763 Nessus Jobs - Page 2

Job Title: Penetration Tester Experience Required: 4 to 5 Years Location: [Insert Location or Remote] Job Type: Full-Time Job Summary: We are looking for a skilled and experienced Penetration Tester to join our cybersecurity team. The ideal candidate will have 4 to 5 years of hands-on experience in conducting security assessments, identifying vulnerabilities, and simulating real-world attacks to evaluate the strength of our infrastructure, applications, and systems. Key Responsibilities: Perform network, web application, mobile, and API penetration tests . Simulate real-world cyberattacks to assess organizational security posture. Identify, document, and report vulnerabilities and exploits with remediation recommendations. Collaborate with internal teams to assist in risk mitigation and remediation strategies . Use tools like Burp Suite, Metasploit, Nmap, Nessus, Wireshark , etc. Conduct social engineering assessments , such as phishing simulations (optional based on role). Keep up to date with the latest threats, tools, and techniques in the cybersecurity landscape. Prepare and deliver clear, concise, and technical penetration testing reports . Participate in Red Team/Blue Team exercises , if applicable. Required Skills & Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology , or related field. 45 years of hands-on experience in penetration testing or ethical hacking . Proficiency in Kali Linux and other offensive security tools. Strong knowledge of OWASP Top 10 , MITRE ATT&CK framework , and common attack vectors . Experience with scripting languages (Python, Bash, or PowerShell). Familiarity with cloud security testing (AWS, Azure, GCP) is a plus. Excellent analytical, problem-solving, and reporting skills . Certifications (Preferred): OSCP (Offensive Security Certified Professional) Highly preferred CEH (Certified Ethical Hacker) GPEN (GIAC Penetration Tester) Other relevant security certifications Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Role Proficiency: Maintain and improve security posture by identifying scoping and prioritizing vulnerabilities in our systems. Provide guidance and drive accountability of risk-based vulnerability remediation across business and technology teams. Outcomes: Identification of vulnerabilities in the organization's network and IT infrastructure. Identification of risk for the company and the required remediation performed. Perform gap analysis of current vulnerability remediation policies and processes versus industry best practices for the client and identify opportunities for improvement. Vulnerabilities prioritization based on their severity and impact. Accountable for the identification and subsequent use of remedial methods to improve the outcome Measures of Outcomes: Average time to action Mean time to remediation Rate Of Recurrence Total Risk Remediated Average Vulnerability Age Provide 3-5 reports and analysis follow-up on a weekly basis Provide at least 2 vulnerability analysis Produce 2 reports for management in each quarter Own and manage at least 2 identified threats & vulnerabilities Outputs Expected: Daily Activities : Daily/Weekly/Monthly Reports on the status of the Platform Execute the latest 1 threat variants to test detection and prevention capabilities. Priority assistance in agent upgrades (scenarios include - Agent update patching) Creating one Standard policy recommendation and configuration according to environment each month. IOC & IOA management. Security research community: Stay on top of the security research community. Will be up to date on current attacks campaigns and trends to initiate innovative research activities. Continuous Learning innovation and optimization: Ensure completion of the learning program suggested by Managers Suggest ideas that will help innovation and optimization of processes Skill Examples: Experience in IT optimally in Security with exposure to infrastructure and application vulnerability scan configurations vulnerability assessments and vulnerability management Good understanding of network protocols design and security operations Strong analytical skills and efficient problem solving Proficient in scripting languages such as Python Security hardening techniques and hardening standards patching Ability to design and document security operational procedures Understanding of attacker behaviors and techniques is required. Knowledge Examples: Knowledge Examples A strong understanding of the current threat landscape including the latest tactics tools and procedures common malware variants and effective techniques for detecting this malicious activity. Familiarity with basic security concepts in vulnerability management network security systems administration or other areas of technology is required. Hands-on experience with Vulnerability management tools such as Spotlight Rapid7 Nessus Tenable or Qualys. Knowledge of security principles techniques and technologies Knowledge in exploit development. Security certifications such as CEH GPEN GSEC CISSP. Additional Comments: # Areas Must to Have 1 Vulnerability Operations The candidate should have hands-on experience in vulnerability handling within large-scale or regulated environments (preferably financial services). strong understanding of theVulnerability management process including vulnerability lifecycle, including asset discovery, scanning, CVSS-based prioritization, remediation. Experience implementing or improving vulnerability lifecycle workflows Ability to interpret threat feeds (e.g., CISA KEV, AlienVault OTX, ThreatConnect) and map those threats to assets. Oversee vulnerabiliy consolidation system and promptly report any operational issues Monitor the health of interconnected environments updating the central planning platform,escalate and resolve failures, and coordinate with the internal engineering team. Ensure clear and concise senior management reporting Coordinating and leading regular meeting with internal business team focussed on vulnerability management 3 Stakeholder Management & Soft skills Experience in influencing and managing stakeholder with strong interpersonal skills to build relationships and collaborate within teams Strong communication skills to effectively coordinate with global infrastructure, application, and compliance teams. Skillled in preparing reports and presentations for senior management and delivering them to large audience 4 Tools and Technologies Experience in using Microsoft teams,JIRA Skilled in MS Excel for data analysis, including filtering, pivoting, and dashboarding Experience in analyzing large datasets to identify issues and gaps Proficient in Servicenow and Confluence 5 Education and experience Bachelor's degree in Computer Science, Engineer or Related field Minimum of 5 years in cybersecurity, specifically in vulnerability management, risk management, or cyber operations Good to have Knowledge of API, python Scripting Prior experience in handling JIRA tickets Expertize in Advanced excel or any other reporting tools Required Skills Advanced Excel,Vulnerability Management,Patch Management

