776 Nessus Jobs - Page 22

JOB DESCRIPTION ———————————————————————— Assistant Manager - IT & OT Infrastructure, Data and Applications Security Godrej Agrovet Limited (GAVL) Mumbai, Maharashtra, India ————————————————————————————————————— Job Title: Assistant Manager - IT & OT Infrastructure, Data and Applications Security Job Type: Permanent, Full-time Function: IT Business: Godrej Agrovet Limited - Corporate Location: Mumbai, Maharashtra, India About Godrej Industries Group (GIG) At the Godrej Industries Group, we are privileged to serve over 1.1 billion consumers globally through our businesses with market leadership positions in the consumer products, real estate, agriculture, financial services and chemicals industries. https://www.godrejindustries.com/ About Godrej Agrovet Limited (GAVL) Godrej Agrovet is a food and agri conglomerate, dedicated to improving the productivity of Indian farmers by innovating products and services that sustainably increase crop and livestock yields. www.godrejagrovet.com About the role We are seeking a highly skilled and experienced IT & OT Infrastructure, Data, and Applications Security Manager to lead the security strategy and implementation for IT & OT (Operational Technology) environments. This role is responsible for ensuring that critical infrastructure, network systems, and applications are secure from cyber threats while ensuring operational continuity in both the IT and OT domains. The position requires a deep understanding of both IT and OT security frameworks, as well as an ability to collaborate with cross-functional teams to safeguard digital assets and operations. Roles & Responsibilities: 1. IT & OT Infrastructure Security: Develop, implement, and maintain security policies, procedures, and controls to protect IT & OT infrastructure components, including servers, networks, industrial control systems (ICS), SCADA, and cloud environments. Collaborate with IT teams to ensure secure integration between IT and OT systems, addressing the unique security requirements of each domain. Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and mitigate threats in IT & OT infrastructures. Manage the security of industrial networks, SCADA systems, and IIoT (Industrial Internet of Things) devices to prevent cyber threats and ensure safe operations. Implement and maintain security for cloud services, on-premises data centers, and critical OT assets, ensuring compliance with industry standards. 2. Data Security : Implement data encryption, tokenization, and masking techniques to protect sensitive and proprietary data across systems, databases, and storage devices. Oversee data classification processes and ensure data protection in compliance with legal and regulatory requirements (GDPR,CCPA, HIPAA, etc.). Ensure proper data backup, disaster recovery, and business continuity planning related to data security. Conduct data loss prevention (DLP) assessments and implement preventative controls. Manage access control policies for databases and ensure segregation of duties for sensitive information. 3. Network Security: Develop and maintain robust network security architecture for IT & OT networks, ensuring protection against unauthorized access, data breaches, and cyber-attacks. Monitor and analyze network traffic and logs to detect potential threats, vulnerabilities, and anomalous activities across IT & OT networks. Implement network segmentation to isolate IT and OT environments while ensuring controlled data exchange between systems. Configure and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and secure VPNs to protect networks from external and internal threats. Manage secure communication channels for IT/OT devices and ensure the proper functioning of secure remote access protocols for IT/OT systems. 4. Applications Security: Lead the implementation of secure application development practices for OT applications. Work with development and OT engineering teams to incorporate secure coding practices into OT software systems. Conduct regular security assessments and code reviews for applications, ensuring that vulnerabilities are identified and mitigated. Oversee security testing of OT applications, including SCADA systems, human-machine interfaces (HMIs), and industrial control software, to ensure that security controls are in place. Implement security controls around application access, user authentication, and data integrity for OT applications. 5. Incident Response & Threat Management: Lead and coordinate response efforts to security incidents involving OT systems, ensuring that containment, investigation, and remediation processes are followed efficiently. Develop and maintain incident response plans that address OT-specific risks, ensuring minimal disruption to critical operations. Conduct post-incident analysis to identify root causes, recommend improvements, and apply corrective actions to prevent future occurrences. Collaborate with internal and external teams (e.g., law enforcement, vendors) during security incidents that may impact OT systems. 6. Security Governance and Compliance: Ensure compliance with relevant industry regulations, standards, and frameworks (e.g., NIST, ISO 27001, IEC 62443, NERC CIP) in OT environments. Implement and enforce security governance, risk management, and compliance strategies across OT assets. Perform regular audits and assessments of OT security controls to ensure compliance with security policies and regulatory requirements. Maintain comprehensive security documentation, including risk assessments, incident reports, and security project plans. 7. Security Awareness and Training: Develop and conduct security awareness training programs for OT staff, ensuring that they are educated on security best practices, emerging threats, and organizational policies. Provide ongoing education to the OT team about the importance of cybersecurity in the context of industrial operations and critical infrastructure. Stay current with emerging security trends, threats, and vulnerabilities specific to OT environments and incorporate new knowledge into security practices. Key Requirements: Education : Bachelor's degree in computer science, Information Security, Cybersecurity, Engineering, or a related field (Master’s preferred). Experience : Minimum of 5 to 6 years of experience in IT & OT security, Data security, and application security. Extensive experience securing both OT (industrial control systems, SCADA, ICS, IIoT) environments. Proven experience with network segmentation, firewalls, IDS/IPS, VPNs, and application security frameworks. Familiarity with securing operational technology, including understanding of industrial protocols (Modbus, OPC, DNP3, etc.). Hands-on experience with OT vulnerability management, incident response, and threat intelligence processes. Certifications : CISSP, CISM, CISA, or similar certifications are preferred. OT-specific certifications such as Certified SCADA Security Architect (CSSA) or IEC 62443 certification a plus. Network security certifications such as CCSP, AWS Certified Security Specialty, or CCNA Security are beneficial. Application security certifications (e.g., CEH, OWASP) are a bonus. Technical Skills: Expertise in securing network and infrastructure devices, systems, and industrial control systems (ICS). Deep knowledge of network protocols and security mechanisms (e.g., IP, TCP/IP, VPNs, firewalls). Proficiency in securing cloud environments (AWS, Azure, Google Cloud) as well as on-premises systems. Experience with tools for vulnerability scanning, penetration testing, and risk assessments (e.g., Nessus, Qualys, Burp Suite). Knowledge of SCADA systems, PLCs, and industrial protocols commonly used in OT environments. Personal Attributes: Strong analytical, problem-solving, and decision-making skills with the ability to think critically under pressure. Excellent communication and collaboration skills, able to work with both IT and OT teams to implement security solutions. Ability to manage multiple projects, prioritize tasks, and meet deadlines in a fast-paced environment. Proactive and forward-thinking, with a passion for staying ahead of emerging cybersecurity threats and trends. What’s in it for you? Be an equal parent Maternity support, including paid leave ahead of statutory guidelines, and flexible work options on return Paternity support, including paid leave New mothers can bring a caregiver and children under a year old, on work travel Adoption support; gender neutral and based on the primary caregiver, with paid leave options No place for discrimination at Godrej Gender-neutral anti-harassment policy Same sex partner benefits at par with married spouses Gender transition support We are selfish about your wellness Comprehensive health insurance plans, as well as accident coverage for you and your family, with top-up options Uncapped sick leave Mental wellness and self-care programmes, resources and counselling Celebrating wins, the Godrej Way Structured recognition platforms for individual, team and business-level achievements Performance-based earning opportunities https://www.godrejcareers.com/benefits/ If this sounds like a role for you, apply now! We look forward to meeting you. Show more Show less

