776 Nessus Jobs - Page 21

Job Role : Computer and Information Systems Managers For Workflow Annotation Specialist Project Type: Contract-based / Freelance / Part-time – 1 Month Job Overview: We are seeking domain experts to participate in a Workflow Annotation Project . The role involves documenting and annotating the step-by-step workflows of key tasks within the candidate’s area of expertise. The goal is to capture real-world processes in a structured format for AI training and process optimization purposes. Domain Expertise Required :  Plan and deliver IT projects on time and within scope  Supervise technical and project staff  Oversee IT infrastructure and operations  Enforce information security policies and protocols  Manage vendor contracts and service agreements  Align technology strategy with overall business objectives . Tools & Technologies You May have Worked: Project & task management: Jira, Microsoft Project, Smartsheet Monitoring & analytics: Datadog, Splunk Security tools: Nessus, Qualys Service management: ServiceNow, Zendesk Cloud platforms: AWS Console, Azure Portal, Google Cloud Console Enterprise systems: SAP, Oracle ERP Collaboration tools: Slack, Microsoft Teams Open Source / Free Software Experience Project management: OpenProject, Taiga, Kanboard Monitoring & visualization: Zabbix, Prometheus + Grafana Security tools: OpenVAS Version control & DevOps: GitLab Community Edition (CE) Collaboration & support: Rocket.Chat, osTicket ERP systems: Odoo Community Edition Show more Show less

Job Title: Associate Director / Director – VAPT Location: Mumbai Experience: 10+ years Work Mode: Onsite (Mumbai) Certification: OSCP preferred; other relevant certifications (e.g., OSCE, CISSP, CISM, GPEN) are an added advantage Role Overview: We are seeking an experienced cybersecurity leader to join our team as an Associate Director / Director – VAPT in Mumbai . The role demands a seasoned professional with deep expertise in Vulnerability Assessment and Penetration Testing across web, mobile, network, infrastructure, cloud, and source code environments. The ideal candidate will bring strong technical capabilities along with proven leadership in managing high-performing teams and driving large-scale security engagements for enterprise clients. Key Responsibilities: Leadership & Strategic Oversight: Lead the VAPT practice for the region, ensuring alignment with organizational goals and client expectations. Define and evolve methodologies, standards, and best practices for VAPT engagements. Collaborate with senior leadership and clients (CIOs, CISOs, Risk Heads) on cybersecurity strategy, roadmap, and execution. Lead business development , proposal creation, RFP responses, and pre-sales activities. Delivery & Engagement Management: Oversee multiple VAPT projects spanning web, mobile, infrastructure, cloud, IoT, and source code . Ensure high-quality delivery of technical assessments, risk reporting, and mitigation recommendations . Monitor project performance, client satisfaction, and profitability. Act as a technical escalation point for complex and critical vulnerabilities. Team Development & Mentorship: Build, mentor, and retain a team of high-caliber security professionals. Conduct knowledge-sharing sessions, lead training initiatives, and promote internal capability building. Encourage a culture of continuous learning, innovation, and ethical hacking . Desired Skills & Experience: 12+ years of overall cybersecurity experience with a strong focus on VAPT and Red Team assessments . Proven expertise in conducting and managing manual and advanced penetration testing of applications, networks, and cloud environments. Familiarity with tools like Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. Solid understanding of security frameworks and standards : OWASP, NIST, MITRE ATT&CK, ISO 27001, PCI-DSS, RBI guidelines. Strong knowledge of secure coding practices and experience in reviewing source code in multiple languages. Exposure to cloud platforms (AWS, Azure, GCP) and DevSecOps is preferred. Excellent communication, stakeholder management, and team leadership skills. OSCP certification is preferred ; additional credentials such as OSCE, CISSP, CISM, GPEN are a plus. Show more Show less

Job Title: Consultant / Senior Consultant – VAPT Location: Gurgaon Experience: 2+ years Work Mode: Onsite (Gurgaon) Certification: OSCP – Mandatory Notice Period: Immediate joiners preferred Role Overview: We are looking for highly motivated and technically skilled Consultants / Senior Consultants with a passion for offensive security to join our Vulnerability Assessment and Penetration Testing (VAPT) team in Gurgaon . The ideal candidate will possess strong hands-on experience in application and infrastructure security testing, with the ability to identify and exploit vulnerabilities using both manual and automated techniques. Key Responsibilities: Perform manual and automated penetration testing of web applications, mobile apps, infrastructure, network, and cloud environments . Identify vulnerabilities, simulate real-world attacks, and provide actionable remediation steps. Conduct source code reviews to identify security flaws in programming logic. Create and deliver detailed technical reports and executive summaries . Stay up to date with the latest vulnerabilities, attack vectors, and security trends. Adhere to industry standards and frameworks such as OWASP, NIST, ISO 27001, PCI-DSS, and RBI cybersecurity guidelines . Collaborate with internal stakeholders and clients to explain findings and support remediation. Required Skills & Qualifications: Minimum 2 years of relevant experience in VAPT / offensive security . Strong command of manual testing techniques beyond tool-based assessments. Hands-on experience with tools like Burp Suite, Nmap, Metasploit, Nessus, Wireshark, AppScan, Fortify , etc. Experience in web, mobile, infrastructure, and source code assessments . Solid understanding of network protocols, operating systems (Linux/Windows), firewalls, proxies, and security controls . Mandatory: Valid OSCP certification . Proficiency in one or more scripting languages (e.g., Python, Bash) is an advantage. Excellent analytical, documentation, and communication skills. Show more Show less

