763 Nessus Jobs - Page 15

Period :Immediate. Type Contract Description Minimum of 5 years of technical cyber Security Consultant experience and IT audit/compliance . Experience integrating Cyber Security technologies with existing technologies Proficient understanding of experience with audit, regulatory requirements, and standards (SOC2, ISO, HITRUST), and other related standards and certification processes. Must be passionate about contributing to an organization focused on continuously improving consumer experiences Willing to work in Eastern Time/Humana business hours .Preferred Qualifications Knowledge of key compliance and IT frameworks . such asSSAE16 SOC2, HITRUST, SOX, etc. CISA, CISSP, HCISPP, CCSP, CISM, CTPRP or similar certification

Job Summary A Security Analyst specializing in Vulnerability Assessment and Penetration Testing (VAPT) is responsible for evaluating and testing an organization’s digital assets for vulnerabilities. This Role is responsible to manage organization’s internal and external vulnerability management program from scan to resolution of identified vulnerabilities. Roles and Responsibilities: Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications & IT Assets. Leverage threat modelling for applications to identify potential threats and suggest suitable mitigation strategies. Manage organization’s internal vulnerability management program execution, coordination, reporting and mitigation of vulnerabilities with various stakeholders. Work with external Vendor to plan, execute External VAPT on IT Assets, software applications, software code, mobile apps. Provide technical leadership in setting up SoW, complete External VAPT scan from start to closer of identified vulnerabilities. Work closely with cross function teams including IT and product development teams to close security findings, vulnerabilities. Develop and implement strategies to improve overall security posture. Knowledge And Skills Bachelor’s degree in computer science, Information Security, or a related field. Proven experience in vulnerability assessment and penetration testing. Good understanding of various Security standards like OWASP Top 10, OWASP Mobile Top 10, OWASP API Top 10, OWASP IoT Top 10, SANS Top 25, NIST. Good understanding of vulnerability severity calculation methods like CVSS Any of security certification related to VAPT, for example: Certified Security Analyst (ECSA). Licensed Penetration Tester (LPT). Offensive Security Certified Professional (OSCP). Offensive Security Certified Web Expert (OSWE). GIAC Penetration Tester (GPEN) Sound working experience with security scan products like Nessus, burp suits, Open VAS. Strong understanding of security principles, techniques, and technologies. Knowledge of application design and coding practices. Knowledge on any vulnerability management products like Qualys, Tenable, Rapid7 High level of initiative and self-direction Excellent communicator in English, both written and spoken while being able to convey information effectively at multiple levels of sensitivity and for various audiences.

Secondary skill Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practices. Missions We are seeking a skilled Cloud Security Analyst to join our team. The ideal candidate will have extensive experience in cloud security, particularly with Azure, AWS, and Microsoft 365 (M365). This role involves ensuring the security of our cloud infrastructure, identifying and mitigating risks, and implementing best practices to protect our data and systems Design, implement, and manage security measures for cloud environments (Azure, AWS, M365). Monitor cloud infrastructure for security breaches and respond to incidents. Conduct regular security assessments and audits. Develop and enforce security policies and procedures. Collaborate with IT and development teams to ensure secure deployment of applications. Stay updated with the latest security trends and threats. Responsible to managed cloud operational security Review users request on Azure and provide approval or implement required configuration (ex admin consent (permissions to internal or external applications to access Cloud Tenant with the user account)) Azure access reviews configuration and follow-up (report on non-completed reviews, send reminder to reviewers and reschedule access reviews) Monitor and provide report on Conditional access group exception groups Monitor and report on security alerts (Defender for Cloud) not managed by SG SOC. Provide training and guidance to staff on cloud security best practices. Profile Strong organizational, analytical and reporting as well as determination skills Previous experience of network security components administration Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practice

Experience 6+ Years Skill SIEM Notice Period Immediate Employment Type Contract Work Mode WFO/Hybrid 6 years of SIEM, or SOC experience Strong communication, written, and verbal skills Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams Customer service/support experience Ability to conduct in-depth forensic analytical studies and investigations Role Preferences Splunk certification Coding or scripting experience Strong knowledge of Unix/Linux Security+, GIAC, SSGB, ITIL, or similar certification Working knowledge of applicable industry controls such as NIST 800-536 or Mitre Attack Framework

Implement and manage identity and access management (IAM) solutions. Ensure regulatory compliance and enhance security protocols.