Now Hiring: Senior Cyber Security Engineers Location: Bangalore (Preferred) | Open to Remote Candidates Across India Engagement Type: 8–12 Months Contract OR Full-Time (Direct Hire) Salary: Open – Based on Experience (DoE) Are you a seasoned Cyber Security Engineer with a strong track record in cloud security, vulnerability management, DLP, and IAM ? We are hiring for immediate openings to support a key project for a top-tier enterprise client. This is a high-impact role for professionals who bring both strategic insight and hands-on expertise to secure cloud environments, protect critical data, and manage access controls. Key Responsibilities: Implement and manage end-to-end cloud security across AWS, Azure, or GCP environments Conduct vulnerability assessments , analyze threat reports, and drive mitigation strategies Design and enforce Data Loss Prevention (DLP) policies and tools Manage Identity and Access Management (IAM) systems including provisioning, de-provisioning, RBAC, and SSO integrations Collaborate with IT, DevOps, Infrastructure, and Compliance teams to ensure robust security posture Support audits, risk assessments , and compliance initiatives (ISO, SOC2, etc.) Document and update security architectures, standards, and operational procedures Required Skills & Experience: 8–10 years of experience in Cyber Security Engineering or Information Security roles Hands-on expertise with: Cloud security tools (AWS Security Hub, Azure Security Center, etc.) Vulnerability management (Qualys, Nessus, Tenable, etc.) DLP platforms (Symantec, Forcepoint, McAfee, etc.) IAM platforms (Okta, Azure AD, Ping Identity, SailPoint, etc.) Strong knowledge of security frameworks (NIST, CIS Controls, etc.) Excellent communication , problem-solving , and stakeholder management skills Certifications like CISSP, CISM, CEH, AWS/Azure Security are a plus Show more Show less

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Roles & Responsibilities: Define project scope, objectives, and deliverables in collaboration with stakeholders. Develop comprehensive project plans, including timelines, budgets, and resource allocation. Manage and coordinate project teams, including security engineers, analysts, and other technical resources. Track project progress, identify and manage risks and issues, and implement effective mitigation strategies. Ensure adherence to project management methodologies and best practices. Stay up-to-date with the latest cyber security trends and technologies. Skill & Competencies: Strong track record of delivering IT projects in a large, complex environment. (7 years), especially experience in the implementation of financial and regulatory requirements in the CFO context in Group-wide systems and their integration Proven 5+ years experience as a PM Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience (typically 5+ years) managing IT projects, with a significant focus on cyber security initiatives.

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. Shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.Flexible to Provide support to 24/7 L1 Monitoring shift members. Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.

