776 Nessus Jobs - Page 24

Role: Senior Security Specialist Location : Bangalore Working Model : Hybrid Final Round Interview : F2F Summary of essential job functions The overall responsibility of the team is to provide assurance to the management on the Information Security, Compliance and Risk Management of the organization globally. The candidate would be expected to lead security assessments of Products and Infrastructure globally. Education, Certification and Experience: Qualification Required: Bachelor/Master’s degree in Computer/ Information science, Software Engineering, Cybersecurity, or a related field Certification preferred: OSCP, OSWE, OSEP, ECSA|LPT, CPT, CEH Minimum experience: 08-10 years in Vulnerability Assessment and Penetration Testing- Thin & Thick Client, API , Infrastructure, Cloud, Mobile Competency Requirements: Performs a combination of duties in accordance with departmental guidelines: Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) for Web, APIs, AI/ML models, Mobile , Network, and Infrastructure. Strong command of OWASP Top 10 with practical knowledge of attack vectors and mitigation strategies. Familiarity with industry standards and frameworks such as OSSTMM, OQASP, CESG, CREST, NIST, ISSAF, and PTES. Expertise in Secure Development Lifecycle (SDLC), including Threat Modeling, Secure Coding Practices, and Security Assessments. Proficient in both Static and Dynamic Application Security Testing (SAST, DAST, IAST), and Software Composition Analysis (SCA). Experience conducting secure code reviews and identifying logic flaws in code bases written in Java, .NET, C/C++, Python, etc. Knowledge of cryptographic protocols, secure communication, data security and key management. Hands-on with commercial and open-source tools: Burp Suite, OWASP ZAP, Acunetix, AppSpider,SQLMap, Nmap, Metasploit, Nessus, OpenVAS, Fortify, Checkmarx, Veracode, SonarQube, NexusIQ and Snyk. Proficient in assessing mobile applications (thick/hybrid clients) using tools like Dex2jar, ADB, Frida. Exposure to AuthN/AuthZ protocols such as OAuth, SAML, OIDC; ability to read, write, and interpret application logic. Familiarity with vulnerability standards: CVSS, CVE, CWE, CAPEC; and patch management lifecycle. Experience automating tasks via shell scripting and Python/Ruby/Php etc. Proficiency in secure code development and reviewing DAST/SAST reports across languages. Understanding security aspects in AWS, Azure, and GCP including IAM, VPC/VNet, S3/Blob storage, API gateway, Load Balancers, WAF, Containers (Docker), and Kubernetes. Experience in infrastructure/network penetration testing and exploitation techniques on Windows/Linux environments. Experience in mentoring, leading teams, and managing security assessments under tight deadlines. Manage third-party security assessments, including vendor risk evaluations, engagement oversight, and ensuring compliance with organizational security standards. Proven ability to provide technical oversight and drive engagement quality across security projects. Exposure to agile/scrum development methodologies and ability to work with cross-functional teams. Familiarity with security standards like PCI DSS, SOC, ISO 27001. Participation in bug bounty program and CTFs is a strong plus. Proactive learning approach, staying updated with evolving cybersecurity trends and technologies. Job Responsibilities: Plan, conduct, and close end-to-end Vulnerability Assessments and Penetration Tests for Web Applications, APIs, Mobile Apps, Thick Clients, Infrastructure, and Cloud environments. Perform both manual and automated security assessments to identify, validate, and prioritize vulnerabilities. Review application code in various programming languages and provide actionable remediation recommendations. Reproduce reported vulnerabilities with proof-of-concept (PoC) and assess associated risks. Evaluate new security tools and products for adoption and integration. Guide development teams on Secure Coding standards and OWASP-aligned practices. Lead and contribute to secure SDLC processes, threat modeling workshops, and risk reviews. Manage and triage security bugs from Bug Bounty programs, working closely with engineering teams to ensure timely resolution. Maintain and improve the security posture of applications across business units, aligning with best practices. Act as a security advisor on project teams, influencing architecture and design decisions. Drive security awareness initiatives and conduct training sessions for developers and QA teams. Update and maintain InfoSec policies and procedures in line with emerging threats, technologies, and compliance requirements; provide support to both internal and external auditors during security assessments and audits. Other Requirements: Strong ethics and understanding of ethics in business and information security. Proficiency in English (both written and oral communication skills). Ability to complete tasks and deliver professionally written reports for clients. Ability to present findings to technical staff and executives. Ability to interact with 247 internal stakeholders to review their requirements. Should be able to think “out of the box” and implement new attack vectors. Self-motivated, curious, knowledgeable pertaining to news and current events Show more Show less