About the Role: We’re looking for a sharp and driven Cybersecurity Specialist with hands-on expertise in Network Vulnerability Assessment and Penetration Testing (VAPT). You’ll be responsible for performing regular assessments on internal infrastructure as well as leading and executing client-facing engagements. The ideal candidate thrives in a fast-paced environment, understands modern threat landscapes, and can translate technical findings into clear, actionable reports. Key Responsibilities: Perform network VAPT on internal systems (on-prem/cloud) and client environments using both manual and automated tools. Identify, exploit, and document vulnerabilities across network layers, firewalls, routers, switches, VPNs, and wireless networks. Develop threat models, simulate attack vectors, and validate the effectiveness of existing controls. Deliver clear, risk-ranked reports with actionable mitigation plans. Assist clients with remediation and security hardening recommendations. Stay up to date with the latest vulnerabilities, exploits, and industry best practices (CVE, OWASP, MITRE ATT&CK, etc.). Participate in red-teaming activities and tabletop exercises as needed. Contribute to internal security policy improvement and compliance initiatives (ISO 27001, HIPAA, etc.). Required Skills: 3–6 years in cybersecurity with direct VAPT experience (especially in networks). Strong understanding of network protocols, infrastructure, and common attack vectors. Proficiency with tools like Nmap, Nessus, Burp Suite, Metasploit, Wireshark, Nikto, OpenVAS, etc. Solid command over Linux, Windows, and cloud environments (AWS/Azure/GCP). Ability to craft detailed technical documentation and executive summaries. Excellent communication skills for both technical and non-technical audiences. Certifications preferred: OSCP, CEH, CompTIA Pentest+, or equivalent. Bonus Points Experience with web app and API security testing. Exposure to SIEM tools, threat hunting, or EDR platforms. Familiarity with scripting (Python, Bash, PowerShell) for automation and custom tool development. Prior consulting or client-facing experience. Qualifications: Education: Bachelor's Degree in IT Specialization Experience: Previous cybersecurity experience of 3 years or more. Why Join Us: Opportunity to work with a dynamic team of professionals and achieve growth and expertise in your chosen field. Competitive salary, bonuses, and comprehensive benefits package. Ready to take your design and development game to the next level? Join us! Note: Interested candidates must be able to share their portfolio of existing work along with their updated resume and references of previous employment. Show more Show less

Job requisition ID :: 79285 Date: Jun 12, 2025 Location: Kochi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 83600 Date: Jun 12, 2025 Location: Delhi Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Overview Make your mark at Comcast - a Fortune 30 global media and technology company. Become part of our award-winning, international engineering team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. You’ll do the best work of your career right here. Success Profile What makes a successful Security Engineer 2 at Comcast? Check out these top traits and explore role-specific skills in the job description below. Results-driven Adaptable Inventive Entrepreneurial Team Player Problem-Solver Benefits We’re proud to offer comprehensive benefits to help support you physically, financially and emotionally through the big milestones and in your everyday life. Paid Time off We know how important it can be to spend time away from work to relax, recover from illness, or take time to care for others needs. Physical Wellbeing We offer a range of benefits and support programs to ensure that you and your loved ones get the care you need. Financial Wellbeing These benefits give you personalized support designed entirely around your unique needs today and for the future. Emotional Wellbeing No matter how you’re feeling or what you’re dealing with, there are benefits to help when you need it, in the way that works for you. Life Events + Family Support Benefits that support you no matter where you are in life’s journey. Security Engineer 2 Location Chennai, India Req ID R412615 Job Type Full Time Category Cybersecurity Date posted 06/13/2025 Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. Job Summary "Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. Works with moderate guidance in own area of knowledge. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do what's right for each other, our customers, investors and our communities" Job Description Core Responsibilities Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation. Exposure to commercial and open-source tools such as Burpsuite, Metasploit, WebInspect, Nessus, Qualys, Nexpose, nmap, Kali Linux, etc. Experience cataloguing and risk-scoring vulnerabilities discovered through assessments. Good understanding and experience with: Web application security assessment, including hands-on techniques. Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks. CVSS scoring and its use in risk rating What success looks like Prompt, effective curation of security vulnerabilities. Responsiveness to internal customer requests. Validation of remediated tickets within published service level agreements (SLAs). What You Can Expect A cool and casual work environment with opportunities to showcase your skills. A culture of innovation and continuous learning. Training, support, and mentoring to expand and evolve your expertise. Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require: Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience. Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details. Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Relevant Work Experience 2-5 Years

