776 Nessus Jobs - Page 16

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

B2 Role L1/ L2 Support resource ( 2 years experience in DLP) Daily Summary Report with list of activities to be shared on daily. Configure Client tasks Purge events on frequent basis Help Desk Support Support in Troubleshooting during Agent installation Providing VPN evidences Support user in installation or uninstallation of Agents Support in resolving Agent Communication issues Support in Agent Upgrade Generate and share MIS reports with end user Troubleshooting Policy related issues Whitelisting of IPs, PF IDs Sharing of granular details of Infringements. Provide Root cause analysis documents

Work Location:- Bangalore / Pune Experience:- 4 to 7 years Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Immediate Openings on Security Consultants with Vulnerability _Contract_Pan India 6+ Years Security Consultants with Vulnerability Pan India Period :Immediate. Type Contract Description 7 + Years Security Consultants with Vulnerability tools exp like Qualys or Tenable (prefer Qualys) and ServiceNow. Experience with Vulnerability tools such as Qualys or Tenable (prefer Qualys) and ServiceNow .

Job Description In this Role, Your Responsibilities Will Be: Analysis of UML diagrams and DFDs/Threat Models for security flaws and detailing specific recommendations in software and system setup to address them Mentoring of developers on security topics and coding Develop and deliver trainings to developers and management on security topics Analyzing requirements and performing code review for security flaws Establish direction for security requirements in our custom hardware and software Collaborate with other internal security groups across multiple divisions, at different levels, and in multiple international locations, as well as 3rd parties Continuous improvement of security processes via observation and measurement of project performance, and making updates to improve accuracy, reduce overhead, while maintaining compliance with IEC 62443 3-3 and 4-1 standards Participate in audits for standards compliance For This Role, You Will Need: Bachelor's degree in Computer Science, Computer Engineering Or Master's degree in Computer Science, with a minimum of 6 years of relevant experience Candidate must have hands-on, professional coding experience.net, c#, vb.net, Angular, React, Database: SQL Server, Mongo DB, Cosmos DB Experience building Azure DevOps pipelines Create and guide the creation of security documentation. Experience with design, develop and testing web-based applications (on-prem/cloud) Understanding of SDL/secure software development lifecycle practices Practical experience in software and security design principles Experience performing application-level threat modeling and code review Excellent interpersonal skills Excellent written and verbal communication skills Ability to clearly communicate technical information to a wide range of audiences Current knowledge of malware trends and current cybersecurity issues Experience with PKI/Certificates, Cryptography Responsibilities: Partner with software engineering teams to embed cybersecurity principles into product design. Conduct threat modeling and support architectural risk assessments for applications. Define and document security requirements in alignment with ISA/IEC 62443-4-1 and 62443-3-3. Support the implementation and validation of security controls across the SDLC. Guide teams in adopting secure coding practices, security testing, and supply chain security. Review design documents, code, and infrastructure-as-code for potential security risks. Collaborate with QA and DevOps to ensure security test coverage (e.g., SAST, DAST, dependency scanning). Required Qualifications: Strong understanding of web application security principles and common vulnerabilities (OWASP Top 10). Experience conducting threat modeling using the STRIDE framework Familiarity with secure SDLC practices and security engineering within Agile teams. Working knowledge of ISA/IEC 62443-4-1 (secure development lifecycle) and 62443-3-3 (system security requirements). Ability to communicate security risks and mitigation strategies to technical and non-technical audiences. Preferred Qualifications: Experience with DevSecOps practices and integrating security tools into CI/CD pipelines. Hands-on experience with tools like Burp Suite, Black Duck, Coverity, Bright, Nessus, Aqua, WIZ or similar. Familiarity with cloud-native application security (Azure) Knowledge of FSA (SSA-311): System Security Assurance - Functional security assessment for systems, Our Culture & Commitment to You At Emerson, we prioritize a workplace where every employee is valued, respected, and empowered to grow. We foster an environment that encourages innovation, collaboration, and diverse perspectives—because we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship, training, or leadership opportunities, we invest in your success so you can make a lasting impact. We believe diverse teams, working together are key to driving growth and delivering business results. We recognize the importance of employee wellbeing. We prioritize providing competitive benefits plans, a variety of medical insurance plans, Employee Assistance Program, employee resource groups, recognition, and much more. Our culture offers flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.