Job Title: Penetration Tester Location: Remote Experience Required: 5 Years Employment Type: Full-Time Job Summary: We are seeking a highly skilled and experienced Senior Penetration Tester with 5 years of hands-on experience in offensive security. The ideal candidate will be responsible for conducting advanced security assessments, simulating real-world cyberattacks, and providing actionable recommendations to enhance the organization’s security posture. This role demands deep technical expertise, strong analytical skills, and the ability to communicate effectively with both technical and non-technical stakeholders. Key Responsibilities: Plan, execute, and document black-box, grey-box, and white-box penetration tests across various environments (web apps, networks, APIs, mobile, cloud, etc.) Conduct Red Team/Blue Team exercises and collaborate with threat hunters and SOC teams. Identify, exploit, and report vulnerabilities in systems, applications, and infrastructure. Develop and maintain custom exploitation tools, scripts, and payloads . Perform social engineering engagements , including phishing simulations and physical assessments (where applicable). Provide detailed, risk-based reporting , including technical findings, proof-of-concept exploits, and remediation guidance. Stay current with emerging threats, vulnerabilities, and tools in the cybersecurity domain. Mentor junior team members and contribute to the development of internal testing methodologies and frameworks. Participate in threat modeling, architecture reviews, and security design discussions . Required Skills and Qualifications: 5 years of professional experience in penetration testing, red teaming, or offensive security . Proficiency in tools such as Burp Suite, Metasploit, Nmap, Wireshark, Cobalt Strike, Nessus, etc. Deep understanding of OWASP Top 10 , MITRE ATT&CK , and NIST security frameworks . Strong knowledge of network protocols, web application architectures, cloud environments (AWS/Azure/GCP), and secure coding practices. Experience with manual testing techniques and not just automated scanners. Strong scripting and automation skills in Python, PowerShell, Bash, or Go . Experience with Active Directory exploitation , privilege escalation, and lateral movement techniques. Demonstrated ability to write clear, concise, and detailed technical reports. Strong verbal and written communication skills. Preferred Certifications (any of the following): Offensive Security Certified Professional (OSCP) Offensive Security Certified Expert (OSCE) Certified Red Team Professional (CRTP) GIAC Penetration Tester (GPEN) Certified Ethical Hacker (CEH) CREST Registered Tester or equivalent Show more Show less

Key Responsibilities JOB DESCRIPTION Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. Collaboration and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications And Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable. Show more Show less

About Us Yubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility. From being a disruptor in India’s debt market to marching towards global corporate markets from one product to one holistic product suite with seven products Yubi is the place to unleash potential. Freedom, not fear. Avenues, not roadblocks. Opportunity, not obstacles. About Us Yubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility. From being a disruptor in India’s debt market to marching towards global corporate markets from one product to one holistic product suite with seven products Yubi is the place to unleash potential. Freedom, not fear. Avenues, not roadblocks. Opportunity, not obstacles. About Yubi Yubi, formerly known as CredAvenue, is redefining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfillment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it. In March 2022, we became India's fastest fin-tech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million. In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest, and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance. Yubi Credit Marketplace - With the largest selection of lenders on one platform, our credit marketplace helps enterprises partner with lenders of their choice for any and all capital requirements. Yubi Invest - Fixed-income securities platform for wealth managers & financial advisors to channel client investments in fixed income Financial Services Platform - Designed for financial institutions to manage co-lending partnerships & asset-based securitization Spocto - Debt recovery & risk mitigation platform Accumn- Dedicated SaaS solutions platform powered by Decision-grade data, Analytics, Pattern Identifications, Early Warning Signals and Predictions to Lenders, Investors and Business Enterprises So far, we have on-boarded over 17000+ enterprises, 6200+ investors & lenders, and have facilitated debt volumes of over INR 1,40,000 crore. Backed by marquee investors like Insight Partners, B Capital Group, Dragoneer, Sequoia Capital, LightSpeed, and Lightrock, we are the only-of-its-kind debt platform globally, revolutionizing the segment. At Yubi, People are at the core of the business and our most valuable assets. Yubi is constantly growing, with 1000+ like-minded individuals today, changing how people perceive debt. We are a fun bunch who are highly motivated and driven to create a purposeful impact. Come, join the club to be a part of our epic growth story. Role Description: This role is a senior position equivalent to a Level 3 SOC analyst. In this role, You are expected to manage the Cyber Defence Centre (SOC), which is a 24/7 environment. Handle security incidents and able to provide rapid response with a deep understanding of IT & Network Infrastructure tools and Technologies. Primary Responsibilities: Member of a critical role in our cyber security function to ensure enterprise and client data is secure and private. You will help provide 24x7 monitoring for the organization by acting as the first line of defense against potentially malicious events. Support the Security Operations Centre with enhancing SOC tools including the design/improvement of working practices and incident responses Threat Hunting - Analyses security system logs, security tools, and available data sources on a day-to-day basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning. Performs research into emerging threat sources and develops threat profiles. Keep updated on the latest cybersecurity threats. Has a sound understanding of SIEM, PAM, CASB, EDR, other threat detection platforms, and Incident Response tools. Develop and execute a crisis communication plan for CXO and other stakeholders. Measures SOC performance metrics and communicates the value of security operations to business leaders. Requirements Requirements: Security Incident Response and Handling techniques Log management and filtering solutions Windows Server-based systems including DNS, DHCP, IIS, NPS, RDS, DFS, Hyper-V Cloud platforms (i.e. Azure / AWS) VMware and similar virtualization technologies Virtualization principles &aTechnologies PKI Networking principles Working knowledge of compliance standards such as ISO27001, PCI-DSS & Cyber Essentials Plus SIEM Tools Nessus or other Vulnerability management tool Security principles and operations Firewall, IDS/IPS configuration Email and Web filtering services and configuration Preferred Qualification Bachelor’s Degree in computer science with a minimum of 7 years related experience. Experience working in or with a Security Operations Centre and managing security issues and incidents. Benefits We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, or age. Show more Show less

Job Description We are seeking a highly skilled and motivated Technical Security Professional specializing in Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and Web Application Security. As a member of our team, you will be responsible for ensuring the security and integrity of our systems, applications, and networks. Responsibilities  Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities.  Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products.  Assess and enhance API security by evaluating API designs, configurations, and implementations for potential security risks and vulnerabilities.  Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls.  Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities.  Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies.  Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks.  Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications. Requirements:  Bachelor's degree in Computer Science, Information Security, or a related field. (Master degree preferred)  5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications.  4 to 7 years of experience in performing Source Code Reviews for web applications and software products.  Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc.  Strong understanding of web application security principles, common vulnerabilities (e.g., OWASP Top 10), and mitigation techniques.  Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms.  Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.).  Knowledge of cloud security and DevSecOps processes.  Excellent analytical and problem-solving skills with the ability to identify and mitigate complex security risks and vulnerabilities.  Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams and stakeholders.  Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred.