Responsible for identifying, assessing, and mitigating security vulnerabilities through automated and manual penetration testing. Develops remediation plans, conducts security audits, and ensures compliance with industry standards. Expertise in vulnerability scanners, ethical hacking, and cybersecurity frameworks is required.

Design and manage Public Key Infrastructure (PKI) solutions. Implement certificate management strategies, secure authentication mechanisms, and encryption protocols. Ensure compliance with cybersecurity standards.

Implements cybersecurity solutions to protect IT infrastructure from threats. Responsibilities include threat analysis, security monitoring, compliance audits, and security tool deployment. Expertise in SIEM, IDS/IPS, and vulnerability management is required.

Manage and implement security solutions within SAP Integrated Business Planning (IBP) systems. You will focus on securing data and ensuring proper access control across IBP applications. Expertise in IBP, SAP security, and role-based access control is required.

Job Description: VAPT lead with experience in vulnerability assessment and penetration testing is preferred The resource should mandatorily have minimum 4 Years experience in VAPT Responsible for planning executing and managing infrastructure level vulnerability assessments and penetration testing activities across the organization s IT landscape Key Responsibilities: Lead and manage end to end Vulnerability Assessment and Penetration Testing VAPT activities across infrastructure components including networks servers endpoints and cloud environments Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements Conduct thorough assessments to identify security vulnerabilities simulate attack scenarios and evaluate the effectiveness of existing security controls Collaborate with infrastructure network and application teams to validate findings and support remediation efforts Prepare detailed technical reports and executive summaries outlining identified risks impact analysis and recommended mitigation strategies Ensure VAPT activities align with industry standards such as ISO 27001 NIST OWASP and CIS Benchmarks Maintain up to date knowledge of emerging threats tools and techniques in the vulnerability assessment and penetration testing domain Technical Requirements: Proven experience in conducting infrastructure level Vulnerability Assessment and Penetration Testing VAPT across networks servers endpoints and cloud environments Strong hands on expertise with VAPT tools such as Nessus Qualys Nmap Metasploit Burp Suite etc In depth understanding of network protocols system configurations and common vulnerabilities in enterprise IT environments Ability to identify analyze and prioritize security vulnerabilities and provide detailed remediation guidance to technical teams Preferred Skills: Technology->Application Security->Vulnerability Management

Need an Immediate Joiner!! Position: Senior Systems Engineer(CrowdStrike) Location: Remote Duration: Fulltime Hire (40 hours per week) Multi Year Contract This role is going to be WFH, flexible working hours. Job Description: Server Remediation Static code analysis Vulnerability Management for Software Development SONARQube for Security testing. Automation: IAAC/IAAS This position will be operations-focused, directly supporting IT teams with vulnerability remediation, coordination, tracking mitigation efforts, managing security exceptions, and providing management reporting. Specifically looking for a consultant or technical specialist who will handle end-to-end vulnerability management across our critical IT applications and infrastructure. Key responsibilities include: Analysing scan results, assessing exploitability, and prioritizing remediation based on criticality, CVSS scores, and business impact. Collaborating with IT, DevOps, SME’s and system owners to validate and verify remediation efforts. Developing and maintaining dashboards and reports to track remediation progress for management updates. Assisting with patch validation, system hardening, and misconfiguration remediation. Maintaining and improving vulnerability management policies and procedures. Required qualifications: Atleast 3+ years of experience in vulnerability management or related cybersecurity role. Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, CrowdStrike) . Strong understanding of cloud environments (AWS, Azure, GCP). Experience with scripting languages like Python or PowerShell.

Network Vulnerability management. Occasional network pen testing Network security architect The scope of the consultant services is to assist IKEA in Understanding the network architecture of MP. Assessing the vulnerability of the infrastructure. Scanning through the various reports of network vulnerability scans. Mitigation plan and report of various network vulnerability. Guiding infrastructure team around OT security. Requirements for this position. Industry experience of around 10 to 15 yrs . Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation Strong knowledge of: computer network defense, identity management, incident management, network security and infrastructure design Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and vulnerability assessment Strong understanding of the following: networking fundamentals (all OSI layers, protocols), OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