Position: Security Analyst – Client Services & Team Leadership Location: Kochi, Kerala Experience : 3-8 years Team Size to Manage: 2–5 Junior Analysts Industry Type: IT Services & Consulting / Cybersecurity Functional Area: ISM/TVM/GRC/Threat Intelligence Budget : As per Industry Urgency : 15-30 days Job Description We are seeking a Security Analyst with strong technical skills, client-facing experience, and a passion for mentoring junior resources. This role is ideal for professionals looking to lead cybersecurity services, build teams, and deliver impactful security solutions to clients across industries. Key Responsibilities Lead end-to-end cybersecurity services for assigned clients, including incident response, threat analysis, and vulnerability management Conduct risk assessments , prepare technical reports , and advise clients on improving their security posture Mentor and train junior analysts; create training programs , SOPs, and knowledge-sharing sessions Monitor SIEM , EDR, IDS/IPS tools to detect, analyze, and respond to threats Develop and maintain use cases, detection rules, and incident escalation protocols Coordinate with internal and external stakeholders to meet SLA targets Document incident timelines, root cause analysis (RCA), and ensure compliance with security frameworks like ISO 27001 , NIST , or MITRE ATT&CK Requirements Education : Bachelor’s degree in computer science / Cybersecurity / Information Technology Experience : 3-7 years in cybersecurity operations 2+ years in a client-facing or leadership/mentoring role Technical Skills : Hands-on experience with SIEM tools (e.g., Splunk, QRadar) Working knowledge of Vulnerability Scanners (e.g., Nessus, Qualys) Proficiency in Incident Detection , Threat Hunting , EDR Tools Scripting skills (Python/PowerShell) is a plus Key Competencies Strong leadership and team-building skills Excellent verbal and written communication Analytical mindset and proactive problem solver Ability to manage clients, priorities, and incidents efficiently Job Type: Full-time Pay: From ₹300,000.00 per year Schedule: Day shift Education: Bachelor's (Required) Experience: Cyber Security analyst: 3 years (Required) Language: English (Required) Work Location: In person Expected Start Date: 01/07/2025

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 9:12:23 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 8:59:09 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Job Description: VAPT lead with experience in vulnerability assessment and penetration testing is preferred The resource should mandatorily have minimum 4 Years experience in VAPT Responsible for planning executing and managing infrastructure level vulnerability assessments and penetration testing activities across the organization s IT landscape Key Responsibilities: Lead and manage end to end Vulnerability Assessment and Penetration Testing VAPT activities across infrastructure components including networks servers endpoints and cloud environments Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements Conduct thorough assessments to identify security vulnerabilities simulate attack scenarios and evaluate the effectiveness of existing security controls Collaborate with infrastructure network and application teams to validate findings and support remediation efforts Prepare detailed technical reports and executive summaries outlining identified risks impact analysis and recommended mitigation strategies Ensure VAPT activities align with industry standards such as ISO 27001 NIST OWASP and CIS Benchmarks Maintain up to date knowledge of emerging threats tools and techniques in the vulnerability assessment and penetration testing domain Technical Requirements: Proven experience in conducting infrastructure level Vulnerability Assessment and Penetration Testing VAPT across networks servers endpoints and cloud environments Strong hands on expertise with VAPT tools such as Nessus Qualys Nmap Metasploit Burp Suite etc In depth understanding of network protocols system configurations and common vulnerabilities in enterprise IT environments Ability to identify analyze and prioritize security vulnerabilities and provide detailed remediation guidance to technical teams Preferred Skills: Technology->Application Security->Vulnerability Management

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

🚨 We're Hiring: Cybersecurity Lead – Now in Nashik! 📍 Location: Nashik 🕐 Experience: 6+ years ** Immediate joiners** Key Skills & Experience: Network Security: 3+ years securing networks, configuring firewalls (Palo Alto, Sophos), IDS/IPS, VPNs, and using tools like Nessus/Qualys Cloud Security: 2+ years securing AWS, Azure, or GCP environments, including IAM, encryption, and container/serverless security Security Operations: 3+ years with SIEMs (Splunk, QRadar), threat hunting, and incident response Infrastructure Security: 2+ years in endpoint/server hardening, patch management, and tools like CrowdStrike, SentinelOne, and Axonius Application Security: Experience in secure SDLC, DevSecOps, SAST/DAST (Burp Suite, OWASP ZAP), and CI/CD security Proficiency in scripting (Python, Bash) and strong knowledge of container/cloud security (Docker, Kubernetes) ✅ Network & Cloud Security (AWS, Azure, GCP) ✅ SIEM, Incident Response & Threat Hunting ✅ Application & Infrastructure Security ✅ DevSecOps, SAST/DAST, CI/CD security ✅ Tools: Palo Alto, Splunk, Burp Suite, CrowdStrike, Docker/Kubernetes Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or a related field Preferred certifications: CISSP, CSSLP, CEH, CompTIA Security+ 📩 Apply now: apoorva.chauhan@aptohr.com #Cybersecurity #NashikJobs #HiringNow #Infosec #SecurityLead #CloudSecurity #ApplicationSecurity #SIEM #DevSecOps #AptoHR