Management Level F Role Summary The Senior Security Operations Analyst will play a lead role, assisting the Head of Security Operations, in a team of up to 13 staff delivering these activities. They will report directly to the Head of Security Operations. They will contribute to all aspects of the Company s operational security strategy and programme, as appropriate to demand, workload, skills and experience. Core Duties/Responsibilities Conduct regular compliance reviews of actual practice in teams across the IT organisation against defined operational IT security processes. Ensure that operational security processes are adjusted as security needs or the Company s business change. Identify potential for improvements in cost efficiency in the main operational security activities and provide feedback to the CISO and Head of Security Operations to instigate projects and initiatives that seek to achieve these improvements. Monitor quality of service and quality of security control targets and metrics with all non-security teams throughout the Company engaged in operational IT Security activities. Participate in requirements definition, acceptance and implementation of projects and initiatives that are developed by GIS for the infrastructure and tools that support the main operational IT Security activities. Identify and conduct IT Security Monitoring and Testing activities to the appropriate quality of service and security. In particular this involves working with the Company s external security monitoring partner to ensure complete, effective and robust levels of protection through monitoring and response. Design & oversee the implementation of sound security management practices and controls for day-to-day access security administration and monitoring by other business and IT teams. Monitor for, respond to, mitigate impact of, take remedial action during, and define lessons learnt from, information security incidents, gathering input from other information and IT security teams. Own and manage vulnerability identification across the EQ estate. Analyse scan results, validate findings, and prioritise remediation actions based on risk, exploitability, and asset criticality. Track remediation efforts and verify effectiveness through re-scans and reporting Contribute as appropriate to IT operations and infrastructure development initiatives within Group IT from the IT security perspective. Skills, Knowledge & Experience The Senior Security Operations Analyst will have held previous positions as an Operational Security team leader, senior SOC analyst or Incident Responder. They should have accumulated at least 4 years relevant experience in a role in industry or an IT or security services provider. Extensive experience of the following is essential: Managed security monitoring services and other relevant security technology vendors and service provider. Experience in leading incident response activity either as an individual or as an incident response coordinator. Previous ownership of incident response processes and procedures - including documentation, maintenance and testing of those processes and procedures. Demonstrable practical experience with threat hunting techniques and processes. A strong understanding of the Cyber Kill Chain and Mitre Framework and how these can be used to determine threat actors and identify attack mitigations. Technical analysis of cyber security threats and threat intelligence. Experience of delivering and managing operational security tooling for cloud based environments - with significant focus on natively available controls within AWS. Familiarity with relevant industry cyber security standards/frameworks such as NIST CSF, ISO 27001 and CIS Critical Security Controls. Experience with Vulnerability Management tools (Qualys, Nessus, Metasploit, BurpSuite etc ) Experience managing and configuring DLP capabilities Development of processes and play books to support Security Operations services. Experience with scripting (Python, Power BI) and automation tools a benefit. Strong organisation and communication skills a must. In addition, the following key experience is preferred: Experience of delivering against similar accountabilities with global impact in an organisation of similar scale and complexity as EQ. Ability and motivation to work with parties inside and outside the security community through a cooperative, interactive, trustful and respectful approach. A doer with capacity to drive relevant activities personally. Broad general knowledge of good information security practice.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has a developed proficiency of analytical or operational processes. Completes atypical assignments. Works within established procedures and practices. Establishes the appropriate approach for new assignments. Acts as a resource for colleagues. Completes work with limited supervision. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided Uses discretion to change work procedures and practices. Leadership Provides guidance and support to junior team members. Problem Solving Provides solutions to atypical problems based on existing precedents or procedures. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Responsible for RFQ management buying activities, negotiation, exception management, quality control, and vendor relations. Assists Project Team Lead to identify process gaps, improvement, and any other ancillary tasks as project support. Ensures integrity of the entire sourcing process through the proper approval process. Assists the Project Team Lead in preparation and assignment of open un-reconciled item to the reviewers. Provides real-time suggestions to bring accuracy and efficiency. Provides feedback to reviewers on errors and training. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Requires limited prior training or licenses and training certifications. Has basic operational or analytical skills to perform tasks. Works within clearly defined standard operating procedures and adheres to quality guidelines. Work is completed with close supervision and under clearly defined procedures. Functional Knowledge Requires a basic understanding of theories, practices, and procedures. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Responsible for the accuracy of work. Receives close supervision and duties are clearly defined. Methods and tasks are described in detail. Leadership Has no supervisory responsibilities. Problem Solving Uses existing procedures to solve standard problems. Has limited opportunity to exercise discretion. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Performs first level Sourcing process such as requisition and purchase order creation, following client standard operating instructions. Ability to review and analyze input data for completeness. Requests additional information if required. Achieves productivity and quality targets set for the project. Performs any other first-level tasks assigned. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Requires limited prior training or licenses and training certifications. Has basic operational or analytical skills to perform tasks. Works within clearly defined standard operating procedures and adheres to quality guidelines. Work is completed with close supervision and under clearly defined procedures. Functional Knowledge Requires a basic understanding of theories, practices, and procedures. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Responsible for the accuracy of work. Receives close supervision and duties are clearly defined. Methods and tasks are described in detail. Leadership Has no supervisory responsibilities. Problem Solving Uses existing procedures to solve standard problems. Has limited opportunity to exercise discretion. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Performs first level Sourcing process such as requisition and purchase order creation, following client standard operating instructions. Ability to review and analyze input data for completeness. Requests additional information if required. Achieves productivity and quality targets set for the project. Performs any other first-level tasks assigned. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has advanced, specialized expertise within a range of analytical or operational processes. Completes assignments and facilitates the work of others. May coordinate assignments beyond work area. Proposes improvements to processes and methods. Acts as a lead, coordinating the work of others, but is not a supervisor. Works autonomously within established procedures. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Acts as a technical expert in some areas. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided. Suggests enhancements to work procedures and practices to improve efficiency. Leadership Serves as a team lead. May allocate work to team members. Provides subject matter guidance to junior team members. Problem Solving Provides solutions to atypical problems with little or no precedent. Interpersonal Skills Exchanges information and ideas effectively. Uses tact and diplomacy when dealing with others. Responsibility Statements Supports emergency procurement processes as needed by the client. Monitors open requisitions, expedite, and closeout before turnaround. Works with stakeholders to ensure proper recommendation and documentation is received for the procurement process. Assists Team Leaders in extracting data for dashboard on process and reconciliation metrics. Provides supporting records and documentation to assist with audits. Ensures that adequate and updated process documentation and desktop procedures exist and are utilized. Contributes towards quality efforts and guides the quality verifiers team. Participates in first-level tasks and quality check tasks. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description Requires formal education and relevant expertise in a professional, sales, or technical area. Performs technical-based activities. Contributes to and manages projects. Uses deductive reasoning to solve problems and make recommendations. Interfaces with and influences key stakeholders. Leverages previous knowledge and expertise to achieve results. Ability to complete work self-guided. College or university degree required. General Profile Requires knowledge and experience in field. Uses best practices and knowledge of business to improve products or services. Solves complex problems and takes a new perspective on existing procedures. Self-starter, requiring minimal guidance. Acts as a resource for colleagues with less experience. Functional Knowledge Requires conceptual expertise of theories, practices, and procedures. Business Expertise Has knowledge of best practices and team integration. Aware of the competition and what differentiates them. Impact Impacts a range of customer, operational, project or service activities. Works within broad guidelines and policies. Leadership Acts as a resource for colleagues with less experience. May guide small projects with manageable risks and resource requirements. Problem Solving Solves complex problems. Takes a new perspective on existing solutions. Exercises judgment based on the review of multiple information sources. reviewing many sources of information. Skills Clearly articulates difficult or sensitive information. Works to build consensus within a team. Responsibility Statements Supports the development of strategies for new client offerings. Ensures the effective use and application of resources. Assesses customer requirements and assists with the development of solutions. Reviews service and operating procedures to ensure compliance with industry standards and regulations. Works closely with the solutions team and sales, practice, and delivery leaders to develop the solution strategy and approach. Developing proficiency in market trends, best practices, and innovation. Performs other duties as assigned. Complies with all policies and standards.