Hi All, Greetings from Shivsys Softwares Pvt Ltd We are hiring for Product Security Engineer Role: Product Security Engineer Experience: 3+ Years Location: Noida Job Description: Security Specialist in areas of Security Vulnerability Assessment & Penetration Testing. Responsible for periodic assessment and implementation of remediation with the help of node owners. Job Key Tasks & Responsibilities: · Experience in developing trailored Vulnerability Assessment Profiles in collaboration with clients, outlining assessment scope, methodologies, risk assessment criteria, and reporting structures. · Have created and configured custom scan policies for vulnerability scanners, ensuring accurate, tailored scans to meet organizational needs and risk tolerance. · Configure scan policies for full network scans, application scans, compliance checks, and sensitive data exposure detection. · Performed both authenticated and unauthenticated scans across telecom networks and cloud environments (VNF, CNF). Troubleshooting and debugging scans. · Performed automated and manual scans against the CIS Benchmarks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure compliance with industry best practices. · Performed comprehensive risk triage by analyzing vulnerability reports, verifying false positives, and assigning accurate severity levels to vulnerabilities based on CVSS matrix. · Evaluate the impact of vulnerabilities and prioritize vulnerabilities based on CVSS scoring and considering exploitability in telecom environments (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G). · Perform cloud-specific vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes). · Provide remediation recommendations based on scan findings, including patching, work arounds, configuration hardening, and compensating controls. · Worked on remediation of non-compliant configurations and security issues based on CIS recommendations. · Experience in threat intelligence gathering to identify known exploits and determine the current exploitation risk of vulnerabilities (e.g., availability of exploit POC, exploit in wild). · Experience of working in ticketing tools i.e. ServiceNow, Jira. · Proficiency in Linux, Windows, and cloud security hardening. · Knowledge security frameworks and standards (e.g., NIST, ISO 27001, CIS) Experience & Certification: · Minimum 3+ years of relevant experience in a combination of security and operations technology jobs · Vulnerability Scanning tools: Nessus, Qualys, OpenVAS · Cloud Scanning Tools: Redhat ACS, Anchore, Trivy · Ticketing Systems: Jira, ServiceNow, Remedy Telecom Expertise: Telecom architecture(2G,3G,4G,5G), Nokia Nodes and functionalities You can also drop your updated CV at karan.prajapati@shivsys.com Show more Show less

Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll Be Doing – Your Accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The Skills You Need Pentest Skills – Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills – TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership Accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience You Would Be Expected To Have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelor’s degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED. BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading to a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency Work closely with the network team to implement and maintain network access control technologies Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks Expertise in shell scripting and other programming languages, such as Python and/or Power Shell Proficiency in understanding and using regular expressions (regex) Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001 Guide the network and operations teams in implementing security best practices Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management Support the efforts to develop operational best practice procedural documentation for operations staff Assist in the development and documentation of various systems, policies, procedures, and customer deliverables Research new products and make appropriate recommendations Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed Conduct on-going security assessments, document and track findings and remediation activities Provide on-call support as needed Ideal candidates should be able to work 9am – 6pm ET (US Hours) Qualifications BS in Computer Science, Engineering or related field desired Minimum 3 years of experience supporting enterprise level environment Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc. Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS Working knowledge of firewall and web filtering technologies Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment Excellent verbal and written communication, presentation, and interpersonal skills Able to define, document and support systems, policies, and procedures Excellent analytic, problem solving and troubleshooting skills Good knowledge and experience designing network, system and application security architectures Ability to efficiently handle multiple projects with shifting priorities Able to anticipate and mitigate risks as well as define architectural solutions Additional Information The recruitment process includes online assessments as a first step. We send them via e-mail, please check also your SPAM folder. We work from Pune office. Show more Show less