About Godrej Agrovet Godrej Agrovet Limited (GAVL) is a diversified, Research & Development focused agri-business Company dedicated to improving the productivity of Indian farmers by innovating products and services that sustainably increase crop and livestock yields. GAVL holds leading market positions in the different businesses it operates - Animal Feed, Crop Protection, Oil Palm, Dairy, Poultry and Processed Foods. GAVL has a pan India presence with sales of over a million tons annually of high-quality animal feed and cutting- edge nutrition products for cattle, poultry, aqua feed and specialty feed. Our teams have worked closely with Indian farmers to develop large Oil Palm Plantations which is helping in bridging the demand and supply gap of edible oil in India. In the crop protection segment, the company meets the niche requirement of farmers through innovative agrochemical offerings. GAVL through its subsidiary Astec Life Sciences Limited, is also a business-to-business (B2B) focused bulk manufacturer of fungicides & herbicides. In Dairy and Poultry and Processed Foods, the company operates through its subsidiaries Creamline Dairy Products Limited and Godrej Tyson Foods Limited. Apart from this, GAVL also has a joint venture with the ACI group of Bangladesh for animal feed business in Bangladesh. For more information on the Company, please log on to www.godrejagrovet.com . Designation Location Mumbai Job Purpose We are seeking a highly skilled and experienced IT & OT Infrastructure, Data, and Applications Security Manager to lead the security strategy and implementation for IT & OT (Operational Technology) environments. This role is responsible for ensuring that critical infrastructure, network systems, and applications are secure from cyber threats while ensuring operational continuity in both the IT and OT domains. The position requires a deep understanding of both IT and OT security frameworks, as well as an ability to collaborate with cross-functional teams to safeguard digital assets and operations. Roles & Responsibilities IT & OT Infrastructure Security: Develop, implement, and maintain security policies, procedures, and controls to protect IT & OT infrastructure components, including servers, networks, industrial control systems (ICS), SCADA, and cloud environments. Collaborate with IT teams to ensure secure integration between IT and OT systems, addressing the unique security requirements of each domain. Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and mitigate threats in IT & OT infrastructures. Manage the security of industrial networks, SCADA systems, and IIoT (Industrial Internet of Things) devices to prevent cyber threats and ensure safe operations. Implement and maintain security for cloud services, on-premises data centers, and critical OT assets, ensuring compliance with industry standards. Data Security: Implement data encryption, tokenization, and masking techniques to protect sensitive and proprietary data across systems, databases, and storage devices. Oversee data classification processes and ensure data protection in compliance with legal and regulatory requirements (GDPR, CCPA, HIPAA, etc.). Ensure proper data backup, disaster recovery, and business continuity planning related to data security. Conduct data loss prevention (DLP) assessments and implement preventative controls. Manage access control policies for databases and ensure segregation of duties for sensitive information. Network Security: Develop and maintain robust network security architecture for IT & OT networks, ensuring protection against unauthorized access, data breaches, and cyber-attacks. Monitor and analyze network traffic and logs to detect potential threats, vulnerabilities, and anomalous activities across IT & OT networks. Implement network segmentation to isolate IT and OT environments while ensuring controlled data exchange between systems. Configure and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and secure VPNs to protect networks from external and internal threats. Manage secure communication channels for IT/OT devices and ensure the proper functioning of secure remote access protocols for IT/OT systems. Applications Security: Lead the implementation of secure application development practices for OT applications. Work with development and OT engineering teams to incorporate secure coding practices into OT software systems. Conduct regular security assessments and code reviews for applications, ensuring that vulnerabilities are identified and mitigated. Oversee security testing of OT applications, including SCADA systems, human-machine interfaces (HMIs), and industrial control software, to ensure that security controls are in place. Implement security controls around application access, user authentication, and data integrity for OT applications. Incident Response & Threat Management: Lead and coordinate response efforts to security incidents involving OT systems, ensuring that containment, investigation, and remediation processes are followed efficiently. Develop and maintain incident response plans that address OT-specific risks, ensuring minimal disruption to critical operations. Conduct post-incident analysis to identify root causes, recommend improvements, and apply corrective actions to prevent future occurrences. Collaborate with internal and external teams (e.g., law enforcement, vendors) during security incidents that may impact OT systems. Security Governance and Compliance: Ensure compliance with relevant industry regulations, standards, and frameworks (e.g., NIST, ISO 27001, IEC 62443, NERC CIP) in OT environments. Implement and enforce security governance, risk management, and compliance strategies across OT assets. Perform regular audits and assessments of OT security controls to ensure compliance with security policies and regulatory requirements. Maintain comprehensive security documentation, including risk assessments, incident reports, and security project plans. Security Awareness and Training: Develop and conduct security awareness training programs for OT staff, ensuring that they are educated on security best practices, emerging threats, and organizational policies. Provide ongoing education to the OT team about the importance of cybersecurity in the context of industrial operations and critical infrastructure. Stay current with emerging security trends, threats, and vulnerabilities specific to OT environments and incorporate new knowledge into security practices. Educational Qualification : Bachelor's degree in Computer Science, Information Security, Cybersecurity, Engineering, or a related field (Master’s preferred). Experience Minimum of 5 to 6 years of experience in IT & OT security, Data security, and application security. Extensive experience securing both OT (industrial control systems, SCADA, ICS, IIoT) environments. Proven experience with network segmentation, firewalls, IDS/IPS, VPNs, and application security frameworks. Familiarity with securing operational technology, including understanding of industrial protocols (Modbus, OPC, DNP3, etc.). Hands-on experience with OT vulnerability management, incident response, and threat intelligence processes. Skills Expertise in securing network and infrastructure devices, systems, and industrial control systems (ICS). Deep knowledge of network protocols and security mechanisms (e.g., IP, TCP/IP, VPNs, firewalls). Proficiency in securing cloud environments (AWS, Azure, Google Cloud) as well as on-premises systems. Experience with tools for vulnerability scanning, penetration testing, and risk assessments (e.g., Nessus, Qualys, Burp Suite). Certifications: CISSP, CISM, CISA, or similar certifications are preferred. OT-specific certifications such as Certified SCADA Security Architect (CSSA) or IEC 62443 certification a plus. Network security certifications such as CCSP, AWS Certified Security Specialty, or CCNA Security are beneficial. Application security certifications (e.g., CEH, OWASP) are a bonus. An inclusive Godrej Before you go, there is something important we want to highlight. There is no place for discrimination at Godrej. Diversity is the philosophy of who we are as a company. And has been for over a century. It’s not just in our DNA and nice to do. Being more diverse - especially having our team members reflect the diversity of our businesses and communities - helps us innovate better and grow faster. We hope this resonates with you. We take pride in being an equal opportunities employer. We recognize merit and encourage diversity. We do not tolerate any form of discrimination on the basis of nationality, race, color, religion, caste, gender identity or expression, sexual orientation, disability, age, or marital status and ensure equal opportunities for all our team members. If this sounds like a role for you, apply now! We look forward to meeting you.