B2 Role L1/ L2 Support resource ( 2 years experience in DLP) Daily Summary Report with list of activities to be shared on daily. Configure Client tasks Purge events on frequent basis Help Desk Support Support in Troubleshooting during Agent installation Providing VPN evidences Support user in installation or uninstallation of Agents Support in resolving Agent Communication issues Support in Agent Upgrade Generate and share MIS reports with end user Troubleshooting Policy related issues Whitelisting of IPs, PF IDs Sharing of granular details of Infringements. Provide Root cause analysis documents

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Immediate Openings on Security Consultants with Vulnerability _Contract_Pan India 6+ Years Security Consultants with Vulnerability Pan India Period :Immediate. Type Contract Description 7 + Years Security Consultants with Vulnerability tools exp like Qualys or Tenable (prefer Qualys) and ServiceNow. Experience with Vulnerability tools such as Qualys or Tenable (prefer Qualys) and ServiceNow .

Job Description In this Role, Your Responsibilities Will Be: Analysis of UML diagrams and DFDs/Threat Models for security flaws and detailing specific recommendations in software and system setup to address them Mentoring of developers on security topics and coding Develop and deliver trainings to developers and management on security topics Analyzing requirements and performing code review for security flaws Establish direction for security requirements in our custom hardware and software Collaborate with other internal security groups across multiple divisions, at different levels, and in multiple international locations, as well as 3rd parties Continuous improvement of security processes via observation and measurement of project performance, and making updates to improve accuracy, reduce overhead, while maintaining compliance with IEC 62443 3-3 and 4-1 standards Participate in audits for standards compliance For This Role, You Will Need: Bachelor's degree in Computer Science, Computer Engineering Or Master's degree in Computer Science, with a minimum of 6 years of relevant experience Candidate must have hands-on, professional coding experience.net, c#, vb.net, Angular, React, Database: SQL Server, Mongo DB, Cosmos DB Experience building Azure DevOps pipelines Create and guide the creation of security documentation. Experience with design, develop and testing web-based applications (on-prem/cloud) Understanding of SDL/secure software development lifecycle practices Practical experience in software and security design principles Experience performing application-level threat modeling and code review Excellent interpersonal skills Excellent written and verbal communication skills Ability to clearly communicate technical information to a wide range of audiences Current knowledge of malware trends and current cybersecurity issues Experience with PKI/Certificates, Cryptography Responsibilities: Partner with software engineering teams to embed cybersecurity principles into product design. Conduct threat modeling and support architectural risk assessments for applications. Define and document security requirements in alignment with ISA/IEC 62443-4-1 and 62443-3-3. Support the implementation and validation of security controls across the SDLC. Guide teams in adopting secure coding practices, security testing, and supply chain security. Review design documents, code, and infrastructure-as-code for potential security risks. Collaborate with QA and DevOps to ensure security test coverage (e.g., SAST, DAST, dependency scanning). Required Qualifications: Strong understanding of web application security principles and common vulnerabilities (OWASP Top 10). Experience conducting threat modeling using the STRIDE framework Familiarity with secure SDLC practices and security engineering within Agile teams. Working knowledge of ISA/IEC 62443-4-1 (secure development lifecycle) and 62443-3-3 (system security requirements). Ability to communicate security risks and mitigation strategies to technical and non-technical audiences. Preferred Qualifications: Experience with DevSecOps practices and integrating security tools into CI/CD pipelines. Hands-on experience with tools like Burp Suite, Black Duck, Coverity, Bright, Nessus, Aqua, WIZ or similar. Familiarity with cloud-native application security (Azure) Knowledge of FSA (SSA-311): System Security Assurance - Functional security assessment for systems, Our Culture & Commitment to You At Emerson, we prioritize a workplace where every employee is valued, respected, and empowered to grow. We foster an environment that encourages innovation, collaboration, and diverse perspectives—because we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship, training, or leadership opportunities, we invest in your success so you can make a lasting impact. We believe diverse teams, working together are key to driving growth and delivering business results. We recognize the importance of employee wellbeing. We prioritize providing competitive benefits plans, a variety of medical insurance plans, Employee Assistance Program, employee resource groups, recognition, and much more. Our culture offers flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.