Staff Site Reliability Engineer Bengaluru, India Okta s Workforce Identity Cloud Security Engineering group is looking for an experienced and passionate Staff Site Reliability Engineer to join a team focused on designing and developing Security solutions to harden our cloud infrastructure. We embrace innovation and pave the way to transform bright ideas into excellent security solutions that help run large-scale, critical infrastructure. We encourage you to prescribe defense-in-depth measures, industry security standards and enforce the principle of least privilege to help take our Security posture to the next level. Our Infrastructure Security team has a niche skill-set that balances Security domain expertise with the ability to design, implement, rollout infrastructure across multiple cloud environments without adding friction to product functionality or performance. We are responsible for the ever-growing need to improve our customer safety and privacy by providing security services that are coupled with the core Okta product. This is a high-impact role in a security-centric, fast-paced organization that is poised for massive growth and success. You will act as a liaison between the Security org and the Engineering org to build technical leverage and influence the security roadmap. You will focus on engineering security aspects of the systems used across our services. Join us and be part of a company that is about to change the cloud computing landscape forever. As a Staff Engineer, you should be able to identify gaps, propose innovative solutions, and contribute to roadmaps while driving alignment across multiple teams within the organization. Additionally, you should serve as a role model, providing technical mentorship to junior team members and fostering a culture of learning and growth. You will work on: Designing, building, running, and monitoring Okta's production infrastructure Be an evangelist for security best practices and also lead initiatives/projects to strengthen our security posture for critical infrastructure Responding to production incidents and determining how we can prevent them in the future Triaging and troubleshooting complex production issues to ensure reliability and performance Identifying and automating manual processes Continuously evolving our monitoring tools and platform Promoting and applying best practices for building scalable and reliable services across engineeringDeveloping and maintaining technical documentation, runbooks, and procedures Supporting a 24x7 online environment as part of an on-call rotation Be a technical SME for a team that designs and builds Okta's production infrastructure, focusing on security at scale in the cloud. You are an ideal candidate if you: Are always willing to go the extra mile: see a problem, fix the problem. Are passionate about encouraging the development of engineering peers and leading by example. Have experience automating, securing, and running large-scale production IAM and containerized services in AWS (EC2, ECS, KMS, Kinesis, RDS), GCP (GKE, GCE) or other cloud providers. Have deep knowledge of CI/CD principles, Linux fundamentals, OS hardening, networking concepts, and IP protocols. Have a deep understanding and familiarity with configuration management tools like Chef and Terraform. Have expert-level abilities in operational tooling languages such as Ruby, Python, Go and shell, and use of source control. Experience with industry-standard security tools like Nessus, Qualys, OSQuery, Splunk, etc. Experience with Public Key Infrastructure (PKI) and secrets management Bonus points for: Experience conducting threat assessments, and assessing vulnerabilities in a high-availability setting. Understand MySQL, including replication and clustering strategies, and are familiar with data stores such as DynamoDB, Redis, and Elasticsearch. Minimum Required Knowledge, Skills, Abilities, and Qualities: 6+ years of experience architecting and running complex AWS or other cloud networking infrastructure resources 6+ years of experience with Chef and Terraform Unflappable troubleshooting skills Proven experience in collaborating across teams to deliver complex horizontal projects Strong Linux understanding and experience. Strong security background and knowledge. BS In computer science (or equivalent experience).

Job Description We are seeking a highly skilled and motivated Technical Security Professional specializing in Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and Web Application Security. As a member of our team, you will be responsible for ensuring the security and integrity of our systems, applications, and networks. Responsibilities  Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities.  Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products.  Assess and enhance API security by evaluating API designs, configurations, and implementations for potential security risks and vulnerabilities.  Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls.  Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities.  Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies.  Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks.  Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications. Requirements:  Bachelor's degree in Computer Science, Information Security, or a related field. (Master degree preferred)  5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications.  4 to 7 years of experience in performing Source Code Reviews for web applications and software products.  Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc.  Strong understanding of web application security principles, common vulnerabilities (e.g., OWASP Top 10), and mitigation techniques.  Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms.  Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.).  Knowledge of cloud security and DevSecOps processes.  Excellent analytical and problem-solving skills with the ability to identify and mitigate complex security risks and vulnerabilities.  Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams and stakeholders.  Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cloud security at PwC, you will be responsible for designing, implementing and elevating the security posture across our clients’ cloud environments, covering IaaS, PaaS and SaaS. Your work will involve having a deep technical knowledge of cloud security and you will work with one or more Cloud Service Providers (CSP) to implement security protocols, monitor for potential security breaches, conduct risk assessments and vulnerability testing of cloud-based systems, and stay up to date with the latest security threats and trends in cloud technology. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Responsibilities: ▪ Working experience as a Penetration Testing Expert for 2+ year(s) ▪ Hands on experience with security testing frameworks such as the PTES, OWASP, OSSTMM, SANS. ▪ In-depth knowledge of application development processes and at least one programming and one scripting language (e.g., Java, Scala, C#, Javascript, Angular, ReactJs, Ruby, Perl, Python, Shell). ▪ Knowledge on OS security (Windows, Unix/Linux systems, Mac OS, VMware), network security and cloud security. ▪ Hands on experience in BurpSuite, Nessus, Checkmarx, Acunetix and Kali linux penetration testing tools ▪ One of the certifications – OSWE/OSCP/OSCE/eJPT/CPENT- ECCouncil /LPT(Licensed Penetration Tester-ECCouncil)/GPEN(GIAC Penetration Tester)/ GWAPT(GIAC Web Application Penetration Tester) Mandatory Skill Sets: Penetration Testing Security testing frameworks such as the PTES, OWASP, OSSTMM, SANS OS security BurpSuite, Nessus, Checkmarx, Acunetix and Kali linux penetration testing tools Preferred Skill Sets: One of the certifications – OSWE/OSCP/OSCE/eJPT/CPENT- ECCouncil /LPT(Licensed Penetration Tester-ECCouncil)/GPEN(GIAC Penetration Tester)/ GWAPT(GIAC Web Application Penetration Tester) Years Of Experience Required: 2+ years Education Qualification: Graduation in EC or CS or IT or Information Security or Cyber Security or MCA. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master Degree - Computer Applications Degrees/Field Of Study Preferred: Certifications (if blank, certifications not specified) Required Skills Penetration Testing Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

This role involves the development and application of engineering practice and knowledge in designing, managing and improving the processes for Industrial operations, including procurement, supply chain and facilities engineering and maintenance of the facilities. Project and change management of industrial transformations are also included in this role. - Grade Specific Focus on Industrial Operations Engineering. Develops competency in own area of expertise. Shares expertise and provides guidance and support to others. Interprets clients needs. Completes own role independently or with minimum supervision. Identifies problems and relevant issues in straight forward situations and generates solutions. Contributes in teamwork and interacts with customers. Skills (competencies)