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).

Job Title: Consultant / Manager / Senior Manager – VAPT Location: Gurgaon Experience Required: 2 to 10 years Work Mode: Onsite (Gurgaon) Certification: OSCP – Mandatory Role Overview: We are looking for skilled cybersecurity professionals across levels ( Consultant to Senior Manager ) to join our Vulnerability Assessment & Penetration Testing (VAPT) team in Gurgaon . You will play a critical role in executing and leading security assessments across applications, infrastructure, network, and source code to identify vulnerabilities and recommend effective remediation. Key Responsibilities: For All Levels: Perform end-to-end VAPT on web applications, mobile applications, network, infrastructure, cloud, and source code . Identify, exploit, and document vulnerabilities with clear technical and business impact. Use both manual and automated tools to conduct deep-dive penetration testing. Prepare and present technical reports with actionable recommendations. Ensure adherence to OWASP, NIST, ISO 27001, PCI-DSS, and RBI cybersecurity guidelines . Additional Responsibilities Based on Experience Level: Manager / Senior Manager: Lead a team of consultants and guide them through complex assessments. Oversee project timelines, quality, and client deliverables. Engage with senior stakeholders (CIOs, CISOs, Security Heads) to discuss findings and mitigation strategies. Support practice development, training initiatives, and RFP support. Consultants / Senior Consultants: Execute hands-on penetration testing under guidance from seniors. Maintain high-quality documentation and assist in tool integration. Continuously upgrade skills through research and certification prep. Required Skills & Qualifications: 2 to 10 years of hands-on experience in penetration testing and vulnerability assessment . Strong knowledge of manual testing techniques beyond automated scanners. Expertise with tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. OSCP certification is mandatory. Familiarity with secure coding , scripting, and one or more programming languages (e.g., Python, Java, JavaScript). Good understanding of cloud security testing (AWS, Azure, GCP) is a plus. Strong analytical, communication, and report-writing skills. Show more Show less