Hi All, Greetings of the day! Currently we are having opening for the position of Cybersecurity, Risk Management for one of our leading Investment Banking client in Mumbai location. Experience - 2 to 5 Years Location - Goregaon (Hybrid) Responsibilities - Work on the remediation titles to be actionable good understanding of vulnerabilities - Provide data cleaning rules where needed need understanding of Databases and Scripting - Coordinate with Global counterparts - Automatize reporting in GCSD experience in scripting. - Work closely with regional production security teams to transition scanning & reporting activities - Document SOP for operational teams (tools maintenance and IVM activities) Technical & Behavioral Competencies OWASP methodologies application is a mandatory. 2 - 4 year experience in IT Security minimum University degree, preferably in Computer Science with spec. in IT Security Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. Curious and highly implicated in IT Security Team player Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries. Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes. Experience in a multi-cultural environment is appreciated. CEH or Any Security certifications are appreciated. Experience in Development languages and scripting is appreciate Interested candidates can share their updated resume at dipti.ghavri@kiya.ai

Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. Key Responsibilities: Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients' IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients' systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients' IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Hands-on experience with various operating systems, including Windows, Linux, and Unix. Strong understanding of network protocols, web application architecture, and common security vulnerabilities. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. Proven track record of delivering high-quality security assessments and actionable recommendations

