issues identified in due diligence processes, self-assessments, architectural reviews, change management, cyber exercises, reviews, and audits Ideate and leverage Gen AI to identify and visualize cybersecurity risk at scaleCloud Risk and Compliance ManagementUnderstanding of security design principles, controls, guardrails, across multi cloud platformsWell versed with the Zero Trust Architecture Framework and implementation and maturityPartner with Technology, Cloud, Infrasec, Info-Sec and Gen AI engineering teams, in both leading and supporting capacities L3 (7 Years+ experience) : Tools and Technology : Certification: IT / IT Security & Compliance role Tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Aware of Cyber Security process

L2 (4 to 7 yrs experience) : Working knowledge in IT / IT Security & Compliance role In depth & Hands on Knowledge of Latest Vulnerability Assessment & Risk Prioritization process and tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Ability to respond appropriately in case of Cyber Security Incidents as per Response & Remediation SLAsKnowledge of identifying IT Threats proactively Understanding of Network Devices like Firewall, Switches, routers, Micro-segmentation etc Understanding of Servers, Databases & Application Security basics & hardening procedures Knowledge of Windows as well as Non-Windows OS Platforms Vulnerability gaps assessments, patch recommendations to close gapsKnowledge of CIS, NIST, DoT regulatory understanding etc based hardening of infrastructure (both on premise and cloud)Knowledge of latest technologies and Cloud Security, CSPM, Micro-segmentation Identify, assess, track and report on security risks and issues identified in due diligence processes, self-assessments, architectural reviews, change management, cyber exercises, reviews, and audits Ideate and leverage Gen AI to identify and visualize cybersecurity risk at scaleCloud Risk and Compliance ManagementUnderstanding of security design principles, controls, guardrails, across multi cloud platformsWell versed with the Zero Trust Architecture Framework and implementation and maturityPartner with Technology, Cloud, Infrasec, Info-Sec and Gen AI engineering teams, in both leading and supporting capacities L3 (7 Years+ experience) : Tools and Technology : Certification: IT / IT Security & Compliance role Tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Aware of Cyber Security process

L2 (4 to 7 yrs experience) : Working knowledge in IT / IT Security & Compliance role In depth & Hands on Knowledge of Latest Vulnerability Assessment & Risk Prioritization process and tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Ability to respond appropriately in case of Cyber Security Incidents as per Response & Remediation SLAsKnowledge of identifying IT Threats proactively Understanding of Network Devices like Firewall, Switches, routers, Micro-segmentation etc Understanding of Servers, Databases & Application Security basics & hardening procedures Knowledge of Windows as well as Non-Windows OS Platforms Vulnerability gaps assessments, patch recommendations to close gapsKnowledge of CIS, NIST, DoT regulatory understanding etc based hardening of infrastructure (both on premise and cloud)Knowledge of latest technologies and Cloud Security, CSPM, Micro-segmentation Identify, assess, track and report on security risks and issues identified in due diligence processes, self-assessments, architectural reviews, change management, cyber exercises, reviews, and audits Ideate and leverage Gen AI to identify and visualize cybersecurity risk at scaleCloud Risk and Compliance ManagementUnderstanding of security design principles, controls, guardrails, across multi cloud platformsWell versed with the Zero Trust Architecture Framework and implementation and maturityPartner with Technology, Cloud, Infrasec, Info-Sec and Gen AI engineering teams, in both leading and supporting capacities L3 (7 Years+ experience) : Tools and Technology : Certification: IT / IT Security & Compliance role Tools like Qualys, Nessus, Skybox, Kenna, Rapid7 & Metasploit Aware of Cyber Security process

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks. Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools. Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify.

Responsibilities: Lead cybersecurity testing for IoT devices per BIS/ITSAR, ensuring ISO 17025 compliance. Develop methodologies, oversee assessments, review reports, collaborate with clients on security needs, and enhance lab operations.