Cybersecurity - Project Management Officer (PMO) Dombivli, Mumbai Note: Looking only for candidates who can join within 30 days . Outstation candidates must be willing to relocate. Candidate for this role will be working on client project at the client’s office in Dombivli, Mumbai. 5 days WFO, Saturday WFH . Job Overview: The PMO will be responsible for overseeing & streamlining delivery of security testing engagements— specifically for Payment Gateway (PG) clients. Ensuring timely delivery, resource optimization, effective coordination with stakeholders and adherence to compliance & quality standards. This role bridges the gap between the technical testing team & business stakeholders to ensure smooth execution of projects. Qualifications: MBA or BBA with 2-4 years ’ experience working in project management for IT/ software industry. Hands on experience with project management tools such as Zoho helpdesk or Zoho Projects, is a must. Candidate should have project management certifications such as PMI-ACP or CAPM or PMP or similar (mandatory). Background in cybersecurity would be preferred. Job description: Project Planning & Tracking Maintain and update project trackers for multiple PG security testing engagements. Monitor project milestones, deadlines, and deliverables. Track actual vs. planned timelines and raise alerts on delays or deviations. Ensure daily/weekly status reporting from security consultants is accurate and up to date. Track daily utilization, workload distribution, and resource conflicts. Maintain visibility into pipeline projects to plan for resource ramp-up/down. Serve as a point of contact for internal and external stakeholders for project-related queries and escalations. Set up governance calls, circulate agendas, track MOMs, and follow up on action items. Communicate progress, risks, and dependencies to clients in a structured and timely manner. Ensure projects follow standardized security testing workflows (web, API, mobile, infra). Track closure of client queries, validations, and retesting requests. Own the preparation and maintenance of client-facing dashboards (project status, vulnerability metrics, SLA adherence). Track daily task sheet updates from consultants and prepare weekly/monthly performance summaries. Highlight red flags and recommend corrective actions proactively. Analyze project data to identify trends, insights, and areas for improvement Establish and maintain effective communication channels with stakeholders to ensure alignment and transparency. Facilitate stakeholder meetings, and presentations to gather requirements and provide project updates. Manage stakeholder expectations and address stakeholder concerns in a timely manner. Technical Skills: Project Tools: Jira, MS Project, Smartsheet, ServiceNow (GRC module) Security Tools (basic familiarity): Qualys, Nessus, Rapid7, Tenable Documentation & Reporting: MS Excel (pivot, charts), PowerPoint, Power BI or similar. Requirements and skills Proven work experience as a Project Management Officer or similar role Strong leadership skills and stakeholder management skills Strong analytical and problem-solving skills Good written and verbal communication skills Strong attention to details and technicalities Excellent organizational and technical abilities Good interpersonal and multi-tasking skills Relevant training and/or certification Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required: 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Required Skills and Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM. Key Responsibilities Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware. Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution. Flexible to Provide support to 24/7 L1 Monitoring shift members. Show more Show less

Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network architecture, firewall policies, VPNs, NAT, and VLAN segmentation. Analyze and mitigate threats like DDoS, MITM, spoofing, etc. Configure and manage intrusion detection/prevention systems (IDS/IPS). Perform routine audits and packet-level analysis for suspicious activity. Cloud Security Secure cloud infrastructure (Alibaba Cloud/AWS/Azure/GCP). Manage IAM, WAF, Security Groups, and cloud-native threat detection tools. Audit and improve security configurations in containers, CI/CD pipelines, and serverless deployments. Monitoring, Audit, and Compliance Work closely with compliance teams to meet standards like SAMA-CSF, ISO 27001, and PCI-DSS. Implement and tune SIEM/SOAR systems for proactive monitoring and incident response. Maintain audit trails, security reports, and logs for investigations and audits. Qualifications & Requirements Bachelors degree in computer science, Cybersecurity, or a related field. 4+ years of experience in cybersecurity roles with exposure to infrastructure and application security. Proficiency in tools like Burp Suite, Nessus, Wireshark, Nmap, Suricata, OSSEC/Wazuh, etc. Strong knowledge of TCP/IP, Linux security, cloud security, and secure coding principles. Experience with at least one cloud platform (Alibaba Cloud preferred). Familiarity with regulatory and compliance standards in the GCC region is a plus. Security certifications such as CEH, OSCP, CISSP, or CISM are a plus. Preferred Strong problem-solving and analytical skills. Ability to work under pressure in a fast-paced environment. Excellent communication skills to interface with technical and non-technical stakeholders. Self-motivated and able to work independently or as part of a team.