Summary Position Summary Position: Cyber Security Senior BISO Analyst (L3.5) Location: USI Job Summary Cyber Security BISO Team works with the Deloitte Function Specific Subsidiaries (FSS) & Chief Information Security Officer (CISO) organization directly supporting Deloitte’s Enabling Areas functions. The role involves close integration with various internal and external client-service leaders, technical and non-technical stakeholders to drive widespread cyber security program adoption. The Business Information Security Officer (BISO) Analyst will work closely with the Application teams of various lines of businesses (LOB), including the Office of Chief Information Officer (OCIO). In this role, you will support a group/team to develop a deep understanding of the business to facilitate specialized information security risk-based discussions. This role requires a proactive individual with a keen eye for detail and a strong understanding of cybersecurity frameworks such as, ISO, NIST, CIS. This fast-paced multi-faceted environment requires a highly motivated, self-driven, strong team player who demonstrates an intrinsic desire for continuous personal and professional growth. Key Responsibilities: Oversight & Alignment: Partner with Deloitte’s central Cyber Security organization to ensure consistent adoption of security frameworks, policies, and controls within business units and client teams. Security Strategy Development: Collaborate with business leaders to develop and implement information security strategies that align with business goals and regulatory requirements. Risk Management: Identify, assess, and prioritize information security risks within the enabling areas. Develop and implement risk mitigation strategies. Policy and Compliance: Ensure compliance with relevant information security policies, standards, and regulations (e.g., ISO 27001, NIST, SOC 2, HIPAA). Maintain ongoing audit readiness. Incident Response: Lead the response to security incidents within the enabling areas, including investigation, containment, and remediation efforts. Vulnerability Management: Monitor cyber threats relevant to the business domain. Support risk assessments, issue management, and incident response coordination. Stakeholder Engagement: Serve as the primary point of contact for information security matters within the enabling areas. Build strong relationships with business leaders and other stakeholders. Mitigation Projects: Lead or support projects involving third-party risk, vulnerability remediation, data protection, secure application development, and identity & access governance Security Architecture: Work with IT and business teams to design and implement secure systems and processes that support business operations. Continuous Improvement: Stay current with emerging security threats and trends. Recommend and implement improvements to the organization's security posture Qualifications: Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: Minimum of 4 years of experience in information security 2-4 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments. 2-4 years of experience in vulnerability management, cybersecurity, or a related field. Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). Experience with GRC platforms (e.g., ServiceNow, Archer, or similar). Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Technical Skills: Strong understanding of information security principles, technologies, and best practices. Experience with risk management, incident response, and security architecture. Business Acumen: Ability to understand business operations and align security strategies with business objectives. Communication: Excellent verbal and written communication skills. Ability to effectively communicate complex security concepts to non-technical stakeholders. Leadership: Proven ability to lead cross-functional teams and manage multiple projects simultaneously. Soft Skills: Excellent analytical and problem-solving skills. Strong communication skills, both written and verbal. Ability to work independently and as part of a team. Detail-oriented with a strong focus on accuracy and quality. Ability to work in a fast-paced environment and manage multiple tasks simultaneously. This role is ideal for a motivated individual who is passionate about cybersecurity and eager to contribute to the organization's security posture. If you have a strong background in vulnerability management and a commitment to continuous improvement, we encourage you to apply. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302391 Show more Show less

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Bangalore,Karnataka,India Job ID 768426 Join our Team About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools like Tenable Nessus, Qualys, IBM AppScan etc Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP) Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Working Days : 5 Days & 9 hrs Location : Ahmedabad - onsite Job Description Role : Software Architect - Embedded You are an Energetic, Passionate, and Innate Software Technology Leader having excellent knowledge of designing and developing Linux based embedded products and having an experience of 8+ years with at least 4-5 years of experience of technical leadership. You possess very good knowledge of Software Architecture and Design, Design Patterns, OOPS concepts, Data Structures and Algorithms, Messages Queues, Multi-threading applications, Networking concepts and software security. You are competent to design, develop and deliver Software applications and embedded products. Technical Skills Required Hands-on experience in C/ C++, Embedded C (Very strong exposure in C Programming concepts). Linux, Command of Linux OS. IPC Inter-Process Communication exposure (Multithreading and Socket Programming). Working experience or Knowledge with Microprocessors like Arm 7/9, Cortex A8/A15, Qualcomm, Intel, IMX,NXP etc will be a huge plus. You have sound knowledge and hands-on experience in one or more Technologies/Platform like Socket Programming, Multi-Threading, ONVIF/RTSP, Video codecs H264/H265, Video Parsing of H264/H265, Image processing, Embedded Web Server, BLE, WIFI, RS485. UART, Push Notification (FCM), VoIP (SIP & RTP). You possess good knowledge and working experience in one or more Tech Stacks/Frameworks like Ffmpeg, Gstreamer, QT/QML, LIVE555, OpenCV(Image Processing), Networking Fundamentals, Basic Linux commands. You are proficient in at least two or more languages from among C, JAVA, Python, C++, HTML/CSS, JQuery/Javascript. You take complete ownership of timely product delivery with impeccable software quality. You have experience in building, leading, and managing multi-engineer project teams. You have the ability to navigate the teams through fast changing market needs. You possess strong people leadership skills in growing/nurturing/mentoring the young engineers. You are a motivated problem solver who can accurately document and communicate issues, can present the problem and solution in a short and crisp manner without taking into circles. You have a good understanding of JIRA, Confluence, SVN, Fisheye, Crucible, Sonar/Parasoft/LDRA and Nessus/Nexpose. (ref:hirist.tech) Show more Show less