We are looking for a Product & Solution Security Professional meeting the need for smart-mobility solutions. We are making the lives of people who travel easier and more enjoyable while constantly developing new, intelligent mobility solutions. Your new role challenging and future-oriented As a PSSE you will be involved in a project from Bid phase till the closure of the project. Conduct Threat and risk analysis, identifying vulnerabilities and proposing mitigation measures. Prepare Security concept, defining cyber security relevant activities related to configuration, installation and commissioning of railway signaling and telecommunication systems. Design, implement, and manage security architectures for railway signaling and telecommunication systems for mass transit and Mainline projects. Prepare Project specific Security policies and procedures. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27001 and TS50701) in the project. Evaluation of third-party components from a security point of view. Preparation of Security Test Plan, test cases and perform security testing(automated and Manual) to ensure the security controls are effectively implemented. Analysis of vulnerability finding, developing solution to fix the vulnerability if necessary. Respond to security incidents if any, helps in solution development Collection of product & solution security related lessons learned and feed into in continuous improvement activities (e.g., update of guidelines, reporting to PSSOs, integration in awareness material). Can support multiple projects at the same time and should occupy the function for the main part of is defined working time. We dont need superheroes, just super minds Bachelors degree in cybersecurity, computer science or a related field Should hold professional certification like CCNA, CCNP, IEC62443, CEH, GISCP, or equivalent. Deep understanding of OT protocols Exposure to Security tools Like Nessus, NMAP, IDS/IPS, firewall, application Whitelisting, Anti-virus , SIEM etc Should have understanding and experience on PKI, Active directory, Networking, Operating systems ( Windows and Unix ), ICS/SCADA. Knowledge of Vulnerability management, Security testing, System hardening, Patching etc. Should have working experience on one of the security standards ( IEC 62443 3-2, 3-3, 4-2, 2-1, TS50701, ISO 27001) Must have good understanding of Railway domain ( Signaling Mass Transit / Mainline) Has minimum 4-6years experience in one of the fields of professional experience. Weve got quite a lot to offer. How about you? This role is based in Pune. Youll also get to visit other locations in India and beyond, so youll need to go where this journey takes you. In return, youll get the chance to work with teams impacting entire cities, countries and the shape of things to come.

Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS). We should look for a candidate who has deep and diverse hands on exp in above skills. Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps. This profile requires a candidate with hands on Application Security experience specific to mobile applications Communication should excellent Skills: penetration testing,mobile app testing,sast,ios,android,dast Mandatory Key SkillsSAST,DAST,Penetration testing,Android,ioS,manual testing,AppSec*

As the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We re a technology company that leads with our humanity driving our business priorities alongside meaningful social, community, and societal impact. Are you ready to take your cybersecurity expertise to the next levelJoin our team as a Vulnerability and Exposure Management Analyst and play a pivotal role in safeguarding our organizations web applications, cloud infrastructure, and digital assets. Work with cutting-edge tools and collaborate with cross-functional teams to make a real impact in the fight against cyber threats. How You Will Contribute: Conduct vulnerability assessments using tools like Rapid7 InsightVM, Qualys VMDR, Tenable Nessus, and Shodan. Perform DAST, SAST, and manual penetration testing to identify critical risks. Deploy and manage attack surface management platforms, including CyCognito and Palo Alto Cortex Xpanse. Implement cloud security best practices and ensure compliance with frameworks like NIST and ISO 27001. Collaborate with development teams to integrate security into the SDLC. Automate security workflows with AI-driven tools to enhance efficiency. Stay ahead of emerging threats and industry trends. The Must Haves : Bachelor s degree in Computer Science, Cybersecurity, or equivalent professional experience. 3-5 years of hands-on experience in vulnerability management and security assessment. Expertise in tools such as Rapid7 InsightVM, Qualys, Tenable Nessus, and Shodan. Proficiency in ASM platforms and cloud security solutions like Wiz. Solid understanding of web application vulnerabilities and compliance frameworks. 2-3 years of hands-on experience in Scripting, Python, Regex. The Assets: Certifications like CISSP, CEH, OSCP, or AWS Certified Security Specialty. Experience with container security (Docker, Kubernetes) and DevSecOps practices. Background in merger and acquisition security assessments. #LI-MP1 Not ready to apply Join our Talent Community to get relevant job alerts straight to your inbox. At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination. Ciena is an Equal Opportunity Employer, including disability and protected veteran status. If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.