Summary Position Summary Position: Cyber Security Senior BISO Analyst (L3.5) Location: USI Job Summary Cyber Security BISO Team works with the Deloitte Function Specific Subsidiaries (FSS) & Chief Information Security Officer (CISO) organization directly supporting Deloitte’s Enabling Areas functions. The role involves close integration with various internal and external client-service leaders, technical and non-technical stakeholders to drive widespread cyber security program adoption. The Business Information Security Officer (BISO) Analyst will work closely with the Application teams of various lines of businesses (LOB), including the Office of Chief Information Officer (OCIO). In this role, you will support a group/team to develop a deep understanding of the business to facilitate specialized information security risk-based discussions. This role requires a proactive individual with a keen eye for detail and a strong understanding of cybersecurity frameworks such as, ISO, NIST, CIS. This fast-paced multi-faceted environment requires a highly motivated, self-driven, strong team player who demonstrates an intrinsic desire for continuous personal and professional growth. Key Responsibilities: Oversight & Alignment: Partner with Deloitte’s central Cyber Security organization to ensure consistent adoption of security frameworks, policies, and controls within business units and client teams. Security Strategy Development: Collaborate with business leaders to develop and implement information security strategies that align with business goals and regulatory requirements. Risk Management: Identify, assess, and prioritize information security risks within the enabling areas. Develop and implement risk mitigation strategies. Policy and Compliance: Ensure compliance with relevant information security policies, standards, and regulations (e.g., ISO 27001, NIST, SOC 2, HIPAA). Maintain ongoing audit readiness. Incident Response: Lead the response to security incidents within the enabling areas, including investigation, containment, and remediation efforts. Vulnerability Management: Monitor cyber threats relevant to the business domain. Support risk assessments, issue management, and incident response coordination. Stakeholder Engagement: Serve as the primary point of contact for information security matters within the enabling areas. Build strong relationships with business leaders and other stakeholders. Mitigation Projects: Lead or support projects involving third-party risk, vulnerability remediation, data protection, secure application development, and identity & access governance Security Architecture: Work with IT and business teams to design and implement secure systems and processes that support business operations. Continuous Improvement: Stay current with emerging security threats and trends. Recommend and implement improvements to the organization's security posture Qualifications: Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: Minimum of 4 years of experience in information security 2-4 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments. 2-4 years of experience in vulnerability management, cybersecurity, or a related field. Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). Experience with GRC platforms (e.g., ServiceNow, Archer, or similar). Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Technical Skills: Strong understanding of information security principles, technologies, and best practices. Experience with risk management, incident response, and security architecture. Business Acumen: Ability to understand business operations and align security strategies with business objectives. Communication: Excellent verbal and written communication skills. Ability to effectively communicate complex security concepts to non-technical stakeholders. Leadership: Proven ability to lead cross-functional teams and manage multiple projects simultaneously. Soft Skills: Excellent analytical and problem-solving skills. Strong communication skills, both written and verbal. Ability to work independently and as part of a team. Detail-oriented with a strong focus on accuracy and quality. Ability to work in a fast-paced environment and manage multiple tasks simultaneously. This role is ideal for a motivated individual who is passionate about cybersecurity and eager to contribute to the organization's security posture. If you have a strong background in vulnerability management and a commitment to continuous improvement, we encourage you to apply. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301153 Show more Show less

🔐 Cybersecurity Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is dedicated to delivering practical, industry-relevant learning experiences through immersive virtual internships. Our Cybersecurity Internship is designed to equip aspiring professionals with real-world skills in ethical hacking, threat analysis, and system defense through hands-on projects and guided mentorship. Internship Overview As a Cybersecurity Intern , you will gain critical exposure to information security principles, ethical hacking techniques, and cyber threat analysis . You will work on identifying vulnerabilities, simulating attacks, and building defenses — preparing you for roles in one of the most in-demand fields in tech. 🔧 Key Responsibilities Assist in conducting vulnerability assessments and penetration testing Analyze and monitor network traffic for suspicious activity Perform security audits and help develop incident response protocols Use industry-standard tools like Nmap, Wireshark, Burp Suite, Metasploit , etc. Research emerging threats and recommend mitigation strategies Learn and apply OWASP Top 10 concepts and security best practices Document findings and support internal cybersecurity reporting ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or related field Basic understanding of networking, operating systems, and web security concepts Familiarity with tools such as Kali Linux, Burp Suite, Nessus, or similar Passion for ethical hacking, threat hunting, and system security Strong analytical skills and eagerness to learn Knowledge of Linux/command-line interfaces is a plus 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tasks and tools Deep understanding of cyber threats, vulnerabilities, and protection strategies Internship Certificate of Completion Letter of Recommendation for top performers Potential Full-Time Offer based on performance A portfolio of cybersecurity assessments and reports to showcase your skills Show more Show less