Okta s Workforce Identity Cloud Security Engineering group is looking for an experienced and passionate Senior Site Reliability Engineer to join a team focused on designing and developing Security solutions to harden our cloud infrastructure. We embrace innovation and pave the way to transform bright ideas into excellent security solutions that help run large-scale, critical infrastructure. We encourage you to prescribe defense-in-depth measures, industry security standards and enforce the principle of least privilege to help take our Security posture to the next level. Our Infrastructure Security team has a niche skill-set that balances Security domain expertise with the ability to design, implement, rollout infrastructure across multiple cloud environments without adding friction to product functionality or performance. We are responsible for the ever-growing need to improve our customer safety and privacy by providing security services that are coupled with the core Okta product. This is a high-impact role in a security-centric, fast-paced organization that is poised for massive growth and success. You will act as a liaison between the Security org and the Engineering org to build technical leverage and influence the security roadmap. You will focus on engineering security aspects of the systems used across our services. Join us and be part of a company that is about to change the cloud computing landscape forever. Bring all the passion and dedication along and there s no telling what you could accomplish! You will work on: Building, running, and monitoring Okta's production infrastructure Be an evangelist for security best practices and also lead initiatives/projects to strengthen our security posture for critical infrastructure Responding to production incidents and determining how we can prevent them in the future Triaging and troubleshooting complex production issues to ensure reliability and performance Identifying and automating manual processes Continuously evolving our monitoring tools and platform Promoting and applying best practices for building scalable and reliable services across engineering Developing and maintaining technical documentation, runbooks, and procedures Supporting a 24x7 online environment as part of an on-call rotation You are an ideal candidate if you: Are always willing to go the extra mile: see a problem, fix the problem. Have experience automating, securing, and running large-scale production IAM and containerized services in AWS (EC2, ECS, KMS, Kinesis, RDS), GCP (GKE, GCE) or other cloud providers. Have knowledge of CI/CD principles, Linux fundamentals, OS hardening, networking concepts, and IP protocols. Have an understanding and familiarity with configuration management tools like Chef and Terraform. Have experience in operational tooling languages such as Ruby, Python, Go and shell, and use of source control. Experience with industry-standard security tools like Nessus, Qualys, OSQuery, Splunk, etc. Experience with Public Key Infrastructure (PKI) and secrets management Bonus points for: Experience conducting threat assessments, and assessing vulnerabilities in a high-availability setting. Understand MySQL, including replication and clustering strategies, and are familiar with data stores such as DynamoDB, Redis, and Elasticsearch. Minimum Required Knowledge, Skills, Abilities, and Qualities: 3+ years of experience architecting and running complex AWS or other cloud networking infrastructure resources 3+ years of experience with Chef and Terraform Unflappable troubleshooting skills Strong Linux understanding and experience. Security background and knowledge. BS In computer science (or equivalent experience). This role requires in-person onboarding and travel to our Bengaluru, IN office during the first week of employment."

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

About Us Yubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility. From being a disruptor in India’s debt market to marching towards global corporate markets from one product to one holistic product suite with seven products Yubi is the place to unleash potential. Freedom, not fear. Avenues, not roadblocks. Opportunity, not obstacles. About Us Yubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility. From being a disruptor in India’s debt market to marching towards global corporate markets from one product to one holistic product suite with seven products Yubi is the place to unleash potential. Freedom, not fear. Avenues, not roadblocks. Opportunity, not obstacles. About Yubi Yubi, formerly known as CredAvenue, is redefining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfillment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it. In March 2022, we became India's fastest fin-tech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million. In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest, and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance. Yubi Credit Marketplace - With the largest selection of lenders on one platform, our credit marketplace helps enterprises partner with lenders of their choice for any and all capital requirements. Yubi Invest - Fixed-income securities platform for wealth managers & financial advisors to channel client investments in fixed income Financial Services Platform - Designed for financial institutions to manage co-lending partnerships & asset-based securitization Spocto - Debt recovery & risk mitigation platform Accumn- Dedicated SaaS solutions platform powered by Decision-grade data, Analytics, Pattern Identifications, Early Warning Signals and Predictions to Lenders, Investors and Business Enterprises So far, we have on-boarded over 17000+ enterprises, 6200+ investors & lenders, and have facilitated debt volumes of over INR 1,40,000 crore. Backed by marquee investors like Insight Partners, B Capital Group, Dragoneer, Sequoia Capital, LightSpeed, and Lightrock, we are the only-of-its-kind debt platform globally, revolutionizing the segment. At Yubi, People are at the core of the business and our most valuable assets. Yubi is constantly growing, with 1000+ like-minded individuals today, changing how people perceive debt. We are a fun bunch who are highly motivated and driven to create a purposeful impact. Come, join the club to be a part of our epic growth story. Role Description Senior SOC Engineer This role is a senior position equivalent to a Level 3 SOC analyst. In this role, You are expected to manage the Cyber Defence Centre (SOC) is a 24/7 environment. Handle security incidents and provide rapid response with a deep understanding of IT & Network Infrastructure tools and Technologies. Primary Responsibilities: Member of a critical role in our cyber security function to ensure enterprise and client data is secure and private. You will help provide 24x7 monitoring for the organization by acting as the first line of defence against potentially malicious events. Support the Security Operations Centre with enhancing SOC tools including design/improvement of working practices and incident responses. Threat Hunting - Analyses security system logs, security tools, and available data sources on a day-to-day basis to identify attacks against the enterprise and report on any irregularities, or issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning. Performs research into emerging threat sources and develops threat profiles. Keep updated on the latest cybersecurity threats. Has a sound understanding of SIEM, PAM, CASB, EDR, other threat detection platforms, and Incident Response tools. Develops and executes crisis communication plan for CXO and other stakeholders. Measures SOC performance metrics and communicates the value of security operations to business leaders. Requirements Requirements GCTI, GCDA certification Security Incident Response and Handling techniques Log management and filtering solutions Windows Server based systems including DNS, DHCP, IIS, NPS, RDS, DFS, Hyper-V Cloud platforms (i.e. Azure / AWS) VMware and similar virtualisation technologies Virtualization principles & technologies PKI Networking principles Working knowledge of compliance standards such as ISO27001, PCI-DSS & Cyber Essentials Plus SIEM Tools Nessus or other Vulnerability management tool Security principles and operations Firewall, IDS/IPS configuration Email and Web filtering services and configuration Preferred Qualification Bachelor’s Degree in computer science with minimum of 7 years related experience. Experience of working in or with a Security Operations Centre and managing security issues and incidents. Benefits We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, or age. Show more Show less