Sales Specialist Meet the Team Indian enterprise sector is going through huge digital transformation. Areas like Cloud adaption, Sophisticated Analytics, AI, IOT, Block chain & Robotic Process Automation, Information Security are key building block towards this transformation. You would be responsible for Building Cisco Security Business pipeline & achieve the Security Annual targets in the large enterprise segment Your Impact Lead Large Customer Engagement with CISO level conversation within Ciscos top enterprises and conglomerate. Support Sales Account Management (AMs) as Cyber Security Sales Specialist in large sophisticated projects (comprising of Zero Trust Architecture, Securing cloud work loads, transforming SOC, Micro segmentation and others) Understand the client/sector requirements and Map Cisco Security products & Services & Build Solution Stack for Sales Account Managers Understand NIST, CERTIN guidelines, mitre att&ck framework, OT Security. Good understanding of Cisco Security products. Well engaged with Tier-1 & Tier-2 SI Drive Cisco Security product sales within commercial segment in Manufacturing, PSU, ITeS, Digital Native and Pharma Who You'll Work With GSSO SE team Account Manager Product Engineering BU across vertical Regional SE Team Regional Channel Team Minimum Qualifications 8-10 Years of experience in Security OEM / Service Provider Environment in managing Sales/ Pre-Sales/Product Management function Good understanding of business scenarios with solution expertise to formulate a realistic and executable strategy for Security adoption among enterprises. Possess blend of technology expertise across various cyber security vendors, enterprise networks, datacenter, cloud networking and Information systems security. Good connects with Cybersecurity decision makers in enterprises

Project Role : Software Development Engineer Project Role Description : Analyze, design, code and test multiple components of application code across one or more clients. Perform maintenance, enhancements and/or development work. Must have skills : SDV Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Software Development Engineer, you will engage in a dynamic work environment where you will analyze, design, code, and test various components of application code across multiple clients. Your typical day will involve collaborating with team members to perform maintenance and enhancements, ensuring that the software meets the highest standards of quality and functionality. You will also be responsible for developing new features and addressing any issues that arise, contributing to the overall success of the projects you are involved in. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Mentor junior team members to enhance their skills and knowledge.- Continuously evaluate and improve development processes to increase efficiency.Perform penetration testing of SoC Automotive products.Establish the Security goals and requirements.Verification strategies in compliance with ISO 21434Develop test specifications, test cases, and test plans for security vulnerability testing.Scan vulnerabilities with regards to CVSS levels and patch fixing from NIST database.Perform code-level fuzz testing using open source tools.Support documentation of test results and collaborate with the development teamParticipate in automating test process within CI/CD environments.Setup and maintain traceability in compliance with Automotive SPICE requirementsExperience in tools like OpenVAS, Nmap , wireshark, penetration testing for embedded systems. Experience in Automotive domain is a must.Practical experience performing TARA, security concepts and other Cybersecurity Artefacts mentioned in IS021434 Professional & Technical Skills: - Must To Have Skills: Proficiency in SDV Product Security.- Strong understanding of secure software development practices.- Experience with threat modeling and risk assessment.- Familiarity with security testing tools and methodologies.- Knowledge of compliance standards related to software security. Additional Information:- The candidate should have minimum 5 years of experience in SDV Product Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member s contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. Shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution. Flexible to Provide support to 24/7 L1 Monitoring shift members. Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.

Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. Shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution. Flexible to Provide support to 24/7 L1 Monitoring shift members. Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.

Job Description Vacancy for Cataract Surgeon (Ophthalmologist) Qualification: MBBS in Any Specialization, MS/MD in Opthalmology Experience : 1-5 Years Location: The Retina Centre, Rukminigaon, Guwahati Job Description : Surgeons with experience of doing Phaco surgery in topical/ LA independently. Candidates should be well versed with all OPD and clinical procedures of Ophthalmology and Refractive procedures.