Position: Security Analyst – Client Services & Team Leadership Location: Kochi, Kerala Experience : 3-8 years Team Size to Manage: 2–5 Junior Analysts Industry Type: IT Services & Consulting / Cybersecurity Functional Area: ISM/TVM/GRC/Threat Intelligence Budget : As per Industry Urgency : 15-30 days Job Description We are seeking a Security Analyst with strong technical skills, client-facing experience, and a passion for mentoring junior resources. This role is ideal for professionals looking to lead cybersecurity services, build teams, and deliver impactful security solutions to clients across industries. Key Responsibilities Lead end-to-end cybersecurity services for assigned clients, including incident response, threat analysis, and vulnerability management Conduct risk assessments , prepare technical reports , and advise clients on improving their security posture Mentor and train junior analysts; create training programs , SOPs, and knowledge-sharing sessions Monitor SIEM , EDR, IDS/IPS tools to detect, analyze, and respond to threats Develop and maintain use cases, detection rules, and incident escalation protocols Coordinate with internal and external stakeholders to meet SLA targets Document incident timelines, root cause analysis (RCA), and ensure compliance with security frameworks like ISO 27001 , NIST , or MITRE ATT&CK Requirements Education : Bachelor’s degree in computer science / Cybersecurity / Information Technology Experience : 3-7 years in cybersecurity operations 2+ years in a client-facing or leadership/mentoring role Technical Skills : Hands-on experience with SIEM tools (e.g., Splunk, QRadar) Working knowledge of Vulnerability Scanners (e.g., Nessus, Qualys) Proficiency in Incident Detection , Threat Hunting , EDR Tools Scripting skills (Python/PowerShell) is a plus Key Competencies Strong leadership and team-building skills Excellent verbal and written communication Analytical mindset and proactive problem solver Ability to manage clients, priorities, and incidents efficiently Job Type: Full-time Pay: From ₹300,000.00 per year Schedule: Day shift Education: Bachelor's (Required) Experience: Cyber Security analyst: 3 years (Required) Language: English (Required) Work Location: In person Expected Start Date: 01/07/2025

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 9:12:23 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 8:59:09 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Job Description: VAPT lead with experience in vulnerability assessment and penetration testing is preferred The resource should mandatorily have minimum 4 Years experience in VAPT Responsible for planning executing and managing infrastructure level vulnerability assessments and penetration testing activities across the organization s IT landscape Key Responsibilities: Lead and manage end to end Vulnerability Assessment and Penetration Testing VAPT activities across infrastructure components including networks servers endpoints and cloud environments Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements Conduct thorough assessments to identify security vulnerabilities simulate attack scenarios and evaluate the effectiveness of existing security controls Collaborate with infrastructure network and application teams to validate findings and support remediation efforts Prepare detailed technical reports and executive summaries outlining identified risks impact analysis and recommended mitigation strategies Ensure VAPT activities align with industry standards such as ISO 27001 NIST OWASP and CIS Benchmarks Maintain up to date knowledge of emerging threats tools and techniques in the vulnerability assessment and penetration testing domain Technical Requirements: Proven experience in conducting infrastructure level Vulnerability Assessment and Penetration Testing VAPT across networks servers endpoints and cloud environments Strong hands on expertise with VAPT tools such as Nessus Qualys Nmap Metasploit Burp Suite etc In depth understanding of network protocols system configurations and common vulnerabilities in enterprise IT environments Ability to identify analyze and prioritize security vulnerabilities and provide detailed remediation guidance to technical teams Preferred Skills: Technology->Application Security->Vulnerability Management

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

🚨 We're Hiring: Cybersecurity Lead – Now in Nashik! 📍 Location: Nashik 🕐 Experience: 6+ years ** Immediate joiners** Key Skills & Experience: Network Security: 3+ years securing networks, configuring firewalls (Palo Alto, Sophos), IDS/IPS, VPNs, and using tools like Nessus/Qualys Cloud Security: 2+ years securing AWS, Azure, or GCP environments, including IAM, encryption, and container/serverless security Security Operations: 3+ years with SIEMs (Splunk, QRadar), threat hunting, and incident response Infrastructure Security: 2+ years in endpoint/server hardening, patch management, and tools like CrowdStrike, SentinelOne, and Axonius Application Security: Experience in secure SDLC, DevSecOps, SAST/DAST (Burp Suite, OWASP ZAP), and CI/CD security Proficiency in scripting (Python, Bash) and strong knowledge of container/cloud security (Docker, Kubernetes) ✅ Network & Cloud Security (AWS, Azure, GCP) ✅ SIEM, Incident Response & Threat Hunting ✅ Application & Infrastructure Security ✅ DevSecOps, SAST/DAST, CI/CD security ✅ Tools: Palo Alto, Splunk, Burp Suite, CrowdStrike, Docker/Kubernetes Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or a related field Preferred certifications: CISSP, CSSLP, CEH, CompTIA Security+ 📩 Apply now: apoorva.chauhan@aptohr.com #Cybersecurity #NashikJobs #HiringNow #Infosec #SecurityLead #CloudSecurity #ApplicationSecurity #SIEM #DevSecOps #AptoHR