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 768176

Job Description Summary We are looking for a smart, security-minded, enthusiastic and friendly cyber security advisor who can work collaboratively with development teams to complete design and SDLC work for Products and Systems. Product Cyber-security Specialist is responsible for the analysis of controllers, systems for cyber security requirements. Conduct tests to verify Cyber security levels and recommend mitigation plans for products, systems during product development stages. As a member of a global and matrixed team, she/he will also be responsible for guiding secure design, testing of different products, control systems. Job Description Essential Responsibilities Involve in reviews, suggest changes, conduct tests to ensure systems, controllers to meet Cyber security requirements. Facilitate decisions and bring teams together to design and document software architecture, modularity, and future- proofing. Support/Involve development of proofs-of-concept to prove out strategy and manage development and product risks. Support production of technical documentation for software architecture, design, verification plans. Engage with development teams and ensure all software developed is compliant to Cyber-security requirements. Collaborate with a team of controls and system engineers developing operational technology software for various subsystems. The position requires an understanding of OT System, cloud application architecture and conversant with all Cyber security requirements. This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. Work with multiple teams in different location to identify vulnerability, suggest remediation to the software to meet customer requirements. Contribute to multi-generation product and tool planning. Qualifications/Requirements Bachelor in computer science/Cyber Security or relevant engineering or equivalent knowledge / experience with 0-1 Years of Experience. Good understanding in Cyber security for Controller, Systems in OT Space. Familiar with penetration testing for Controllers, Systems, Web software’s, CAPEC, Ethical hacking. Good Knowledge/worked on Cyber security tools and solutions like Wireshark, NESSUS, Burp Suite, Nmap, Nozomi, Claroty, Splunk, Acronis, Ivanti, etc. Knowledge in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing. Knowledge on web technologies like JavaScript, jQuery, AJAX, JSON, AngularJS, Angular 6, NodeJs, Spring, Hibernate, Spring boot, MVC, RESTful Web Services, Flux, SOAP will be an added advantage. Knowledge on database RDBMS, MySQL NoSQL databases will be an added advantage. Software component: MS Visual Studio, MS Office, MS Visio, SVN, GitHub Linux and Windows OS Familiar with ISA 624443, NIST 800 standards will be an added advantage. Familiar on active directory, certificate management and hardening w.r.t CIS benchmarks for critical assets like switches, windows-based workstation and controllers. Familiar with threat modelling and risk assessment for OT products Additional Information Relocation Assistance Provided: Yes

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage Job Type: Full-time Pay: Up to ₹1,800,000.00 per year Schedule: Monday to Friday UK shift Work Location: In person Speak with the employer +91 9429521724

Job Description Role Profile: The Cyber and IT Audit Manager will oversee IT and cybersecurity audits, managing a team of auditors to assess IT processes and Operational Technology (OT) environments. The manager will ensure audits are aligned with the company’s strategic objectives and regulatory requirements, with a focus on delivering value and identifying critical risks in IT and cybersecurity. This role includes responsibility for overseeing security assessments and implementing audit methodologies that support continuous improvement. Responsibilities ' Manage and execute a portfolio of IT and cybersecurity audits, focusing on complex audits related to IT general controls, cybersecurity frameworks, and OT environments. Oversee medium complexity security assessments for IT and OT systems, ensuring comprehensive audit coverage. Collaborate with the CAE, IT audit Director and IT stakeholders to build an audit pipeline, addressing emerging risks and identifying areas for process improvement. Lead the development of audit programs and methodologies, ensuring alignment with industry best practices and regulatory frameworks (e.g., NIST, COBIT, IEC 62443). Manage audit staff, providing guidance and ensuring adherence to professional standards (IIA, ITGC). Present audit findings to senior management, communicating risks, recommendations, and opportunities for improvement. Qualifications ' 7+ years of experience in IT auditing, cybersecurity, and OT systems. Proven experience managing audits and teams, with a focus on IT governance, cybersecurity, and risk management. Expertise with security assessment tools (e.g., Nmap, Nessus, Kali Linux, Metasploit, Burp Suite) and audit methodologies for IT and OT systems. Strong understanding of industry frameworks (NIST, COBIT, ISO 27001, MITRE ATT&CK) and IEC 62443 for OT environments. OT knowledge and experience is highly desirable. Certifications such as CISSP, CISA, CISM, OSCP, OSWP, CRTP, CEH, HTB CPTS, HTB CBBH, HTB CWEE are preferred. Bachelor’s or Master’s degree in Information Technology, Cybersecurity, or related disciplines. Strong leadership, project management, and communication skills, with the ability to influence stakeholders at all levels. At Nextracker, we are leading in the energy transition, providing the most comprehensive portfolio of intelligent solar tracker and software solutions for solar power plants, as well as strategic services to capture the full value of solar power plants for our customers. Our talented worldwide teams are transforming PV plant performance every day with smart technology, data monitoring and analysis services. For us at Nextracker, sustainability is not just a word. It's a core part of our business, values and our operations. Our sustainability efforts are based on five cornerstones: People, Community, Environment, Innovation, and Integrity. We are creative, collaborative and passionate problem-solvers from diverse backgrounds, driven by our shared mission to provide smart solar and software solutions for our customers and to mitigate climate change for future generations. Culture is our Passion Show more Show less