Key Responsibilities: Perform in-depth penetration testing, vulnerability assessments, and security reviews of applications, infrastructure, and networks. Identify, exploit, and document security vulnerabilities across systems and provide remediation recommendations. Simulate sophisticated attacks to test the strength of security controls and identify potential areas of compromise. Collaborate with development, infra, and DevOps teams to integrate security into the development lifecycle and Infrastructure-as-Code (IaC) security. Develop comprehensive security test plans, methodologies, and tools to ensure effective assessment of systems. Create detailed reports that outline vulnerabilities, risks, and recommended mitigations. Perform threat modeling and risk assessments to prioritize testing efforts. Monitor network traffic for threats and respond to security incidents. Ensure security best practices in Cloud environments, security controls for cloud workloads, IAM policies, and network security. Monitor and respond to cloud security incidents using SIEM and cloud-native security tools. Integrate and automate security testing and compliance checks into CI/CD pipelines using tools like SAST, DAST, and IAST . Experience Range: 3 - 5 years Educational Qualifications: -B.Tech/B.E in Computers , -B.Tech/B.E in IT Job Responsibilities: Required Skills & Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or related field . 2-3 years of experience in cybersecurity with a focus on Penetration testing or Ethical Hacking , Application Security, Cloud Security, and DevSecOps . Experience with security tools such as Burp Suite, Metasploit, Nessus, Wireshark, SonarQube, AWS WAF, Google WAF, Kali Linux, and other vulnerability scanning tools, etc. Knowledge of SIEM , EDR , NIST, CIS, and OWASP security frameworks. Proficiency in scripting (Python, Bash, PowerShell) for security automation. Industry certifications like CEH, Security+, AWS/GCP Security, or any DevSecOps-related certification (preferred but not mandatory). Excellent written and verbal communication skills to effectively report vulnerabilities and collaborate with stakeholders.Qualifications: Bachelors degree in computer science . Skills Required: DevOps , Linux , PHP , Python

Job Description RESPONSIBILITIES: Establish security best processes and practices for our mobile, on-premises and cloud-based platforms. Provide expert knowledge and guidance to the product teams about security vulnerabilities and remediation controls. Support and consult with product and development teams in the area of application security, including threat modeling and Application Security reviews. Implement, continuously develop, and maintain secure Software Security Development Lifecycle processes and software maturity model. Perform threat modeling, secure design, and source code review. Conduct security assessments, security testing and validation of vulnerability scan results. Assist teams in reproducing, triaging, and addressing application security vulnerabilities. Incorporate security tools/tasks to automate product development and deployment. Develop, implement, and automate defensive controls, creating and tuning tools and rules to detect and address malicious activity. Responsible for integration of security controls into SDLC. Establish supply chain security process and ensure 3rd party software meet the standards. Facilitate injection, integration, and compliance for Static Application Security Testing (SAST), Container Security Scanning & Open-Source Security Analysis during development phase. Facilitate injection, integration, and compliance for Dynamic Application Security Testing (DAST) Contribute to triaging, addressing security issues and tracking remediation. Own and manage Secure SDLC tooling. Develop and customize security tools used by security teams and developers. Work closely with development teams to build security directly into their SDLCs. Provide remediation guidance to programmers and management. Support bug bounty program Support the preparation of security releases Mentor and train development teams on secure coding standards and techniques. Develop Secure Coding Program. Constantly innovate at the pace of the adversary using latest techniques. EDUCATIONAL REQUIREMENTS: Bachelor’s degree in computer science, Information Systems, or equivalent combination of education and experience Certifications in the field of Information Security (at least one of the following: CISSP, CEH, GIAC CPEN, OSCP, OSWE, CWAPT, GWAPT, GWEB) Experience Required A minimum of 3 to 5 years of experience. GENERAL KNOWLEDGE, SKILLS & ABILITIES: In-depth knowledge of web and mobile security vulnerabilities, attack vectors and mitigation techniques Experience with multiple programming languages (Java, JavaScript, Go, Python, Ruby, Objective-C, C#, PHP) with hands on level coding experience with at least one scripting and one objected oriented programming language. Fluent with security testing with SAST, SCA, DAST, IAST, Fuzz and penetration testing tools Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25 Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond). Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP. Knowledge of DevSecOps to maintain security in CI/CD pipeline. Solid experience with security tools like Semgrep, CheckMarx, VeraCode, BurpSuite, Snyk, Nessus Familiar with tools like Git, Jenkins, CircleCI, Maven, Ant, Gradle, Nexus, SonarQube, Artifactory, Chef, Splunk Experience writing custom rules for static analysis tools. Experience with API Security, IaC, Containerization, RASP, IAST Experience with micro services, container deployment and service orchestration Strong knowledge of cryptography, API security, and secret management Ability to clearly and effectively communicate concerns and issues to the management and engineers. Experience with Cloud (AWS, Azure, GCP) Security Experience writing tools to automate tasks and integrate systems using scripting languages like Go, Python and REST APIs. Experience in delivering and educating development groups in Secure Coding Expertise with common vulnerabilities and attack vectors. Experience integrating security tools into developer pipelines. DevOps experience managing deployment and configuration. General Skills Include Strong critical thinking and analytical skills Ability to approach problem solving in a constructive and collaborative way that does not require absolute security. The ability to communicate complicated technical issues and risks to programmers, network engineers and managers. Strong leadership, project, and team-building skills Exceptional communication skills with diverse audiences; the ability to be an application security subject matter expert who can explain relevant topics to general audiences. About Us Fanatics is building a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally. About The Team Fanatics Commerce is a leading designer, manufacturer, and seller of licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods. It operates a vertically-integrated platform of digital and physical capabilities for leading sports leagues, teams, colleges, and associations globally – as well as its flagship site, www.fanatics.com. Fanatics Commerce has a broad range of online, sports venue, and vertical apparel partnerships worldwide, including comprehensive partnerships with leading leagues, teams, colleges, and sports organizations across the world—including the NFL, NBA, MLB, NHL, MLS, Formula 1, and Australian Football League (AFL); the Dallas Cowboys, Golden State Warriors, Paris Saint-Germain, Manchester United, Chelsea FC, and Tokyo Giants; the University of Notre Dame, University of Alabama, and University of Texas; the International Olympic Committee (IOC), England Rugby, and the Union of European Football Associations (UEFA). At Fanatics Commerce, we infuse our BOLD Leadership Principles in everything we do: Build Championship Teams Obsessed with Fans Limitless Entrepreneurial Spirit Determined and Relentless Mindset