Role Objective: The objective of this role is to enhance and safeguard the organization's security posture by leading a comprehensive Vulnerability Management program. The Senior Cybersecurity Engineer will play a critical role in identifying, assessing, prioritizing, and mitigating vulnerabilities across diverse enterprise systems. With over a decade of experience in cybersecurity, and hands-on expertise with tools like Qualys and Nessus, the individual in this role will go beyond scanning to ensure vulnerabilities are effectively addressed and closed in collaboration with cross-functional teams. Key Responsibilities: Lead and manage enterprise-wide vulnerability management programs. Conduct regular vulnerability scans using tools such as Qualys, Nessus, and other industry-standard platforms. Analyze scan results, identify false positives, prioritize real threats, and communicate actionable mitigation steps. Collaborate with IT, DevOps, and application teams to remediate vulnerabilities effectively within defined SLAs. Develop and maintain metrics, dashboards, and reports to communicate risk posture to technical and non-technical stakeholders. Stay up to date with the latest vulnerabilities, exploits, threats, and industry best practices. Assist in defining and enforcing vulnerability management policies, procedures, and standards. Support internal and external audits and compliance activities (e.g., ISO 27001, NIST, PCI-DSS). Required Qualifications: Minimum 10 years of professional experience in Cybersecurity, with a strong focus on Vulnerability Management. Demonstrated hands-on expertise with Qualys, Nessus, and similar vulnerability assessment tools. Solid understanding of network protocols, system administration (Windows, Linux), and application security. Proven experience with remediation and mitigation strategies, not limited to scanning and reporting. Strong knowledge of CVE, CVSS, and vulnerability lifecycle management. Familiarity with scripting or automation for scan and remediation processes (e.g., Python, PowerShell). Experience working in complex enterprise environments with cross-functional teams. Preferred Qualifications: Relevant certifications such as CISSP, CEH, OSCP, or GIAC (GCIH, GCIA, GSEC). Experience integrating vulnerability data into SIEMs or ticketing systems (e.g., Splunk, ServiceNow). Exposure to cloud environments (AWS, Azure, GCP) and their native security tools. Understanding of regulatory and compliance standards (HIPAA, SOX, GDPR, etc.).

Role Overview: We are seeking an enthusiastic Security Researcher to join our growing organization. Our global organization works in the areas of malware research, customer escalation response and system Engineering and development. You will be expected to learn the ins-and-outs of our daily malware escalation responses, routines and procedures. Additionally, you will help build automations, and author detection content which will help fight the bad guys. About the role: You must have awareness of threats around the globe, regional threats and top adversaries / criminal groups focusing on malware including affiliate networks pertaining to Windows OSes. You will process incoming requests from our customers and Support team regarding malware analysis and detection. You will provide static and dynamic analysis of malware including - infection, propagation, lateral movement, exploitation POCs, etc. You will extract malicious patterns from malware and author effective detection and repair signatures and test them before being utilized by our Trellix products. You will participate in the incident response process on need basis and prepare analysis of the incident, remediation instructions, and assist customers. Using your coding skills, there may be opportunity to develop automation framework for malware analysis and efficiency improvements. You will propose and create innovative solutions for problems that our customers are facing. You will share your most exciting research findings through blogs and internal presentations. You will work closely with colleagues in the same and other time zones, and attend a daily handover to the next region. You will be required to do on-call work during holidays and weekends as part of a team Rota. About You: Ideally you must have experience in a Security or Malware Researcher role You must have experience with Python, C/C++, or other similar programming languages You must understand Windows PE file format. You should have knowledge of Windows OS internals - memory, threads, processes, API, etc. You should have knowledge of Networking protocols and experience with network traffic analysis tools (Wireshark, Fiddler). Proficiency in debugger usage (OllyDbg, IDA pro) would be advantageous Previous experience in reverse engineering would be advantageous You should have experience of various malware analysis tools You should have excellent problem-solving skills, fast learner, self-motivated to take initiatives with focus on achieving results in timely manner You should have proven ability to translate insights into business recommendations Degree Level Computing Qualification or equivalent with 2+ years demonstrated experience Ability to positively adapt to changes and multitasking in a fast-moving industry

Key Responsibilities: Conduct comprehensive application security assessments, focusing on the OWASP Top 10 for web and mobile applications. Utilize vulnerability assessment tools to identify and analyze security risks within applications and systems. Collaborate with development teams to integrate security practices into the software development lifecycle (SDLC). Provide recommendations and guidance for remediating vulnerabilities and improving application security posture. Monitor security alerts and take appropriate action to mitigate potential threats. Assist in developing and implementing security policies, procedures, and best practices. Stay up-to-date with the latest security trends, tools, and technologies to ensure the organizations security measures remain adequate and relevant. Communicate technical security issues and solutions effectively to both technical and non-technical stakeholders. Qualifications: 2-5 years of experience in application security, focusing on identifying and mitigating security vulnerabilities. Strong knowledge of OWASP's Top 10 security risks for web and mobile applications. Familiarity with vulnerability assessment tools like Nessus, Burp Suite, Fortify, etc. Prior programming experience (e.g., Python, Java, JavaScript, etc.) is an added advantage and will be highly beneficial. Excellent problem-solving skills and attention to detail. Strong communication skills, with the ability to explain complex security issues clearly and concisely. Ability to work independently and as part of a team in a fast-paced environment. Relevant certifications (such as CEH, OSCP, CISSP) are a plus but not required. Knowledge of CSPM and DSPM Mandatory Key SkillsSecOps,Security Testing,OWASP,Java,JavaScript,CEH,OSCP,CISSP,Nessus*,Burp Suite*,Python*