We are Hiring for one of our MNC client Job Title: Patching Engineer Location: [Mohali Office, India] Job Type: Full-time Department: Infrastructure Management Job Summary We are seeking a highly skilled Patching Engineer to oversee and execute patch management processes across our cloud-hosted environments and enterprise network infrastructure. This role plays a critical part in ensuring system security, compliance, and optimal performance by proactively managing software updates, firmware patches, and vulnerability remediation strategies. Key Responsibilities Patch Management & System Updates: Plan, schedule, and execute patching for Windows and Linux virtual machines in a cloud-hosted environment. Manage and maintain firmware and software updates for networking devices, including switches, firewalls, and wireless controllers . Automate patch deployment and compliance reporting using endpoint management tools . Security & Compliance: Collaborate with security teams to conduct vulnerability assessments and ensure timely remediation of identified threats. Ensure patching processes align with industry security, the best practices, regulatory requirements, and internal IT policies . Track and report on compliance metrics to ensure adherence to organizational and security standards. Monitoring & Troubleshooting: Continuously monitor patching status, performance, and success rates across all environments. Diagnoses and resolve patching failures, compatibility issues, and system performance concerns . Generate detailed reports for internal stakeholders and audits on patch deployment status, security improvements, and compliance tracking. Documentation & Process Improvement: Maintain comprehensive documentation of patching schedules, configurations, rollback procedures, and compliance records. Develop and refine best practices and automation strategies to improve patch deployment efficiency. Provide guidance and training to IT teams on patching strategies and security hardening. Qualifications & Experience Technical Skills: Extensive experience in managing Windows and Linux virtual machines in cloud environments (Azure, AWS, or Google Cloud) . Strong knowledge of networking concepts and experience configuring and patching switches, firewalls, and wireless controllers . Hands-on experience with endpoint management and patching tools such as Microsoft SCCM, Intune or Endpoint Central Familiarity with vulnerability management tools (Rapied7, Nessus, Tenable, etc.) and security patching methodologies. Proficiency in automation and scripting (PowerShell, Bash, Python, or Ansible) to streamline patching processes. Soft Skills: Strong problem-solving and troubleshooting abilities to address patching failures and system performance issues. Excellent documentation and communication skills for collaboration with IT, security, and compliance teams. Ability to work in a fast-paced, high-availability environment while ensuring minimal downtime. Preferred Qualifications: Certifications such as Microsoft Azure Administrator (AZ-104), Red Hat Certified Engineer (RHCE), Cisco Certified Network Associate (CCNA), or CompTIA Security+ . Experience working in retail, enterprise IT, or highly distributed environments . Understanding of ITIL processes and best practices in change management, incident handling, and security compliance . Why Join Us? Opportunity to work in a dynamic, cloud-first environment ensuring the security and stability of enterprise infrastructure. Hands-on experience with leading cloud, security, and automation technologies . A key role in enhancing cybersecurity resilience and ensuring high availability for business-critical systems.