Tesco India • Bengaluru, Karnataka, India • Full-Time • Permanent • Apply by 13-Jun-2025 About the role Systems Engineer III - Performance Engineer What is in it for you At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles -simple, fair, competitive, and sustainable. Salary - Your fixed pay is the guaranteed pay as per your contract of employment. Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the company’s policy. Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Physical Wellbeing - Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. You will be responsible for Collaborate with product managers and developers to understand product requirements and contribute to performance-focused design discussions. Create and maintain comprehensive non-functional test cases and use cases tailored to performance testing needs. Translate NFRs into detailed performance and security test plans, including SLAs, SLOs, and capacity benchmarks. Develop detailed performance test plans, including test cases and test data, and ensure alignment with business expectations. Execute various types of performance testing such as load, stress, scalability, and endurance tests to assess system behaviour under different conditions. Analyse performance test results to identify bottlenecks and inefficiencies and provide actionable insights for resolution. Monitor system performance using diagnostic tools and provide real-time feedback during testing cycles. Automate performance tests using modern, open-source tools and scripting languages to streamline testing processes. Collaborate with DevSecOps to integrate security testing into CI/CD workflows and enforce shift-left security practices. Document and report security vulnerabilities with risk ratings, reproduction steps, and remediation guidance. Work closely with QE, DevOps, and Development teams to ensure performance and security best practices are embedded throughout the SDLC. Provide detailed test reports, dashboards, and technical documentation for stakeholders. You will need Bachelor’s degree in computer science or a related engineering discipline. 12+ years of experience in Quality Engineering preferably in retail orgs or product organisations Application Testing: Hands-on experience in performance testing of APIs, microservices, web applications, and native mobile apps. Performance Testing Tools: Proficient in industry-standard tools such as JMeter, K6, Locust, Gatling, etc for load and stress testing. Scripting & Automation: Strong programming skills in Java, Python, and Shell scripting for developing and automating performance test scripts. Monitoring & Diagnostics: Expertise in using APM and logging tools - AppDynamics, Dynatrace, Splunk, New Relic, RunScope, Grafana to monitor & analyze system performance. Cloud & Containerization: Solid understanding of cloud platforms (Azure), container orchestration (Kubernetes), and containerization (Docker) for scalable performance testing. Database Performance: Ability to analyze and optimize SQL queries and database performance; familiarity with SQL, NoSQL databases, and pub-sub messaging systems. Infrastructure Knowledge: Understanding of load balancers, infrastructure design, and application architecture in both Azure cloud and on-premises environments. Security Tools: Experience with security and vulnerability assessment tools such as Burp Suite, OWASP ZAP, Metasploit, Nessus, and Nmap. Security Best Practices: Strong grasp of OWASP Top 10, CWE/SANS Top 25, and secure coding principles. Operating Systems: Comfortable working in Linux/Unix environments. Analytical Skills: Excellent problem-solving, debugging, and troubleshooting abilities. Communication: Strong verbal and written communication skills, with the ability to convey complex technical concepts clearly. About us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations – from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built.

Job Description Must-Have Skills : Professional experience working with public cloud platforms (AWS) Expertise in Infrastructure as Code (IaC) tools such as Terraform Hands-on experience with CI/CD tools like GitLab CI/CD, GitHub Actions, or Jenkins Strong coding and scripting skills (PowerShell, Bash, Python, or equivalent) Proficiency in Configuration Management tools like Ansible, Puppet, or Chef Experience managing and troubleshooting Linux servers Strong analytical and troubleshooting skills Exposure to security best practices and remediation Familiarity with security-related tools such as Wiz and Qualys Hands-on experience in Static/Dynamic Security Testing s Penetration Testing using tools like SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP Proxy, WebInspect, Fortify, Veracode, Nessus, etc. Good-to-Have Skills Knowledge of System and Application Monitoring tools (Prometheus, Grafana, CloudWatch) Experience with Log Management tools (Elastic Stack, Graylog, Splunk) Working experience with relational databases (MySQL, MS SQL Server, or similar) Use of Secret Management services like HashiCorp Vault Understanding of Change Control procedures Main Responsibilities Deliver resilient application stacks via Infrastructure as Code and DevOps practices Monitor and support critical, high-revenue business applications Diagnose and resolve complex system and application issues Implement and maintain security best practices and remediation strategies Work with cross-functional teams including Development, QA, IT Operations, and Project Management Write and maintain technical and non-technical documentation (ref:hirist.tech) Show more Show less

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security measures. Key Responsibilities Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security : 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (e.g., PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech) Show more Show less