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! The Technical Account Manager (TAM) is responsible for actively driving the sales process with direct and channel customers. The TAM must be able to articulate the Company's technology and product positioning to both business and technical users. He/she must be able to identify all technical and business issues of aligned accounts to ensure customer satisfaction, through all stages of the sales process. Must be able to establish and maintain strong relationships throughout the sales cycle. Responsibilities: Provide product and technical support for assigned accounts. Support, manage and sell to SMB Customers with defined geographic territory. Drive a culture of success through product expertise and positive account management. Provide accurate forecasting on Sales pipeline. Carefully monitor the quality of all services Qualys delivers to the customer by conducting QBRs (Quarterly Business Reviews) and ensuring adoption of technology and discovering upsell opportunity. Engage with channel partners and provide accurate renewal quotes. Raise any necessary alert for the customer’s business or technical situation in a timely manner. Work closely with customers to grow and expand the implementation/integration of Qualys products and services. Act as customer advocate with focus on improving customer contentment. Qualification: The ideal candidate will come from a security and/or networking background while performing an engineering, administration, or support role with 3-6 years of experience. General knowledge of current IT security fields including Firewall, Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, Vulnerability Management, Network Scanners (Nessus, nmap, Scan alert, ISS Internet Scanner), PCI, Policy Compliance/GRC-IT and Audit Tools is a plus. General knowledge of Desktop and Server operating system configuration, TCP/IP networking hardware, protocols, and LAN configuration, knowledge of LAN and WAN technologies, network design, and web security architectures is a plus. Ability to understand network and security infrastructure elements on advising how best to use Qualys products on cloud platforms. Must have a strong technical background and possess an excellent work ethic with a “make it happen” attitude. Excellent written and verbal communication skills. Works well in small group settings. A strong desire to be a customer-facing, technical solution expert. Extensive use of CRM (preferably salesforce.com) to maintain accurate activity, contact and account information of all customers. Ability to work rotational hours supporting global customers. Preferred Qualification: 3 - 6 years of equivalent experience in consulting or account management. Preferred pre-sales experience in computer networking or information security or public clouds. Candidates from STEM preferred.