About Us SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. Join us to shape the future of digital payment in India and unlock your full potential. What’s in it for YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment. Role Accountability Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks Provide technical expertise for information security policies and standards Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience Perform vulnerability risk profiling and prioritization of vulnerabilities Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.) Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards Provide technical & program management expertise and oversight over vendor teams Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership Ensure process documentation and compliance adherence Measures of Success Reduction in security vulnerabilities in SBI Card IT platforms Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card Reduction in information leakage and exploitation from vulnerabilities Security metrics / SLA / KPIs are within acceptable threshold Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents No adverse observations in Internal / External Audits Process Adherence as per MOU Technical Skills / Experience / Certifications Understanding of Vulnerability Management Program including Assessment and Remediation Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation. Understanding of the overall threat and vulnerability management process, including metrics to measure performance Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.) Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open-source tools Competencies critical to the role Stakeholder Management Analytical ability Innovation & Problem Solving Market Awareness Qualification Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science Preferred Industry BFSI / NBFC /E-commerce/IT & ITES / Telecom

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. CAPABILITIES Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. #LI-JK1 Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

🔐 We're Hiring: Cyber Security Expert (4–5 Years Experience) 📍 Location : CS Soft Solutions Pvt. Ltd., I-18, Sector 101, IT City Rd, JLPL Industrial Area, Sahibzada Ajit Singh Nagar, Punjab – 160062 📧 Email: shivani-kanwar@cssoftsolutions.com At CS Soft Solutions, we're not just about building digital products—we’re about building trust in every digital interaction. We're expanding our cybersecurity division and are on the lookout for a Cyber Security Expert who’s ready to take ownership, drive strategic initiatives, and protect our clients across industries. 🚀 Key Responsibilities : Act as a trusted advisor to clients, assessing posture & identifying risks Conduct vulnerability assessments, penetration tests & risk analyses Design and implement tailored cybersecurity policies & frameworks Respond to incidents & coordinate response with internal and client teams Ensure compliance (GDPR, HIPAA, ISO 27001, NIST, SOC 2) Lead client workshops, trainings, and briefings Collaborate with DevOps, IT, and Engineering for secure solution design Engage directly with CXOs to understand needs & propose solutions Drive proposal creation, pre-sales, and client success Mentor and lead junior cybersecurity professionals ✅ Required Qualifications : Bachelor’s/Master’s in Cybersecurity, InfoSec, or related field 5+ years hands-on cybersecurity experience Expertise in threat detection, incident response, and network security Hands-on with SIEMs (Splunk, QRadar), Nessus, Qualys, Metasploit, etc. Cloud security exposure (AWS, Azure, GCP) Knowledge of compliance & frameworks (ISO 27001, NIST, SOC 2) Industry exposure: IT, BFSI, Healthcare, Manufacturing Certifications Preferred: CEH, CISSP, OSCP, CISM, ISO 27001 LA/LI 💡 Nice to Have : MSSP or cybersecurity consulting experience DevSecOps and secure SDLC familiarity Forensics or threat hunting background 🧠 Key Traits : Strategic mindset with strong business acumen Excellent communication & client-handling skills Ownership-driven, independent, and team-oriented 📩 If you're passionate about securing digital transformation journeys and thrive in a dynamic, high-growth environment—CS Soft wants you on board! #CyberSecurityJobs #HiringNow #CSSoftSolutions #InformationSecurity #CybersecurityExpert #MSSP #ISO27001 #SIEM #DevSecOps #CloudSecurity #CISSP #OSCP #JoinOurTeam