About Godrej Agrovet Godrej Agrovet Limited (GAVL) is a diversified, Research & Development focused agri-business Company dedicated to improving the productivity of Indian farmers by innovating products and services that sustainably increase crop and livestock yields. GAVL holds leading market positions in the different businesses it operates - Animal Feed, Crop Protection, Oil Palm, Dairy, Poultry and Processed Foods. GAVL has a pan India presence with sales of over a million tons annually of high-quality animal feed and cutting- edge nutrition products for cattle, poultry, aqua feed and specialty feed. Our teams have worked closely with Indian farmers to develop large Oil Palm Plantations which is helping in bridging the demand and supply gap of edible oil in India. In the crop protection segment, the company meets the niche requirement of farmers through innovative agrochemical offerings. GAVL through its subsidiary Astec Life Sciences Limited, is also a business-to-business (B2B) focused bulk manufacturer of fungicides & herbicides. In Dairy and Poultry and Processed Foods, the company operates through its subsidiaries Creamline Dairy Products Limited and Godrej Tyson Foods Limited. Apart from this, GAVL also has a joint venture with the ACI group of Bangladesh for animal feed business in Bangladesh. For more information on the Company, please log on to www.godrejagrovet.com . Designation Location Mumbai Job Purpose We are seeking a highly skilled and experienced IT & OT Infrastructure, Data, and Applications Security Manager to lead the security strategy and implementation for IT & OT (Operational Technology) environments. This role is responsible for ensuring that critical infrastructure, network systems, and applications are secure from cyber threats while ensuring operational continuity in both the IT and OT domains. The position requires a deep understanding of both IT and OT security frameworks, as well as an ability to collaborate with cross-functional teams to safeguard digital assets and operations. Roles & Responsibilities IT & OT Infrastructure Security: Develop, implement, and maintain security policies, procedures, and controls to protect IT & OT infrastructure components, including servers, networks, industrial control systems (ICS), SCADA, and cloud environments. Collaborate with IT teams to ensure secure integration between IT and OT systems, addressing the unique security requirements of each domain. Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and mitigate threats in IT & OT infrastructures. Manage the security of industrial networks, SCADA systems, and IIoT (Industrial Internet of Things) devices to prevent cyber threats and ensure safe operations. Implement and maintain security for cloud services, on-premises data centers, and critical OT assets, ensuring compliance with industry standards. Data Security: Implement data encryption, tokenization, and masking techniques to protect sensitive and proprietary data across systems, databases, and storage devices. Oversee data classification processes and ensure data protection in compliance with legal and regulatory requirements (GDPR, CCPA, HIPAA, etc.). Ensure proper data backup, disaster recovery, and business continuity planning related to data security. Conduct data loss prevention (DLP) assessments and implement preventative controls. Manage access control policies for databases and ensure segregation of duties for sensitive information. Network Security: Develop and maintain robust network security architecture for IT & OT networks, ensuring protection against unauthorized access, data breaches, and cyber-attacks. Monitor and analyze network traffic and logs to detect potential threats, vulnerabilities, and anomalous activities across IT & OT networks. Implement network segmentation to isolate IT and OT environments while ensuring controlled data exchange between systems. Configure and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and secure VPNs to protect networks from external and internal threats. Manage secure communication channels for IT/OT devices and ensure the proper functioning of secure remote access protocols for IT/OT systems. Applications Security: Lead the implementation of secure application development practices for OT applications. Work with development and OT engineering teams to incorporate secure coding practices into OT software systems. Conduct regular security assessments and code reviews for applications, ensuring that vulnerabilities are identified and mitigated. Oversee security testing of OT applications, including SCADA systems, human-machine interfaces (HMIs), and industrial control software, to ensure that security controls are in place. Implement security controls around application access, user authentication, and data integrity for OT applications. Incident Response & Threat Management: Lead and coordinate response efforts to security incidents involving OT systems, ensuring that containment, investigation, and remediation processes are followed efficiently. Develop and maintain incident response plans that address OT-specific risks, ensuring