Experience Required: - 6 to 8 Years Location:- Noida Role Overview- We are seeking a skilled and driven Sr. Security Engineer with a strong background in penetration testing (web, mobile, and network) and an understanding of security compliance standards such as SOC 2, ISO 27001, and GDPR. The ideal candidate will have hands-on experience identifying and exploiting vulnerabilities, preparing technical and compliance reports, and guiding clients or internal teams on remediation and governance. Key Responsibilities- • Conduct penetration testing of web applications, mobile apps (iOS/Android), and internal/external networks. • Perform vulnerability assessments and risk evaluations across client environments. • Create detailed technical and executive reports with prioritized remediation strategies. • Assist in SOC 2 readiness assessments, ISO 27001 implementation, and GDPR compliance checks. • Collaborate with cross-functional teams for remedial activities to improve the security posture. • Stay updated with the latest exploits, tools, and compliance updates. Required Qualifications- • 6-8 years of experience in cybersecurity with a focus on penetration testing and compliance. • Proficiency in tools like Burp Suite, Nmap, Metasploit, Nessus, MobSF, and manual testing techniques. • Strong knowledge of OWASP Top 10, secure coding practices, network protocols, and common attack vectors. • Understanding of SOC 2, ISO 27001, GDPR, and associated implementation or audit processes. Certifications (Preferred)- • CEH (Certified Ethical Hacker) • ISO/IEC 27001 Lead Auditor / Lead Implementer • Other relevant certs: e.g., CompTIA Security+, eWPT, eCPPT, GPEN Nice-to-Have Skills- • Familiarity with DevSecOps pipelines, source code reviews, or CI/CD security integration. • Client-facing consulting experience or report presentation skills. • Cyber Security vibe is a must.

Position: Security Analyst – Client Services & Team Leadership Location: Kochi, Kerala Experience : 3-8 years Team Size to Manage: 2–5 Junior Analysts Industry Type: IT Services & Consulting / Cybersecurity Functional Area: ISM/TVM/GRC/Threat Intelligence Budget : As per Industry Urgency : 15-30 days Job Description We are seeking a Security Analyst with strong technical skills, client-facing experience, and a passion for mentoring junior resources. This role is ideal for professionals looking to lead cybersecurity services, build teams, and deliver impactful security solutions to clients across industries. Key Responsibilities Lead end-to-end cybersecurity services for assigned clients, including incident response, threat analysis, and vulnerability management Conduct risk assessments , prepare technical reports , and advise clients on improving their security posture Mentor and train junior analysts; create training programs , SOPs, and knowledge-sharing sessions Monitor SIEM , EDR, IDS/IPS tools to detect, analyze, and respond to threats Develop and maintain use cases, detection rules, and incident escalation protocols Coordinate with internal and external stakeholders to meet SLA targets Document incident timelines, root cause analysis (RCA), and ensure compliance with security frameworks like ISO 27001 , NIST , or MITRE ATT&CK Requirements Education : Bachelor’s degree in computer science / Cybersecurity / Information Technology Experience : 3-7 years in cybersecurity operations 2+ years in a client-facing or leadership/mentoring role Technical Skills : Hands-on experience with SIEM tools (e.g., Splunk, QRadar) Working knowledge of Vulnerability Scanners (e.g., Nessus, Qualys) Proficiency in Incident Detection , Threat Hunting , EDR Tools Scripting skills (Python/PowerShell) is a plus Key Competencies Strong leadership and team-building skills Excellent verbal and written communication Analytical mindset and proactive problem solver Ability to manage clients, priorities, and incidents efficiently Job Type: Full-time Pay: From ₹300,000.00 per year Schedule: Day shift Education: Bachelor's (Required) Experience: Cyber Security analyst: 3 years (Required) Language: English (Required) Work Location: In person Expected Start Date: 01/07/2025

We are hiring a Cybersecurity Engineer Location: Remote Job Type: Full-Time About the Role: We are seeking a highly skilled and experienced Cybersecurity Engineer to join our team. In this role, you will be responsible for designing, implementing, and maintaining secure network systems and infrastructure while staying ahead of emerging cyber threats. You will play a crucial role in safeguarding our digital assets, ensuring compliance, and promoting best practices across the organization. Key Responsibilities: • Design, implement, and maintain secure network architecture and systems. • Monitor systems and networks for security breaches or intrusions using tools like SIEM. • Conduct regular vulnerability scans, penetration tests, and risk assessments. • Respond to and investigate security incidents and breaches. • Develop and enforce security policies, procedures, and standards. • Collaborate with IT teams to secure software, hardware, and cloud environments. • Maintain and update firewalls, VPNs, IDS/IPS, endpoint protection, and encryption protocols. • Stay current with the latest cybersecurity threats, trends, and technology solutions. • Ensure compliance with applicable security regulations and frameworks (e.g., NIST, ISO 27001, HIPAA, GDPR). • Provide training and guidance on security best practices to other teams and staff. ⸻ Required Qualifications: • Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience). • 5+ years of experience in cybersecurity, network security, or a related field. • Strong knowledge of networking protocols, operating systems, firewalls, and security technologies. • Hands-on experience with security tools (e.g., Wireshark, Metasploit, Nessus, Splunk, Palo Alto, Cisco ASA). • Familiarity with scripting or programming languages (e.g., Python, Bash, PowerShell). • Understanding of security frameworks and regulatory requirements.