Okta s Workforce Identity Cloud Security Engineering group is looking for an experienced and passionate Senior Site Reliability Engineer to join a team focused on designing and developing Security solutions to harden our cloud infrastructure. We embrace innovation and pave the way to transform bright ideas into excellent security solutions that help run large-scale, critical infrastructure. We encourage you to prescribe defense-in-depth measures, industry security standards and enforce the principle of least privilege to help take our Security posture to the next level. Our Infrastructure Security team has a niche skill-set that balances Security domain expertise with the ability to design, implement, rollout infrastructure across multiple cloud environments without adding friction to product functionality or performance. We are responsible for the ever-growing need to improve our customer safety and privacy by providing security services that are coupled with the core Okta product.This is a high-impact role in a security-centric, fast-paced organization that is poised for massive growth and success. You will act as a liaison between the Security org and the Engineering org to build technical leverage and influence the security roadmap. You will focus on engineering security aspects of the systems used across our services. Join us and be part of a company that is about to change the cloud computing landscape forever. Bring all the passion and dedication along and there s no telling what you could accomplish! You will work on: Building, running, and monitoring Okta's production infrastructure Be an evangelist for security best practices and also lead initiatives/projects to strengthen our security posture for critical infrastructure Responding to production incidents and determining how we can prevent them in the future Triaging and troubleshooting complex production issues to ensure reliability and performance Identifying and automating manual processes Continuously evolving our monitoring tools and platform Promoting and applying best practices for building scalable and reliable services across engineering Developing and maintaining technical documentation, runbooks, and procedures Supporting a 24x7 online environment as part of an on-call rotation You are an ideal candidate if you: Are always willing to go the extra milesee a problem, fix the problem. Have experience automating, securing, and running large-scale production IAM and containerized services in AWS (EC2, ECS, KMS, Kinesis, RDS), GCP (GKE, GCE) or other cloud providers. Have knowledge of CI/CD principles, Linux fundamentals, OS hardening, networking concepts, and IP protocols. Have an understanding and familiarity with configuration management tools like Chef and Terraform. Have experience in operational tooling languages such as Ruby, Python, Go and shell, and use of source control. Experience with industry-standard security tools like Nessus, Qualys, OSQuery, Splunk, etc. Experience with Public Key Infrastructure (PKI) and secrets management Bonus points for: Experience conducting threat assessments, and assessing vulnerabilities in a high-availability setting. Understand MySQL, including replication and clustering strategies, and are familiar with data stores such as DynamoDB, Redis, and Elasticsearch. Minimum Required Knowledge, Skills, Abilities, and Qualities: 3+ years of experience architecting and running complex AWS or other cloud networking infrastructure resources 3+ years of experience with Chef and Terraform Unflappable troubleshooting skills Strong Linux understanding and experience. Security background and knowledge. BS In computer science (or equivalent experience). This role requires in-person onboarding and travel to our Bengaluru, IN office during the first week of employment."

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies. You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry. Required Skills: 3-5 years of industry experience in web application security Create exploits, proof-of-concept for web application vulnerabilities Strong JavaScript programming skills Knowledge of HTTP protocol (Requests, responses, Cookies, etc.) Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs Exposure to DAST/BlackBox tools Web application security scanning tools like BURP/ZAP, SQLMap, CURL Experience with network analysis tools and analysis of packet captures. Proficient with regular expressions. System administrator experience on Windows or Unix platforms. Strong analytical and problem-solving skills Passion for web security and attention to detail Experience with scripting languages, including Python and Bash Exposure to JAVA programming Experience with selenium, postman scripting Experience with Metasploit/Nessus exploits (especially HTTP-related ) Experience with web application firewalls (WAF) rules, ModSecurity Exposure to WEB 2.0, XML/XPath, JSON, Swagger Database/SQL knowledge Experienced in the use of various scanners and open-source security tools. Experience in developing security-related tools/programs. Ability to work independently Published research Security certifications Show more Show less