Qualification : MBBS in Any Specialization, MS/MD in Opthalmology Experience : 1-5 Years Location: The Retina Centre, Rukminigaon, Guwahati Job Description : Surgeons must have experience of doing surgery independently. Also needs to be experienced in dealing with all OPD and clinical procedures of Ophthalmology.

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

Skills Required : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Posted On : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Education/Qualification : Bachelors or Masters Desirable Skills : cyber security, Cloud Security, Cryptography

Job Description Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. Show more Show less

Since our launch in 2015, we’ve lent over £15bn to ambitious entrepreneurs up and down the UK. That’s led to the creation of over 40,000 new jobs and over 29,000 new homes – and we’re not about to stop there. We’re dedicated to helping trailblazing businesses thrive and our strong Cyber Security capabilities help us build trust and secure our digital assets and customer data. This is a fantastic opportunity to join a fast-paced, growing bank with a reputation for doing things differently. We don’t want another cog in the machine, we’re looking for self-starters and bold thinkers who want to pave their own career. In a nutshell this exciting and high-performing role, will play a pivotal part in ensuring OakNorth’s adherence to security related regulatory requirements aligned to global standards and frameworks, and continually improve our security posture aligned to leading industry practices. Responsibilities: Perform application security testing and penetration testing of web application, APIs and mobile (ios/android) applications to identify potential vulnerabilities and risks. Conduct threat modelling, secure architecture review and application security assessments. Run DAST and SAST tools against the application and code and engage with the development team to prioritize and remediate findings in a timely manner. Drive the adoption of static and dynamic code analysis capabilities to catch flaws as part of the design and continuous integration. Provide guidance and direction for the evolution of security capability within our development processes and platform environment. Conducting security training and awareness sessions for developers and other stakeholders. Contribute to the adoption of bug bounty program in the organization. Desired Skills: Extensive hands on experience with security assessment of web/mobile applications and APIs. Hands on experience in network and server vulnerability assessment. Familiarity with security testing tools such as Burp Suite, Snyk, OWASP ZAP, or Nessus. Ability to analyze and interpret code to identify security risks. Understanding of common web application vulnerabilities including OWASP Top 10 and SANS Top 25 risks. Understanding of bug bounty platforms such as HackerOne. Familiarity of testing applications hosted within AWS environments, virtualisation/containerisation technologies (Docker, Kubernetes), and cloud-native security solutions. Excellent communication skills, particularly written communication, and collaboration skills, as well as the ability to work independently. Familiarity with risk profiles specific to banking and fintech organizations, including emerging threats, classes of attack, and ongoing campaigns. About Us We’re OakNorth Bank and we embolden entrepreneurs to realise their ambitions, understand their markets, and apply data intelligence to everyday decisions to scale successfully at pace. Banking should be barrier-free. It’s a belief at our very core, inspired by our entrepreneurial spirit, driven by the unmet financial needs of millions, and delivered by our data-driven tools. And for those who love helping businesses thrive? Our savings accounts help diversify the high street and create new jobs, all while earning savers some of the highest interest on the market. But we go beyond finance, to empower our people, encourage professional growth and create an environment where everyone can thrive. We strive to create an inclusive and diverse workplace where people can be themselves and succeed. Our story OakNorth Bank was built on the foundations of frustrations with old-school banking. In 2005, when our founders tried to get capital for their data analytics company, the computer said ‘no’. Unfortunately, all major banks in the UK were using the same computer – and it was broken. Why was it so difficult for a profitable business with impressive cashflow, retained clients, and clear commercial success to get a loan? The industry was backward-looking and too focused on historic financials, rather than future potential. So, what if there was a bank, founded by entrepreneurs, for entrepreneurs? One that offered a dramatically better borrowing experience for businesses? No more what ifs, OakNorth Bank exists. For more information regarding our Privacy Policy and practices, please visit: https://oaknorth.co.uk/legal/privacy-notice/employees-and-visitors/ Show more Show less