Join our Team About this opportunity: At Ericsson, We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations, incident response, and network/system security Experience with scanning tools (e.g., Nessus, Qualys) and PAM solutions (e.g., CyberArk, BeyondTrust) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation

Job Description Agilent’s Information Security organization is looking for a Vulnerability/Patch Management and Automation lead with a solid technical security background in a global enterprise. This role will be responsible for overseeing and improving Agilent’s existing vulnerability/patch management security program and drive automation initiatives within Agilent's Information Security team.The successful candidate will need good communication skills to ensure patch and vulnerability management requirements are understood and adhered to by stakeholders across a large global enterprise. In addition, the person in this role will need to be able to collect requirements for actions that can be automated, convert them into use cases and create automated processes to improve efficiency. This role is a great development opportunity that will later grow further into advanced application security/penetration testing. Major Duties: Vulnerability and Patch Management - Own and drive Agilent’s vulnerability and patch management programs by reviewing and classifying patches released from OS and applications used across the organization, follow up with system owners and ensure remediation is completed. Automation – Work with current automation tools to mature automation use cases and develop new processes to reduce manual overhead within the Information Security organization Security Consultant – Work with the Agilent business and IT organization to provide general guidelines and policies on various projects Qualifications Qualifications Required: Bachelor in Computer Science, Information Systems, or equivalent experience At least 3 years of directly related experience in Information Security Working experience with vulnerability management systems Excellent communication skills towards a technical and non-technical audience alike Ability to provide a holistic perspective of security and productivity to assist with automation Skills Desired: Familiarity with Qualys and Nessus, 2-3 years preferred Python experience with automation within XSOAR or other automation platforms Ability to work with others in a global environment having a wide variety of styles, performance, culture, etc Additional Details This job has a full time weekly schedule. Our pay ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. During the hiring process, a recruiter can share more about the specific pay range for a preferred location. Pay and benefit information by country are available at: https://careers.agilent.com/locations Agilent Technologies Inc. is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other protected categories under all applicable laws. Travel Required: No Shift: Day Duration: No End Date Job Function: IT

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

About the role Systems Engineer III - Performance Engineer You will be responsible for Collaborate with product managers and developers to understand product requirements and contribute to performance-focused design discussions. Create and maintain comprehensive non-functional test cases and use cases tailored to performance testing needs. Translate NFRs into detailed performance and security test plans, including SLAs, SLOs, and capacity benchmarks. Develop detailed performance test plans, including test cases and test data, and ensure alignment with business expectations. Execute various types of performance testing such as load, stress, scalability, and endurance tests to assess system behaviour under different conditions. Analyse performance test results to identify bottlenecks and inefficiencies and provide actionable insights for resolution. Monitor system performance using diagnostic tools and provide real-time feedback during testing cycles. Automate performance tests using modern, open-source tools and scripting languages to streamline testing processes. Collaborate with DevSecOps to integrate security testing into CI/CD workflows and enforce shift-left security practices. Document and report security vulnerabilities with risk ratings, reproduction steps, and remediation guidance. Work closely with QE, DevOps, and Development teams to ensure performance and security best practices are embedded throughout the SDLC. Provide detailed test reports, dashboards, and technical documentation for stakeholders. You will need Bachelor’s degree in computer science or a related engineering discipline. 12+ years of experience in Quality Engineering preferably in retail orgs or product organisations Application Testing: Hands-on experience in performance testing of APIs, microservices, web applications, and native mobile apps. Performance Testing Tools: Proficient in industry-standard tools such as JMeter, K6, Locust, Gatling, etc for load and stress testing. Scripting & Automation: Strong programming skills in Java, Python, and Shell scripting for developing and automating performance test scripts. Monitoring & Diagnostics: Expertise in using APM and logging tools - AppDynamics, Dynatrace, Splunk, New Relic, RunScope, Grafana to monitor & analyze system performance. Cloud & Containerization: Solid understanding of cloud platforms (Azure), container orchestration (Kubernetes), and containerization (Docker) for scalable performance testing. Database Performance: Ability to analyze and optimize SQL queries and database performance; familiarity with SQL, NoSQL databases, and pub-sub messaging systems. Infrastructure Knowledge: Understanding of load balancers, infrastructure design, and application architecture in both Azure cloud and on-premises environments. Security Tools: Experience with security and vulnerability assessment tools such as Burp Suite, OWASP ZAP, Metasploit, Nessus, and Nmap. Security Best Practices: Strong grasp of OWASP Top 10, CWE/SANS Top 25, and secure coding principles. Operating Systems: Comfortable working in Linux/Unix environments. Analytical Skills: Excellent problem-solving, debugging, and troubleshooting abilities. Communication: Strong verbal and written communication skills, with the ability to convey complex technical concepts clearly. Whats in it for you? At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles -simple, fair, competitive, and sustainable. Salary - Your fixed pay is the guaranteed pay as per your contract of employment. Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the company’s policy. Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Physical Wellbeing - Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. About Us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations - from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built.