Job Description Summary We are looking for a smart, security-minded, enthusiastic and friendly cyber security advisor who can work collaboratively with development teams to complete design and SDLC work for Products and Systems. Product Cyber-security Specialist is responsible for the analysis of controllers, systems for cyber security requirements. Conduct tests to verify Cyber security levels and recommend mitigation plans for products, systems during product development stages. As a member of a global and matrixed team, she/he will also be responsible for guiding secure design, testing of different products, control systems. Job Description Essential Responsibilities Involve in reviews, suggest changes, conduct tests to ensure systems, controllers to meet Cyber security requirements. Facilitate decisions and bring teams together to design and document software architecture, modularity, and future- proofing. Support/Involve development of proofs-of-concept to prove out strategy and manage development and product risks. Support production of technical documentation for software architecture, design, verification plans. Engage with development teams and ensure all software developed is compliant to Cyber-security requirements. Collaborate with a team of controls and system engineers developing operational technology software for various subsystems. The position requires an understanding of OT System, cloud application architecture and conversant with all Cyber security requirements. This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. Work with multiple teams in different location to identify vulnerability, suggest remediation to the software to meet customer requirements. Contribute to multi-generation product and tool planning. Qualifications/Requirements Bachelor in computer science/Cyber Security or relevant engineering or equivalent knowledge / experience with 0-1 Years of Experience. Good understanding in Cyber security for Controller, Systems in OT Space. Familiar with penetration testing for Controllers, Systems, Web software’s, CAPEC, Ethical hacking. Good Knowledge/worked on Cyber security tools and solutions like Wireshark, NESSUS, Burp Suite, Nmap, Nozomi, Claroty, Splunk, Acronis, Ivanti, etc. Knowledge in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing. Knowledge on web technologies like JavaScript, jQuery, AJAX, JSON, AngularJS, Angular 6, NodeJs, Spring, Hibernate, Spring boot, MVC, RESTful Web Services, Flux, SOAP will be an added advantage. Knowledge on database RDBMS, MySQL NoSQL databases will be an added advantage. Software component: MS Visual Studio, MS Office, MS Visio, SVN, GitHub Linux and Windows OS Familiar with ISA 624443, NIST 800 standards will be an added advantage. Familiar on active directory, certificate management and hardening w.r.t CIS benchmarks for critical assets like switches, windows-based workstation and controllers. Familiar with threat modelling and risk assessment for OT products Additional Information Relocation Assistance Provided: Yes Show more Show less

Senior Site Reliability Engineer Bengaluru Get to know Okta Okta is The World s Identity Company. We free everyone to safely use any technology anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We re building a world where Identity belongs to you. Okta s Workforce Identity Cloud Security Engineering group is looking for an experienced and passionate Senior Site Reliability Engineer to join a team focused on designing and developing Security solutions to harden our cloud infrastructure. We embrace innovation and pave the way to transform bright ideas into excellent security solutions that help run large-scale, critical infrastructure. We encourage you to prescribe defense-in-depth measures, industry security standards and enforce the principle of least privilege to help take our Security posture to the next level. Our Infrastructure Security team has a niche skill-set that balances Security domain expertise with the ability to design, implement, rollout infrastructure across multiple cloud environments without adding friction to product functionality or performance. We are responsible for the ever-growing need to improve our customer safety and privacy by providing security services that are coupled with the core Okta product. This is a high-impact role in a security-centric, fast-paced organization that is poised for massive growth and success. You will act as a liaison between the Security org and the Engineering org to build technical leverage and influence the security roadmap. You will focus on engineering security aspects of the systems used across our services. Join us and be part of a company that is about to change the cloud computing landscape forever. Bring all the passion and dedication along and there s no telling what you could accomplish! You will work on: Building, running, and monitoring Okta's production infrastructure Be an evangelist for security best practices and also lead initiatives/projects to strengthen our security posture for critical infrastructure Responding to production incidents and determining how we can prevent them in the future Triaging and troubleshooting complex production issues to ensure reliability and performance Identifying and automating manual processes Continuously evolving our monitoring tools and platform Promoting and applying best practices for building scalable and reliable services across engineering Developing and maintaining technical documentation, runbooks, and procedures Supporting a 24x7 online environment as part of an on-call rotation You are an ideal candidate if you: Are always willing to go the extra milesee a problem, fix the problem. Have experience automating, securing, and running large-scale production IAM and containerized services in AWS (EC2, ECS, KMS, Kinesis, RDS), GCP (GKE, GCE) or other cloud providers. Have knowledge of CI/CD principles, Linux fundamentals, OS hardening, networking concepts, and IP protocols. Have an understanding and familiarity with configuration management tools like Chef and Terraform. Have experience in operational tooling languages such as Ruby, Python, Go and shell, and use of source control. Experience with industry-standard security tools like Nessus, Qualys, OSQuery, Splunk, etc. Experience with Public Key Infrastructure (PKI) and secrets management Bonus points for: Experience conducting threat assessments, and assessing vulnerabilities in a high-availability setting. Understand MySQL, including replication and clustering strategies, and are familiar with data stores such as DynamoDB, Redis, and Elasticsearch. Minimum Required Knowledge, Skills, Abilities, and Qualities: 3+ years of experience architecting and running complex AWS or other cloud networking infrastructure resources 3+ years of experience with Chef and Terraform Unflappable troubleshooting skills Strong Linux understanding and experience. Security background and knowledge. BS In computer science (or equivalent experience). This role requires in-person onboarding and travel to our Bengaluru, IN office during the first week of employment." #LI-Hybrid #LI-LSS1 What you can look forward to as an Full-Time Okta employee! Amazing Benefits Making Social Impact Fostering Diversity, Equity, Inclusion and Belonging at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/ . Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/ . U.S. Equal Opportunity Employment Information Read more Individuals seeking employment at this company are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. When submitting your application above, you are being given the opportunity to provide information about your race/ethnicity, gender, and veteran status. This information helps us support or diversity, inclusion, and belonging efforts, as well as maintain fair and equitable hiring practices. Completion of the form is entirely voluntary . Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file. If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows: A "disabled veteran" is one of the followinga veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability. A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service. An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense. An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Pay Transparency Okta complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here . Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/agencies/ofccp . How do you know if you have a disability A disability is a condition that substantially limits one or more of your major life activities. If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson s disease, multiple sclerosis (MS) Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury PUBLIC BURDEN STATEMENTAccording to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete. Okta The foundation for secure connections between people and technology Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 7,000 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business. More than 19,300 organizations, including JetBlue, Nordstrom, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers. Follow Okta Apply

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less