About The Role Grade Level (for internal use): 10 The Team Security Testing Team in the Quality Engineering space plays a crucial role in safeguarding business operations by identifying vulnerabilities and ensuring robust protection against cyber threats. Through meticulous testing practices, we enhance the security posture of applications, thereby reducing the risk of data breaches and financial loss. By integrating security measures early in the development lifecycle, the team helps streamline processes, minimize disruptions, and ultimately contribute to greater business efficiency and resilience. S&P Global Ratings is the world’s leading provider of independent credit ratings. Our ratings are essential to driving growth, providing transparency, and helping educate market participants so they can make decisions with confidence. We have more than one million credit ratings outstanding on government, corporate, financial sector and structured finance entities and securities. We offer an independent view of the market built on a unique combination of broad perspective and local insight. We provide our opinions and research about relative credit risk; market participants gain independent information to help support the growth of transparent, liquid debt markets worldwide. What Is In It For You Serve as a highly technical security expert to bring security transformation to both new and legacy applications in quality engineering space. Using a wide range of cutting-edge technology to innovate while testing. An ever-challenging environment to hone your existing skills in Security Testing, Automation, Python Programming, Bash scripting etc. Being a part of an organization which values ‘Culture of Urgency’ and ‘Shift Left’ approaches. Gain the opportunity to apply your strategic thinking alongside technical skills to safeguard our systems defending against emerging cyber threats. A plenty of skill building, knowledge sharing, and innovation opportunities. Building a fulfilling career with a global financial technology company. Responsibilities This role will involve designing and executing security tests, identify vulnerabilities, and drive remediation strategies while collaborating with cross-functional teams in an Agile environment. Understand the application’s security requirements and identify & document the scope of the test. Develop and maintain security testing automation using tools like Burp Suite, ZAP, or similar tools. Integrate security testing into CI/CD pipelines. Automate processes and workflows using Python to minimize manual work. Collaborate with development, QE, and DevOps teams to investigate security incidents, perform root cause analysis, and validate security fixes. Oversee results and logs to analyze, prioritize, and initiate remediation for findings identified by security tools during SAST, DAST, SCA, artifact scanning, container scanning, etc... Prepare detailed reports summarizing test results, logs, findings, and recommendations for strengthening overall security of an application. Create and track security metrics, KPIs, and KRIs to measure operational effectiveness. Prepare comprehensive reports for senior management on security performance and strategic initiatives. Work independently, providing recommendations, and leading the accomplishments of the tasks from inception to completion. Demonstrate outstanding flexibility and leadership with proper communication of security testing result interpretation and explanation to audience. Participate in Daily Stand-up Calls, works closely with the Agile Manager to know the deliverables and commitments of each release. Actively taking part in resolving critical security issues and coming up with solutions to mitigate the same. Basic Qualifications Bachelor's or master’s degree in Electronics and Communication, Computer Science, Cybersecurity, or related fields. 6 to 9 years of IT experience with relevant professional experience of Minimum 4 years in the field of Cyber Security Testing. Should have strong hands-on experience in security testing, penetration testing, and vulnerability assessment. Strong experience in web, API, and cloud security testing. Clear understanding of security vulnerabilities, exploits, and mitigation techniques Strong grasp of the OWASP Top 10 vulnerabilities and effective mitigation strategies. Hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, Wireshark, Nessus, OpenSSL and Crypto validation tools. Proficiency in SAST/DAST tools and security frameworks like OWASP Top 10, CIS Benchmarks, and CVSS. Hands-on experience with Selenium, Pytest, and RestAssured API Testing using Python. Strong hands-on experience with scripting and programming languages including Python, PowerShell, Bash for security tasks. Familiarity with RESTful APIs, webhooks, and integration of third-party security tools and services via automation. Knowledge of DevSecOps practices and integrating security in CI/CD pipelines. Self-motivated and driven to stay updated with the latest security trends, technologies, and best practices, maintain high level of accuracy in security assessments. Ability to analyze and communicate complex cybersecurity and technical challenges to technical and non-technical users, leaders, and stakeholders. Experience collaborating with cross functional global and remote teams with diverse backgrounds. Should be able to work under a competitive time frame and deliver. Should be a very fast learner and have the excellent problem-solving ability. Should have excellent written and verbal communication skills. Nice To Have Skills Security Certifications like CISSP, CEH, CISM, OSCP or CompTIA Security+ shall be having the preference. Hands-On experience in building AI-powered security tools, chatbots, and agent-driven automation pipelines. Knowledge on Agentic AI frameworks, LLMs, and orchestration libraries like LangChain, crewAI or RAG-based architectures. Grade: 10 Location: Hyderabad Shift time: 11am to 8pm / 12pm to 9pm IST Hybrid Model: twice a week work from office About S&P Global Ratings At S&P Global Ratings, our analyst-driven credit ratings, research, and sustainable finance opinions provide critical insights that are essential to translating complexity into clarity so market participants can uncover opportunities and make decisions with conviction. By bringing transparency to the market through high-quality independent opinions on creditworthiness, we enable growth across a wide variety of organizations, including businesses, governments, and institutions. S&P Global Ratings is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help many of the world’s leading organizations navigate the economic landscape so they can plan for tomorrow, today. For more information, visit www.spglobal.com/ratings What’s In It For You? Our Purpose Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our Benefits Include Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring And Opportunity At S&P Global At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. S&P Global has a Securities Disclosure and Trading Policy (“the Policy”) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policy’s requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy. Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 307720 Posted On: 2025-06-12 Location: Hyderabad, Telangana, India Show more Show less