minimal disruption to critical operations. Conduct post-incident analysis to identify root causes, recommend improvements, and apply corrective actions to prevent future occurrences. Collaborate with internal and external teams (e.g., law enforcement, vendors) during security incidents that may impact OT systems. Security Governance and Compliance: Ensure compliance with relevant industry regulations, standards, and frameworks (e.g., NIST, ISO 27001, IEC 62443, NERC CIP) in OT environments. Implement and enforce security governance, risk management, and compliance strategies across OT assets. Perform regular audits and assessments of OT security controls to ensure compliance with security policies and regulatory requirements. Maintain comprehensive security documentation, including risk assessments, incident reports, and security project plans. Security Awareness and Training: Develop and conduct security awareness training programs for OT staff, ensuring that they are educated on security best practices, emerging threats, and organizational policies. Provide ongoing education to the OT team about the importance of cybersecurity in the context of industrial operations and critical infrastructure. Stay current with emerging security trends, threats, and vulnerabilities specific to OT environments and incorporate new knowledge into security practices. Educational Qualification : Bachelor's degree in Computer Science, Information Security, Cybersecurity, Engineering, or a related field (Master’s preferred). Experience Minimum of 5 to 6 years of experience in IT & OT security, Data security, and application security. Extensive experience securing both OT (industrial control systems, SCADA, ICS, IIoT) environments. Proven experience with network segmentation, firewalls, IDS/IPS, VPNs, and application security frameworks. Familiarity with securing operational technology, including understanding of industrial protocols (Modbus, OPC, DNP3, etc.). Hands-on experience with OT vulnerability management, incident response, and threat intelligence processes. Skills Expertise in securing network and infrastructure devices, systems, and industrial control systems (ICS). Deep knowledge of network protocols and security mechanisms (e.g., IP, TCP/IP, VPNs, firewalls). Proficiency in securing cloud environments (AWS, Azure, Google Cloud) as well as on-premises systems. Experience with tools for vulnerability scanning, penetration testing, and risk assessments (e.g., Nessus, Qualys, Burp Suite). Certifications: CISSP, CISM, CISA, or similar certifications are preferred. OT-specific certifications such as Certified SCADA Security Architect (CSSA) or IEC 62443 certification a plus. Network security certifications such as CCSP, AWS Certified Security Specialty, or CCNA Security are beneficial. Application security certifications (e.g., CEH, OWASP) are a bonus. An inclusive Godrej Before you go, there is something important we want to highlight. There is no place for discrimination at Godrej. Diversity is the philosophy of who we are as a company. And has been for over a century. It’s not just in our DNA and nice to do. Being more diverse - especially having our team members reflect the diversity of our businesses and communities - helps us innovate better and grow faster. We hope this resonates with you. We take pride in being an equal opportunities employer. We recognize merit and encourage diversity. We do not tolerate any form of discrimination on the basis of nationality, race, color, religion, caste, gender identity or expression, sexual orientation, disability, age, or marital status and ensure equal opportunities for all our team members. If this sounds like a role for you, apply now! We look forward to meeting you.

Hi All, Greetings of the day! Currently we are having opening for the position of Cybersecurity, Risk Management for one of our leading Investment Banking client in Mumbai location. Experience - 2 to 5 Years Location - Goregaon (Hybrid) Responsibilities - Work on the remediation titles to be actionable good understanding of vulnerabilities - Provide data cleaning rules where needed need understanding of Databases and Scripting - Coordinate with Global counterparts - Automatize reporting in GCSD experience in scripting. - Work closely with regional production security teams to transition scanning & reporting activities - Document SOP for operational teams (tools maintenance and IVM activities) Technical & Behavioral Competencies OWASP methodologies application is a mandatory. 2 - 4 year experience in IT Security minimum University degree, preferably in Computer Science with spec. in IT Security Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. Curious and highly implicated in IT Security Team player Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries. Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes. Experience in a multi-cultural environment is appreciated. CEH or Any Security certifications are appreciated. Experience in Development languages and scripting is appreciate Interested candidates can share their updated resume at dipti.ghavri@kiya.ai