We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are seeking an experienced senior security researcher to help grow our team focusing on generating network content and developing new technologies to identify and block network threats. About the role: Develop network signatures that protect our customers against network-based threats and vulnerabilities Collaborate with the engineering and PM teams to develop new detection enhancements Build and improve tools to automate analysis tasks, simulation software and administer the lab environment to replicate attacks. Analyze network protocols to develop and/or update parsers when needed Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Mentor junior members of the team and network attacks About you: A minimum of 10 years of relevant experience is required. A Bachelors degree in Computer Science or equivalent field of study Significant experience with network rule creation like Snort Strong understanding of network protocols and security architectures Highly proficient in any scripting languages such as Python Strong understanding of the attacker landscape and knowledge of MITRE ATT&CK methodologies Experience with software validation/testing Excellent research and analytical skills Strong interpersonal skills and a collaborative work style Proficient in verbal and written communication careers.trellix.com Nice to have Vulnerability analysis experience Development experience to help build/maintain automated tools.

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. Inspired by innovation, powered by people. Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

As an Analyst in Cyber Security, you will be responsible for applying your hands-on expert knowledge of tools such as Burp, Nessus, Nmap, Nipper, Metasploit, and other latest tools in the field. Your expertise will be crucial in conducting Vulnerability Assessment and Penetration Testing (VAPT) across various domains including Cloud Security, Web, and Mobile Applications. You should possess a solid understanding of OWASP top 10 and other application/network security frameworks to effectively discover and analyze security vulnerabilities. Your experience in Web Application and Internal/External Network Testing will be key in identifying and mitigating security risks. Moreover, your skills in Configuration Review, policy review, system and network hardening, as well as endpoint review will play a vital role in enhancing the overall security posture. Experience in Application Code Review and Testing tools will be an added advantage in this role. Your ability to create comprehensive reports and communicate effectively, both in writing and verbally, will be essential as you directly engage with clients during projects. You will also be expected to review cyber-attack surfaces, recommend security measures, and conduct cyber investigations when necessary. A minimum of 1 year of post-qualification experience in Security Testing Projects is required for this position. Holding certifications such as CEH/CHFI, OSCP/eWPTX, or any other industry-recognized security certification will be advantageous. If you have a basic scripting knowledge in any language, it will be considered a plus. Additionally, your willingness to travel as needed will be appreciated in this role.,

As an Application Security professional, you will play a crucial role in safeguarding the solutions by analyzing their design and identifying potential security threats. Your expertise in threat modeling methodologies such as STRIDE and DREAD will enable you to recommend appropriate mitigations for the identified threats. Furthermore, you will be responsible for providing Secure Software Development Lifecycle (SDL) Training, where you will communicate security concepts effectively to developers and deliver engaging training sessions. Your proficiency in manual code review techniques and familiarity with automated code analysis tools like SAST and SCA will be essential in identifying vulnerabilities and interpreting code review results. In addition, your hands-on experience with security testing tools like Burp Suite and knowledge of security testing methodologies will help you identify and exploit common web application vulnerabilities. You will also be involved in vulnerability scanning and analysis using tools such as Nessus and Qualys, where your ability to analyze scan results, filter out false positives, and prioritize remediation actions will be critical. Your technology-specific knowledge of Microsoft .NET technologies, Identity protocols like OpenID Connect and OAuth 2.0, and cloud technologies, particularly Microsoft Azure, will be beneficial in addressing security implications. A deep understanding of web security fundamentals, including HTTP, HTML, JavaScript, and databases, along with knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and web security mitigations and best practices, will be required in this role. Additionally, your basic penetration testing skills, understanding of penetration testing methodologies and tools, and ability to report findings and recommend remediation actions will be valuable assets. To excel in this role, you should stay up-to-date with the latest security trends, vulnerabilities, and mitigation strategies. Active participation in the security community to maintain current knowledge will be essential to ensure the security posture of applications remains robust. Your skills in threat modeling, penetration testing, code review, Burp Suite, OWASP, and Nessus will be instrumental in fulfilling the responsibilities of this role effectively.,