🔐 Cybersecurity Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is dedicated to delivering practical, industry-relevant learning experiences through immersive virtual internships. Our Cybersecurity Internship is designed to equip aspiring professionals with real-world skills in ethical hacking, threat analysis, and system defense through hands-on projects and guided mentorship. Internship Overview As a Cybersecurity Intern , you will gain critical exposure to information security principles, ethical hacking techniques, and cyber threat analysis . You will work on identifying vulnerabilities, simulating attacks, and building defenses — preparing you for roles in one of the most in-demand fields in tech. 🔧 Key Responsibilities Assist in conducting vulnerability assessments and penetration testing Analyze and monitor network traffic for suspicious activity Perform security audits and help develop incident response protocols Use industry-standard tools like Nmap, Wireshark, Burp Suite, Metasploit , etc. Research emerging threats and recommend mitigation strategies Learn and apply OWASP Top 10 concepts and security best practices Document findings and support internal cybersecurity reporting ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or related field Basic understanding of networking, operating systems, and web security concepts Familiarity with tools such as Kali Linux, Burp Suite, Nessus, or similar Passion for ethical hacking, threat hunting, and system security Strong analytical skills and eagerness to learn Knowledge of Linux/command-line interfaces is a plus 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tasks and tools Deep understanding of cyber threats, vulnerabilities, and protection strategies Internship Certificate of Completion Letter of Recommendation for top performers Potential Full-Time Offer based on performance A portfolio of cybersecurity assessments and reports to showcase your skills Show more Show less

About the role: We are seeking an experienced and innovative Director - IT Infra to lead our IT Infrastructure and IT Security teams. The ideal candidate will drive the management and strategic oversight of on-premises datacenter assets, end user systems and on-cloud SaaS / PaaS / IaaS services with a focus on Microsoft and Open-Source technologies, while leading initiatives to transition workloads from current on-premises to hybrid cloud ecosystem. Leadership and Management: 1. Work closely with CTO to define a strategic direction for organization IT ecosystem and align them to business objectives; digital transformation initiatives and “Right-Fit” technology. 2. Formulate, strategize and implement IT and InfoSec policies aligning them to industry standards; best practices / guidelines and organization goals. 3. Managing vendor / service provider relationships and run periodic cost optimization through vendor / tool consolidation and timely AMC negotiations / renewals. 4. Develop and implement change management processes to ensure smooth transition and adoption of new technologies. Communicate changes to all stakeholders and provide necessary support during change. 5. Lead the IT Infra team and IT InfoSec teams. Foster an innovation driven, collaborative, ever learning and high-performance team environment. IT Infrastructure Management: 1. Lead initiatives to migrate on-premises workloads to Microsoft Azure and integrate Open-Source tools like Docker and Kubernetes. Developing and executing strategies for the migration of data and applications to cloud-based infrastructure. 2. Manage on-premises servers using Microsoft Windows Server and Linux Ubuntu running on virtualization platforms like VMware ESXi and Linux KVM. 3. Ensure the reliability, availability. performance, security and high uptime of all IT assets, including hardware like Dell servers; HPE servers; SAN Data Storages; WAN / LAN Devices; EPABX systems etc. 4. Develop and implement maintenance schedules using tools like Microsoft System Center. Setting up, managing and monitoring organization's datacenter operations. 5. Oversee network architecture, connectivity uptime, and network performance using Cisco routers, switches, and other communication devices. 6. Setup IT Infrastructure Monitoring Tools to identify and resolve IT infrastructure problems before they can adversely affect critical business processes. Report to management team insight into the status of physical, virtual, and cloud systems and help ensure availability and performance. Security and Compliance: 1. Implement and manage security measures, including Next-Generation Firewalls; IDS / IPS; VPNs; Next-Generation Endpoint Security; DLP; IRM / EDRM; Web Proxy etc. 2. Conduct regular security assessments at server level and network level using tools like Nessus, Nmap etc. to assess security implementation and mitigate vulnerabilities. 3. Ensure compliance with security policies and procedures using SIEM solutions like Splunk and ensure zero data theft and data leakage. 4. Monitor and respond to security incidents with solutions like Microsoft Defender for Cloud and Open-Source tools such as Wazuh, OSSEC etc. 5. Ensure compliance with industry regulations and standards, maintaining certifications such as ISO 9001, ISO 27001, PCI DSS. 6. Implement disaster recovery and business continuity plans based on best practices and industry standards using solutions such as Commvault, Borg, Veeam etc. Innovation and Improvement: 1. Identify opportunities for technological improvements and innovation with a focus on Microsoft / Open-Source solutions and build blueprints to transition from older technology leading to reduce TCO and enhanced systems experience. 2. Promote the adoption of emerging technologies and open-source tools to enhance business / IT operations. 3. Setup key IT processes and capture data touchpoints to evaluate IT Teams performance and OKRs. Build a culture of continuous improvement and service excellence. 4. Provide leadership to drive Infrastructure and Network Security maturity improvements across the organization, in line with the changing Threat Landscape, Regulatory and Compliance requirements etc. 5. Rewire the current processes, practices and disciplines for IT Service Management using ITIL principles aligning IT services with the needs of the business. Competencies : IT Policy Development, Hybrid Cloud Implementation, IT Hardware Management, Network Management, IT Security Implementation, IT Process Optimization, Change Management, Vendor Management Experience : 1. 10-12 years of experience in IT infrastructure management and information security. 2. Must have proven experience leading and managing complex hybrid IT teams. 3. Must have proven experience in leading initiatives to transition workloads from current on-premises to hybrid cloud ecosystem. 4. Must have proven experience in implementing and managing IT Security, Business Continuity Plans, Disaster Recovery Frameworks and Security Audits. 5. Must have technical proficiency and hands-on experience with Microsoft technologies (e.g., Windows Server, Azure Services, Microsoft 365, SharePoint etc.) and Open-Source technologies (e.g., Ubuntu Linux, KVM, Docker, Kubernetes etc.). 6. Experience in managing datacenter operations, network systems and virtualization environments. 7. Experience with IT process optimization and implementing change management processes. 8. Any relevant industry certifications like CISSP, CISM, Azure Solutions Architect Expert, Red Hat Certified, Cisco Certified Network Professional etc. will be added advantage. 9. Experience working in large publication company, management consulting company or Tier 1 startups will be added advantage. Show more Show less