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry. In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cybersecurity. We are passionate champions for our clients and know from experience that the best solution for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world. As a Threat Management Platform Developer, you’ll play a key role in supporting and enhancing our cybersecurity reporting ecosystem by managing and customizing the PlexTrac platform. You’ll work closely with security teams to streamline assessment workflows, develop actionable reporting templates, and drive platform integrations that align with internal processes. This role is ideal for someone with 1–4 years of experience in cybersecurity or platform development, who’s passionate about operational efficiency, automation, and offensive security tooling. Who We Are Looking For You’ll serve as a platform technical enabler, responsible for managing, enhancing, and evolving platform to support efficient cybersecurity reporting and threat exposure workflows. This includes: Optimizing platform usage by identifying repetitive reporting and workflow processes within security teams that can be centralized or automated using PlexTrac. Collaborating with Penetration Testers to translate technical assessment data into standardized, actionable reports and dashboards. Enhancing platform capabilities by developing and customizing templates, integrations, and automations using PlexTrac APIs and scripting frameworks. Conducting research to identify innovative features and integrations that support continuous threat exposure management. Supporting offensive security teams by integrating outputs from tools such as Burp Suite, Nessus, Nmap, Metasploit, and custom scripts into PlexTrac workflows. Building parsers and automation scripts to ingest and normalize data from red team engagements, vulnerability scans, and threat simulations. How You’ll Make An Impact 1 - 4 years’ experience of implementation and development of cybersecurity reporting or threat exposure management platform etc. Proficiency in Python and relevant libraries (e.g., gingerit, Pandas, Requests). Experience with RESTful APIs, data parsing, and JSON/XML. Familiarity with security tools, scanners (like Nessus or Burp Suite), and threat intelligence feeds is a plus. Strong communication skills to work across technical and non-technical teams. A passion for improving security workflows and a curiosity for automation and tooling. Ability to create efficient, well-documented, and reusable scripts and tools. Strong problem-solving skills and the ability to translate requirements into scalable solutions. What You Can Expect From Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Get to know Okta Okta is The World’s Identity Company. We free everyone to safely use any technology, anywhere, on any device or app. Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secure access, authentication, and automation, placing identity at the core of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you. Okta’s Workforce Identity Cloud Security Engineering group is looking for a Staff Site Reliability Engineer with a passion for DevSecOps , Infrastructure Security , and SRE . Join a team that is not just building solutions but redefining the standards for cloud security. If you have a proven background in securing large-scale, critical infrastructure, we want to talk to you.Okta’s Workforce Identity Cloud Security Engineering group is looking for an experienced and passionate Senior Site Reliability Engineer to join a team focused on designing and developing Security solutions to harden our cloud infrastructure. We embrace innovation and pave the way to transform bright ideas into excellent security solutions that help run large-scale, critical infrastructure. We encourage you to prescribe defense-in-depth measures, industry security standards and enforce the principle of least privilege to help take our Security posture to the next level. Our Infrastructure Security team has a niche skill-set that balances Security domain expertise with the ability to design, implement, and roll out infrastructure across multiple cloud environments without adding friction to product functionality or performance. We are responsible for the ever-growing need to improve our customer safety and privacy by providing security services that are coupled with the core Okta product. This is a high-impact role in a security-centric, fast-paced organization that is poised for massive growth and success. You will act as a liaison between the Security org and the Engineering org to build technical leverage and influence the security roadmap. You will focus on engineering security aspects of the systems used across our services. Join us and be part of a company that is about to change the cloud computing landscape forever. As a Staff Engineer, you should be able to identify gaps, propose innovative solutions, and contribute to roadmaps while driving alignment across multiple teams within the organization. Additionally, you should serve as a role model, providing technical mentorship to junior team members and fostering a culture of learning and growth. You will work on: Building, running, and monitoring Okta's production infrastructure. Being an evangelist for security best practices and also leading initiatives/projects to strengthen our security posture for critical infrastructure. Responding to production incidents and determining how we can prevent them in the future. Triaging and troubleshooting complex production issues to ensure reliability and performance. Identifying and automating manual processes. Continuously evolving our monitoring tools and platform. Promoting and applying best practices for building scalable and reliable services across engineering. Developing and maintaining technical documentation, runbooks, and procedures. Supporting a 24x7 online environment as part of an on-call rotation. Be a technical SME for a team that designs and builds Okta's production infrastructure, focusing on security at scale in the cloud. You are an ideal candidate if you: Have 8+ years experience in DevSecOps or Cloud infrastructure security. Are always willing to go the extra mile: see a problem, fix the problem. Have experience automating, securing, and running large-scale production IAM and containerized services in AWS (EC2, ECS, KMS, Kinesis, RDS), GCP (GKE, GCE) or other cloud providers. Have knowledge of CI/CD principles, Linux fundamentals, OS hardening, networking concepts, and IP protocols. Have an understanding and familiarity with configuration management tools like Chef and Terraform. Have experience in operational tooling languages such as Ruby, Python, Go and shell, and use of source control. Experience with industry-standard security tools like Nessus, Qualys, OSQuery, Splunk, etc. Experience with Public Key Infrastructure (PKI) and secrets management. Bonus points for: Experience conducting threat assessments and assessing vulnerabilities in a high-availability setting. Understanding MySQL, including replication and clustering strategies, and familiarity with data stores such as DynamoDB, Redis, and Elasticsearch. Minimum Required Knowledge, Skills, Abilities, and Qualities: 7+ years of hands-on experience in DevSecOps practices and Cloud Security, with a focus on securing cloud-native infrastructure. 7+ years of experience architecting and running complex AWS or other cloud networking infrastructure resources. 7+ years of experience with Chef and Terraform. Unflappable troubleshooting skills. Strong Linux understanding and experience. Security background and knowledge. BS In computer science (or equivalent experience). What you can look forward to as a Full-Time Okta employee! Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/. Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/.