Proven experience in conducting infrastructure-level Vulnerability Assessment and Penetration Testing (VAPT) across networks, servers, endpoints, and cloud environments. Strong hands-on expertise with VAPT tools such as Nessus, Qualys, Nmap, Metasploit, Burp Suite etc. In-depth understanding of network protocols, system configurations, and common vulnerabilities in enterprise IT environments. Ability to identify, analyze, and prioritize security vulnerabilities, and provide detailed remediation guidance to technical teams. Lead and manage end-to-end Vulnerability Assessment and Penetration Testing (VAPT) activities across infrastructure components including networks, servers, endpoints, and cloud environments. Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements. Conduct thorough assessments to identify security vulnerabilities, simulate attack scenarios, and evaluate the effectiveness of existing security controls. Collaborate with infrastructure, network, and application teams to validate findings and support remediation efforts. Prepare detailed technical reports and executive summaries outlining identified risks, impact analysis, and recommended mitigation strategies. Ensure VAPT activities align with industry standards such as ISO 27001, NIST, OWASP, and CIS Benchmarks. Maintain up-to-date knowledge of emerging threats, tools, and techniques in the vulnerability assessment and penetration testing domain.

Employment Type: Contract to hire City: Noida State: Description: Summary: A highly skilled and experienced Technical Security Auditor with deep expertise in vulnerability scanning, and network security assessment. Possesses a strong understanding security auditing methodology. Committed to providing comprehensive and actionable security assessments to help organizations strengthen their defenses. Key Skills: ● Security Auditing: Expertise in conducting technical security audits across various systems, networks, and applications. ● Log Management: Responsible for implementing, and optimizing logging infrastructure to ensure efficient, relevant, and high-quality data ingestion into our Security Information and Event Management (SIEM). ● Vulnerability Scanning: Advanced proficiency in using vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS) to identify security weaknesses. ● Network Scanning: Deep understanding of network scanning techniques and tools (e.g., Nmap, etc) for network discovery and vulnerability identification. ● Exploit Development: Knowledge of exploit development methodologies and techniques for identifying and exploiting vulnerabilities. ● Risk Assessment: Ability to assess and evaluate security risks and prioritize remediation efforts. ● Network Security: Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs. ● Operating Systems and Applications: Familiarity with various operating systems (Windows, Linux, macOS) and applications. ● Cloud Security: Experience with penetration testing and vulnerability scanning in cloud environments (e.g., AWS, Azure, GCP). ● Scripting and Automation: Proficiency in scripting languages (e.g., Python, PowerShell) for automating security testing tasks. ● Documentation and Reporting: Excellent documentation and reporting skills, with the ability to clearly communicate audit findings and recommendations. ● Communication and Collaboration: Strong communication, interpersonal, and collaboration skills. Ability to work effectively with technical and non-technical stakeholders. Experience: ● Assisted in the development and implementation of security policies and procedures. ● Conducted numerous penetration tests and vulnerability assessments for various organizations, identifying critical vulnerabilities and security gaps. ● Worked with IT and security teams to remediate audit findings. ● Utilized a wide range of penetration testing tools and techniques to exploit vulnerabilities and assess security posture. ● Performed network scanning and analysis to identify network devices, and services. ● Developed and executed comprehensive penetration testing plans and reports. ● Provided expert guidance and training to clients on security best practices and remediation strategies. Education: ● Bachelor’s degree in computer science, Cybersecurity, or a related field. ● Relevant industry certifications (e.g., OSCP, GPEN, GXPN, CISSP, CEH).

SailPoint IIQ Sailpoint IIQ Have experience in SailPoint with development/support background. Have experience in connector management, workflows, life cycle events, Rules, custom reports, Certification, custom scheduled tasks & reconciliation. Have knowledge on Application On-boarding for built-in and custom connectors including development of application rules, before and after provisioning rules. Have experience in developing/executing SQL queries. Knowledge on Java , J2EE (Servlet, JSP and JDBC), HTML. Expertise in Customizing and upgrading SailPoint Identity IQ. Good to have knowledge in IdentityAI SaaS application Support for production deployment and bug fixes Have working knowledge of Unix, WebLogic & SSL certificates. Have strong communication skills & can independently handle calls with customers Knowledge on incident/problem management processes Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Summary Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). Threat Intelligence Integration Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Sankara Eye Foundation is looking for Consultant Vitreo Retina & Paediatric Ophthalmology to join our dynamic team and embark on a rewarding career journey Diagnose and treat retina disorders in children and adults Perform surgical interventions and follow-up care Guide patients on visual rehabilitation Lead research and training initiatives