Job Title: Technical Support Specialist Experience Level: 5+ Years Location: Remote Department: Infrastructure & Technical Services Job Summary: We are seeking a skilled and proactive specialist in who can provide Network Support, Windows Desktop Support, Microsoft 365 Infrastructure Support, and Server Administration Support to join our Infrastructure & Technical Services team. The ideal candidate will have over five years of hands-on experience in said mentioned support areas. This role is critical in maintaining the stability, security, and performance of our customers infrastructure. The candidate must also be bilingual in Spanish and English , with the ability to translate technical terms between the two languages. Key Responsibilities: Monitor, troubleshoot, and support enterprise network infrastructure including LAN/WAN, firewalls, and switches. Support and maintain Palo Alto firewalls, including security policies, NAT, and VPNs. Administer and support Cisco switches, VLANs, and spanning tree protocols. Collaborate with cross-functional teams to support infrastructure projects and deployments. Maintain network documentation, diagrams, and standard operating procedures. Provide support for Windows desktop environments, including installation, configuration, and maintenance. Troubleshoot and resolve hardware, software, and network issues for end users. Manage and support mobile devices (iOS and Android) using Mobile Device Management (MDM) solutions. Administer and maintain IT service management tools such as ManageEngine. Support and configure Windows, Apple iOS and Android devices in a corporate environment. Provide support for Microsoft 365 services including Exchange Online, Teams, SharePoint, OneDrive, and Intune. Manage user identity and access through Azure Active Directory, including conditional access policies and MFA. Monitor M365 service health, investigate incidents, and resolve issues using Microsoft 365 Admin Center and PowerShell. Support hybrid environments integrating on-premises Active Directory with Azure AD. Collaborate with security teams to enforce compliance, data loss prevention (DLP), and threat protection policies. Assist in tenant-level configuration, license management, and service adoption strategies. Administer, monitor, and troubleshoot Windows Server (2012–2022) and Linux environments. Knowledge virtualization infrastructure using VMware vSphere/ESXi. Knowledge in Deploy, configure, and maintain cloud services in Microsoft Azure . Understanding security tools such as Tenable Nessus, Cortex XDR, and ManageEngine solutions. Knowledge in Automate system administration tasks using Ansible and scripting (PowerShell, Bash). Working with teams on regular system updates, patch management, and vulnerability remediation. Ensure compliance with company security policies and industry best practices. Participate in on-call rotation and provide after-hours support as needed. A MUST / Translate technical documents and communications from Spanish to English and vice versa. A MUST / Communicate effectively with Spanish-speaking and English-speaking stakeholders. Required Qualifications: Minimum 5 years of experience in network support or administration. Knowledge with Palo Alto firewalls and Cisco switches Proficiency in Cisco switching technologies and basic routing protocols. Good understanding of TCP/IP, DNS, DHCP, VPN, and network segmentation along with identity federation (e.g., ADFS, SSO). Experience with network monitoring and diagnostic tools (e.g., Wireshark, SolarWinds). Proficiency in Windows OS (Windows 10/11) and Microsoft Office Suite. Experience with ManageEngine or similar ITSM tools. Experience with MDM platforms (e.g., Intune, ManageEngine MDM, MobileIron, AirWatch). Knowledge of iPhone and Android device configuration and support. Familiarity with Apple iOS and macOS environments. Proficiency in PowerShell scripting for automation and administration tasks. Experience with Microsoft Endpoint Manager (Intune), Exchange Online Protection (EOP), and Defender for Office 365. Excellent problem-solving and communication skills. A MUST / Fluent in both Spanish and English, with the ability to translate technical terms between the two languages. Preferred Qualifications: - Experience with cloud networking (AWS, Azure) is a plus. - Familiarity with ITIL practices and ticketing systems. Show more Show less