Background Hapag-Lloyd CISO is accountable on keeping the business secure and to safeguard customer trust by predicting, preventing, identifying, and responding to threats and make sure a quick recovery from cyber-related incidents. Whilst assisting Hapag-Lloyd management, business, and other areas, we enable our employees by providing usable and secure services and ensuring that security is part of our DNA. Our mission is to enable the company to continue doing business securely and efficiently. Hapag-Lloyd is operating in an increasingly complex environment were disruptive technologies, new types of threats and new cyber security regulations create additional cyber risks for organizations. Digitization is a top priority as customer preferences are changing towards mobile and digital and is part of Hapag-Lloyd values: “We care, We move, We deliver” , which are the heart of everything we do. Summary Of The Role We are currently seeking a dedicated and analytical Vulnerability Management Analyst to join our Cyber Resilience Fusion Center team. This role is essential for protecting our Information Technology (IT) and Operational Technology (OT) environments from potential threats and vulnerabilities. The ideal candidate will be responsible for identifying, evaluating, and reporting on security vulnerabilities within our systems and networks. Working in the Attack Surface Management (ASM) area, the Vulnerability Management Analyst plays a crucial role in maintaining the integrity, confidentiality, and availability of our IT and OT infrastructures by ensuring our systems are safeguarded against the latest threats. Responsibilities And Tasks Conduct regular scans of IT and OT systems to identify vulnerabilities and assess their potential impact. Perform thorough risk assessments on identified vulnerabilities, considering both the technical aspects and the business context. Collaborate with IT and OT teams to prioritize and facilitate the timely patching of vulnerabilities. Prepare detailed reports on vulnerability findings, including risk assessments, recommended actions, and patch management status. Develop and maintain Vulnerability Management policies, procedures, and related documentation to ensure consistent and effective practices. Stay abreast of the latest cybersecurity threats and vulnerabilities, incorporating this intelligence into Vulnerability Management processes. Communicate effectively with various stakeholders, including IT and OT teams, management, and external partners, to ensure a comprehensive understanding of vulnerabilities, impacts, and mitigation strategies. Provide expertise and support during cybersecurity incidents related to vulnerabilities. Assist in compliance efforts and audits, ensuring that Vulnerability Management practices meet industry standards and regulatory requirements. Regularly review and recommend improvements to the Vulnerability Management program to enhance security posture. Requirements And Qualifications Master’s or bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cybersecurity, or related field. Minimum of 3 years of experience in Cybersecurity, specifically in Vulnerability Management, risk assessment, or a similar role. Strong understanding of both Information Technology (IT) and Operational Technology (OT) systems and their unique security challenges. Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7) and familiarity with security frameworks (e.g., NIST, ISO 27001). Ability to analyze vulnerability data, assess risks, and prioritize responses based on potential impact. Excellent written and verbal communication skills, with the ability to explain technical details to non-technical stakeholders. Relevant certifications such as CEH, Security+, PenTest+, GSEC are desired. Good understanding of Windows, UNIX and Linux operating systems functions and security. Ability to clearly convey results in formal technical reports and deliver briefings to senior staff, technical specialists, and management, including CISO and C-Suite. Excellent soft skills – team building, conflict resolution, empathy, motivation, creativity, flexibility. Experience working in Supply Chain, Logistics, Shipping/Transport sectors is a plus. Creative and flexible mindset. Responsive and able to take responsibility for actions & deliverables. Stick to commitments and hold each other accountable. Ability to work collaboratively in a team environment and with employees from various departments. Excellent oral and written English communication skills. Show more Show less

The world's top banks use Zafin's integrated platform to drive transformative customer value. Powered by an innovative AI-powered architecture, Zafin's platform seamlessly unifies data from across the enterprise to accelerate product and pricing innovation, automate deal management and billing, and create personalized customer offerings that drive expansion and loyalty. Zafin empowers banks to drive sustainable growth, strengthen their market position, and define the future of banking centered around customer value. Qualifications Required . Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell, Azure CLI, Python, or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001, SOC 2, GDPR, or HIPAA. Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. What's in it for you Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin's privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice. Show more Show less

Title The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions that impact the entire company. An ideal candidate for this role is technical, dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously. Overview Medpace is a full-service clinical research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Responsibilities Engineer security solutions without oversight and collaborate with multiple departments; Analyze security systems and seek improvements on a continuous basis; Research vulnerabilities, perform vulnerability scanning, and mitigate threats; Develop security best practices and policies for the organization; Document new processes, cross-train coworkers, and assist employees on security-related matters; Provide security awareness training and testing for employees to verify proper security protocols are being followed; Staying current with cybersecurity knowledge by participating in educational opportunities, reading professional publications, and participating in professional organizations; Performing cyber security incident response, and remediation activities; and Facilitate access reviews of company data and revoke inappropriate/overprovisioned access in order to drive least privilege access. Qualifications Require at least a bachelor’s degree preferably in Information Technology; Require a minimum of at least 2 years of experience in implementing Information Security solutions; Understanding of security best practices and how to implement them at a business-wide level; Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following: SIEM Privileged Access Management/Identity Access Management/Multifactor Authentication Endpoint Detection & Response Network Access Control Cloud based architecture such as Azure/AWS Active Directory Soft skills including excellent communication skills, critical thinking skills with the ability to solve problems as they arise, and ability to prioritize projects; and Basic scripting skills, such as PowerShell/Python scripting. Nice to have: Experience with vulnerability assessment tools such as Nessus and Tenable; Experience with enterprise web proxy solutions, web filters, and VPN; Experience with email security solutions; Experience with firewall and network architecture; Experience with administrating Windows environment including GPO and servers; Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPAA, GDPR, SOC Type 2, etc; and Auditing and policy-writing experience. People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we’ve done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Medpace Perks Flexible work environment Competitive compensation and benefits package Competitive PTO packages Structured career paths with opportunities for professional growth Company-sponsored employee appreciation events Employee health and wellness initiatives Awards Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What to Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.