About Us JOB DESCRIPTION SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. Join us to shape the future of digital payment in India and unlock your full potential. What’s In It For YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment. Role Accountability Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks Provide technical expertise for information security policies and standards Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience Perform vulnerability risk profiling and prioritization of vulnerabilities Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.) Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards Provide technical & program management expertise and oversight over vendor teams Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership Ensure process documentation and compliance adherence Measures of Success Reduction in security vulnerabilities in SBI Card IT platforms Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card Reduction in information leakage and exploitation from vulnerabilities Security metrics / SLA / KPIs are within acceptable threshold Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents No adverse observations in Internal / External Audits Process Adherence as per MOU Technical Skills / Experience / Certifications Understanding of Vulnerability Management Program including Assessment and Remediation Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation. Understanding of the overall threat and vulnerability management process, including metrics to measure performance Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.) Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open-source tools Competencies critical to the role Stakeholder Management Analytical ability Innovation & Problem Solving Market Awareness Qualification Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science Preferred Industry BFSI / NBFC /E-commerce/IT & ITES / Telecom

Greetings from Datamark !!! Position: Information Security Analyst Experience: 5+years Position Overview: The Information Security Analyst is responsible for the administration of the organization&aposs information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Information Security Analyst must Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Information Security Analyst should Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Information Security Analyst must Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelor&aposs degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals Requirements Nessus / Tenable.IO Scanning and must check for Vulnerability to come up with incidence report Must have knowledge Vulnerability Patching EndPoint Detection and Response / EDR Experience in any Antivirus solution is good SIEM Tools - SolarWinds (Log Event Manager) is preferred, MS Sentinel Must have a strong tab on meta data and email Data Loss Prevention / DLP Must have Knowledge in network security and Vulnerability Management Scanning, Vulnerability and Infosec Audit are the key aspects Compliance Auditing or any other Information Security related Auditing experience can also be considered Other Qualifications Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Preferred Certifications Experience in an IT Security related environment preferred Sec+ / CISA / CISM / A+ Cyber Show more Show less

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. Capabilities Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Job Title: Senior Security Researcher Role Overview: We are seeking an experienced senior security researcher to help grow our team focusing on generating network content and developing new technologies to identify and block network threats. About the role: Develop network signatures that protect our customers against network-based threats and vulnerabilities Collaborate with the engineering and PM teams to develop new detection enhancements Build and improve tools to automate analysis tasks, simulation software and administer the lab environment to replicate attacks. Analyze network protocols to develop and/or update parsers when needed Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations About you: A minimum of 7-8 years of relevant experience is required. A Bachelors degree in Computer Science or equivalent field of study Experience with network rule creation like Snort Strong understanding of network protocols and security architectures Proficient in any scripting languages such as Python Strong understanding of the attacker landscape and knowledge of MITRE ATT&CK methodologies Experience with software validation/testing Excellent research and analytical skills Strong interpersonal skills and a collaborative work style Proficient in verbal and written communication Nice to have: Vulnerability analysis experience Development experience to help build/maintain automated tools careers.trellix.com Machine learning experience

Cyber security instructor, SOC operations, Bug bounty operations, Network Security, Python Scripting, Security Consulting, Training Delivery, Student Mentorship, Assessment and Evaluation