Introduction Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify.

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify.

Understand common cyber attacks, e. g. , social engineering, phishing, identity theft. Obfuscation, trojans, dumpster diving, insider attacks, etc. Strong Knowledge of Information Security & Ethical Hacking Concepts. Required Candidate profile Freshers B.Tech | BCA | MCA | Must have Knowledge about Ethical Hacking , Cyber Security Proficiency in testing tools (Kali Linux, Metasploit, Burp Suite, Wireshark) Whatsapp Resume: 7042302345

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in security architecture at PwC will focus on designing and implementing robust security frameworks to protect organisations from cyber threats. You will develop strategies and solutions to safeguard sensitive data and enable the integrity of systems and networks. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Basic Qualifications Job Requirements and Preferences : Minimum Degree Required Bachelor Degree Minimum Years Of Experience 4-9 year(s) Preferred Qualifications Preferred Fields of Study : Computer and Information Science, Information CyberSecurity, Information Technology, Management Information Systems, Computer Applications, Computer Engineering Certification(s) Preferred Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT) Preferred Knowledge/Skills Demonstrates extensive abilities and/or a proven record of success in the following areas: Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management; Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution; Networking protocols, TCP/IP stack, systems architecture, and operating systems; Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript; Well-known Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and, Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools. Demonstrates extensive abilities and/or a proven record of success in the following areas: Performing penetration testing activities within a client’s environment, emphasizing manual stealthy testing techniques; Presenting technical topics at conferences highlighting aspects of adversary attack simulations, technical attack techniques, risk management, custom malware design, or zero day attacks; Leading and executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems; Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines; Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements; Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information; Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems; Performing and supervising various workstreams of client engagements that emphasize identifying and addressing client needs; Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses; Managing engagements with junior staff; Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary; Balancing project economics management with the occurrence of unanticipated issues. Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members; Proactively seeking guidance, clarification, and feedback; and, Keeping leadership informed of progress and issues. Year Of Experience 9-12 years