Min 4–7-year experience performing security testing on Industrial control system components like PLC’s, SCADA, IIOT devices etc. Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Roles and Responsibilities Handle the training delivery for IEC 62443 topics and OT security Handle the OT security project delivery and AUdits

We are looking for a highly skilled and experienced Cyber Security Sales professional to join our team at Franchise Alpha. The ideal candidate will have a strong background in sales and management consulting, with excellent communication skills. Roles and Responsibility Develop and implement effective sales strategies to drive business growth. Build and maintain strong relationships with clients and stakeholders. Conduct market research and analyze industry trends to identify new business opportunities. Collaborate with cross-functional teams to develop and launch new products and services. Provide exceptional customer service and support to existing clients. Identify and pursue new business leads and opportunities. Job Requirements Proven experience in sales and management consulting, preferably in the cyber security industry. Excellent communication and interpersonal skills. Strong analytical and problem-solving skills. Ability to work in a fast-paced environment and meet deadlines. Strong negotiation and closing skills. Experience working with clients and stakeholders at all levels.

Job Purpose and Impact The Professional, Surface Area Management job safeguards the organization's digital assets by identifying and mitigating security vulnerabilities. With limited supervision, this job maintains vulnerability management systems' effectiveness and improves the organization's overall cybersecurity posture. Key Accountabilities The Professional Vulnerability Analyst job safeguards the organizations digital assets by identifying, assessing, and helping remediate vulnerabilities across the global enterprise. With limited supervision, this job maintains vulnerability management systems' effectiveness and improves the organizations overall cybersecurity posture through close coordination with stakeholders such as IT, security engineering, and application owners. This includes the following: Analyzing vulnerability data from tools such as Tenable, Qualys, or Rapid7. Prioritizing vulnerabilities based on risk context. Tracking remediation process and driving accountability with system owners through ticketing systems like Jira or ServiceNow. Strong communication and collaboration skills to work effectively across IT and security teams. Generate and present reports on vulnerability trends, SLA compliance, and risk posture. Support vulnerability scanning operations and troubleshoot scan coverage issues. Collaborate with other cyber security teams like Threat Intelligence to validate and enrich findings. Assist in patch validation and change coordination for remediation activities. Contribute to the tuning of scanning tools and development of custom dashboards. Stay informed on emerging threats, CVEs, zero-days, and best practices in vulnerability management. Solid understanding of CVSS, MITRE ATT&CK, and modern threat landscapes. Familiarity with remediation strategies on Windows, Linux, networking equipment, and cloud services (AWS, Azure, GCP, and/or OCI) - focused specialty in cloud services is a plus. Qualifications Minimum requirement of 2 years of relevant work experience. Typically reflects 3 years or more of relevant experience.

Your Responsibilities Will Include : Monitoring and responding to security incidents Conducting vulnerability assessments & pen tests Managing firewalls, IDS/IPS, and endpoint security Enforcing cybersecurity policies & compliance Supporting cloud & network security What You Need to Bring : 2–5 years of relevant experience Hands-on with tools like Splunk, Nessus, Qualys Exposure to cloud platforms (AWS/Azure/GCP) Certifications like CEH, Security+, OSCP are a plus Why Join Us? High-impact role in a security-first environment Flexible work setup Learning & upskilling opportunities Collaborative, inclusive culture Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹1,000,000.00 per year Application Question(s): What is your current and expected CTC? What is your notice period? In case you are serving your notice period then what is your LWD? Experience: Cybersecurity: 2 years (Required) Splunk: 2 years (Preferred) Nessus: 2 years (Preferred) Qualys: 2 years (Preferred) Cloud Platforms: 2 years (Preferred) Work Location: In person

Role Description We are looking for a skilled and motivated DevOps Engineer to join our team. The ideal candidate will have extensive experience in cloud infrastructure (particularly AWS), automation, and security best practices. You will be responsible for delivering resilient application stacks, supporting critical business applications, and collaborating with cross-functional teams to ensure system reliability, scalability, and security. Key Responsibilities Deliver resilient application stacks using Infrastructure as Code and other DevOps practices. Monitor and provide ongoing support for critical, high-revenue business applications. Diagnose and resolve complex system and application issues. Maintain strong security postures and remediate identified vulnerabilities. Collaborate with Development, QA, IT Operations, Customer Operations, and Project Management teams. Create and maintain documentation for systems and applications for both technical and non-technical stakeholders. Essential Skills And Experience Hands-on experience with AWS and public cloud environments. Proficiency in Infrastructure as Code (IaC) tools such as Terraform. Experience with CI/CD tools like GitLab CI/CD, GitHub Actions, Jenkins. Scripting and coding proficiency in PowerShell, Bash, Python, or similar languages. Familiarity with configuration management tools such as Ansible, Puppet, Chef. Strong experience with Linux server administration and troubleshooting. Proven track record in analytical and complex troubleshooting scenarios. Exposure to security tools such as Wiz, Qualys, or similar. Desirable Skills Monitoring tools: Prometheus, Grafana, CloudWatch. Log management solutions: Elastic Stack, Graylog, Splunk. Experience with relational databases: MySQL, MS SQL Server, etc. Knowledge of secret management systems like HashiCorp Vault. Familiarity with change control and related procedures. Hands-on experience with security testing and tools such as: Wiz, SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP, WebInspect, Fortify, Veracode, Nessus, etc. Skills Aws Cloud,Terraform,Powershell,Github

Conduct comprehensive penetration testing of networks, web applications, mobile applications, and other systems to identify security vulnerabilities. Perform vulnerability assessments and provide detailed recommendations for remediation. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP, MITRE ATT&CK etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Strong understanding of network protocols, network and application security architectures, and common vulnerabilities (e.g., OWASP Top Ten). Prepare detailed reports of findings, including risk analysis and recommended mitigations, and present these findings to stakeholders. Stay current with emerging security threats, vulnerabilities, and technology trends, and apply this knowledge to improve our security posture. Understanding of component/system architectures in IT and OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Source code review for control flow and security flaws IEC 62443 Standard plus at least one of: ISO/IEC 27001 IEC 61508 NIST CSF IEC 61162-460:2024 Proficient in developing VAPT documentation and methodologies specifically aligned with IEC 61162-460:2024 for maritime navigation and radiocommunication equipment cybersecurity. Automotive Vehicle Testing Support Skilled in providing cybersecurity testing support for automotive vehicles , including VAPT of ECUs and in-vehicle networks , threat modeling , and ensuring compliance with industry standards like ISO/SAE 21434. Roles and Responsibilities Min. one professional certification such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred. Min 2–5 years of experience performing security testing on Industrial control system components like IOT devices, PLCs, SCADA, IIOT devices etc. Familiarity with operating systems (Windows, Linux) and their security features. Excellent problem-solving skills and the ability to think critically to identify and address security issues. Strong verbal and written communication skills, with the ability to document and present technical information to both technical and non-technical audiences. Perform and report on penetration testing of systems, including cloud, NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, IEC 62243, PTES, and Information Systems Security Assessment Framework (ISSAF). Develop and maintain up-to-date knowledge of security testing tools and techniques. Contribute to the development and maintenance of security testing methodologies and procedures. Team Collaboration and Training Collaborate with other members of the security team to develop and maintain security policies, procedures, and standards

JOB LOCATION: Pune, Maharashtra ​ MINIMUM QUALIFICATION: Minimum 2 years of professional experience in cybersecurity or a related domain Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field Hands-on coding experience in at least one of the following: Python, Go, or JavaScript Strong proficiency with common vulnerability assessment and penetration testing tools such as Nessus, Metasploit, Nmap, Burp Suite , etc. Experience working with operating systems such as Kali Linux, Linux, and Windows Solid understanding of networking concepts and security engineering principles Relevant certifications such as CRTP (Certified Red Team Professional) or equivalent DESIRED QUALIFICATION: Master’s degree in Cybersecurity or a related field Industry-recognized certifications such as OSCP (Offensive Security Certified Professional) or GPEN (GIAC Penetration Tester) Strong technical writing and reporting skills Familiarity with secure development practices and security automation is a plus ​ RESPONSIBILITIES AND JOB DESCRIPTION: Lead and perform in-depth vulnerability assessments to identify security weaknesses in client systems and infrastructure Conduct and oversee penetration tests to simulate real-world cyber threats and uncover exploitable vulnerabilities Deliver expert recommendations and help implement effective mitigation strategies for identified risks Innovate and contribute to the development of new security testing tools, scripts, and methodologies Participate in corporate security triage and incident response processes — including vulnerability analysis, remediation planning, and stakeholder communication Actively mentor junior analysts , sharing knowledge on testing techniques, tools, and industry best practices Stay up-to-date with emerging threats, vulnerabilities, and attack techniques Prepare detailed and well-structured reports outlining findings, impact assessments, and actionable remediation steps

Job Description At Honeywell, we make a lot of incredible things. But most importantly, we make the future and are looking for people to join our global team of future shapers. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers and doers who are changing the future. Our people are committed to each other and to the realization of our vision through their unique job functions. Our businesses embrace the challenges of innovation so that we define the future. And our global opportunities are endless for you to grow and get recognized for your passion to perform. We are seeking a creative and forward-thinking cybersecurity engineer to develop and enhance cyber security solutions to address unique security challenges in critical infrastructure and industrial businesses. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified. Responsibilities Key Responsibilities: Assume the lead role in assigned projects, ensuring delivery on time, within budget, and to customer satisfaction. Stay technically current with cybersecurity solutions and expand knowledge in designated network disciplines. Maintain relevant cybersecurity certifications such as CCNA, CISSP, GICSP, or similar. Keep abreast of current industry security standards (e.g., IEC-62443, ISO 27000). Build strong relationships with internal and external customers by providing accurate and efficient technical/engineering support. Diagnose problems and provide timely, accurate technical solutions in response to customer inquiries, questions, and issues. Network (VLANs, STP, HSRP, Static routing) config and Troubleshooting, Firewall configuration i.e policies, communication troubleshooting, AD, NMS, SIEM, AV, WSUS, etc Installation, configuration and troubleshooting. Uphold industrial safety awareness through the completion of pertinent safety certifications. Qualifications Basic Qualifications: Bachelor's degree in computer-related fields (e.g., Computer Science, Computer Information Systems, Electronics) or equivalent experience. Cisco Certified Network/Design/Security Professional (at least one certification). GICSP/CISSP Certified Information Systems Security Professional or similar security certification. 5+ years of experience in Networking, endpoint security, and conducting audits/assessments in IT security. 3+ years of experience in Security Projects. 2+ years of experience in Cybersecurity Vulnerability or Risk assessment. 2+ years of experience with Microsoft Active Directory, DNS, WSUS, and Terminal Server. 2+ year of experience in vulnerability scanning and assessments using tools like Nessus and NMAP. Proven experience designing or deploying a minimum of 10 projects leveraging virtualization, preferably VMware. 3+ years of Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. 3+ years of experience with antivirus systems and backup & restore solutions. 3+ years of experience providing network services on customer sites. Excellent written and oral communication skills. Willingness to travel 30-65%. Preferred Qualifications and Experience 3 years’ experience in Operational Technology (OT). IEC-62443 Risk Assessment/Design/Maintenance Certification (at least one). Knowledge of networking protocols including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP, and SSH. Awareness of OT cybersecurity best practices and recommendations. Proficiency in preparing functional and detailed design specifications. Ability to work independently. Excellent troubleshooting skills to resolve complex network, application, or system integration issues. About Us Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.