776 Nessus Jobs - Page 25

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 768174 Show more Show less

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 768174

Role: Vulnerability Mgmt Analyst Location: Remote Work timing: UK Hours \ US Hours Overview: We are seeking a detail-oriented and highly skilled Vulnerability Management Analyst to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, prioritizing, and remediating vulnerabilities across the organizations IT assets. The role involves leveraging industry-standard tools like Qualys , Tenable Nessus , Rapid7 , and integrating findings into ServiceNow SecOps for streamlined remediation. Key Responsibilities: Perform regular vulnerability scans using tools such as Qualys , Tenable Nessus , and Rapid7 InsightVM . Analyze scan results to identify true positives, prioritize findings based on risk and criticality, and recommend remediation actions. Collaborate with IT infrastructure, application, and network teams to ensure timely patching and mitigation of identified vulnerabilities. Integrate vulnerability data into ServiceNow Security Operations (SecOps) for incident tracking and response coordination. Monitor vulnerability trends and provide risk insights to leadership. Support compliance initiatives and audits by providing reports and evidence of remediation efforts. Maintain documentation for vulnerability management procedures and policies. Assist in developing and improving vulnerability management workflows, processes, and automation. Required Skills & Experience: 3+ years of hands-on experience in vulnerability management or related cybersecurity roles. Strong expertise in using Qualys , Tenable Nessus , Rapid7 InsightVM , or equivalent tools. Familiarity with ServiceNow SecOps or other security orchestration and response platforms. Solid understanding of TCP/IP, operating systems (Windows, Linux), and common network services. Experience with CVSS scoring and vulnerability remediation prioritization. Ability to communicate technical issues to both technical and non-technical audiences. Preferred Certifications (at least one required): CompTIA Security+ CompTIA CySA+ GIAC Enterprise Vulnerability Assessor (GEVA) Nice to Have: Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS). Familiarity with scripting (Python, PowerShell) for automation of scanning and reporting tasks. Exposure to SIEM platforms and incident response procedures. Education: Bachelors degree in Information Security, Computer Science, or a related field (or equivalent practical experience). Thanks & Regards: Kanika Katiyar Associate Recruiter Email: kkatiyar@fcsltd.com FCS Software Solutions Limited https://www.fcsltd.com

Required Candidate profile: B.Tech / B.E./ BCA/ BSc in Computer Science or Information Technology. Candidates must have hands-on experience (Preference will be given to professional experience) of vulnerability assessment and penetration testing. Certification: OSCP or similar certifications (Preferred) Candidates must have minimum 4+ years of experience of vulnerability assessment, penetration testing, and Bug bounty. Preferred Skills: Excellent understanding of web application security and secure coding. Proficient in Application Security concepts, familiar with OWASP Top 10. Understanding of vulnerability assessment/penetration testing. Ability to write technical reports and detailed documentation. Experience in conducting VAPT and secure source code review. Experience with application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Acunetix, TOSpider, Burp Suite Pro, Nessus, Nexpose) Experience in Bug Bounty. In-depth knowledge and experience with OWASP and SANS standards. Web App Security (Burp Suite, Manual & Automated Testing, Comfortable in Black Box/White Box testing with the capability of finding business logic vulnerabilities, OWASP testing guide). Knowledge on Patch Fixing methodologies. Investigate security breaches and other cybersecurity incidents Location - Ahmedabad, Gujarat Show more Show less

We are looking for a highly skilled and experienced Senior VAPT Engineer to lead and conduct comprehensive vulnerability assessments and penetration tests across applications, networks, and systems. The ideal candidate will be responsible for identifying security risks, reporting vulnerabilities, and providing mitigation strategies to ensure enterprise-wide cybersecurity. 🛠️ Key Responsibilities: Conduct vulnerability assessments and penetration testing for networks, web/mobile applications, APIs, and cloud infrastructure Perform manual and automated testing using industry-standard tools (e.g., Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, etc.) Identify, exploit, and document security flaws, misconfigurations, and weaknesses Prepare detailed assessment reports with technical findings, risk ratings, and remediation recommendations Collaborate with development, network, and infrastructure teams to guide and verify remediation efforts Stay updated on the latest security threats, attack vectors, and tools Contribute to the development and improvement of internal VAPT methodologies and checklists Ensure compliance with industry standards and frameworks (OWASP, ISO 27001, NIST, etc.) ✅ Requirements: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field 4–7 years of experience in VAPT or ethical hacking Strong knowledge of OWASP Top 10, CVSS scoring, MITRE ATT&CK framework Experience with tools like Burp Suite Pro, Nessus, Acunetix, Wireshark, and scripting (Python, Bash, etc.) Familiarity with cloud environments (AWS, Azure, GCP) and container security (Docker/Kubernetes) is a plus CEH, OSCP, or other cybersecurity certifications preferred Excellent analytical and report writing skills Show more Show less

The Enterprise IT Service Desk Workstation Vulnerability Analysts role is to help secure the company's workstations against vulnerabilities.This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines.Additionally, deployment of mitigations may be required.The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required.

Role : Backend Engineer (5+ years) Duration : Full time (Hybrid) Location: Hyderabad About the Role: Senior Backend Engineer with strong Kafka expertise and a proven track record in Java, Flink, and Python. You will build scalable, high-performance backend services, optimize real-time data pipelines, and work with AWS cloud infrastructure. Key Responsibilities: Develop and maintain backend services using Java, Flink, Python, and Kafka. Build real-time streaming pipelines and event-driven architectures. Work with AWS services (PostgreSQL, Aurora, DynamoDB). Automate workflows with Airflow, monitor with New Relic & Splunk. Deploy and manage applications using Kubernetes & Docker. Optimize performance and troubleshoot distributed systems. Must-Have Qualifications: Highly skilled in backend development with strong Kafka expertise. Proficiency in Java, Flink, Python, and AWS cloud services. Experience with event-driven architectures and microservices. Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Hands-on experience with Airflow, New Relic, Splunk, Kubernetes, and Docker. Strong problem-solving skills and a DevOps mindset. Strong understanding of development operations, networking, security and automation. Ability to work in a fast-paced, collaborative environment. Strong problem-solving and communication skills. Strong expertise in Linux and Windows administration. Hands-on experience with cloud platforms (AWS, Azure, GCP). Proficiency in scripting and automation (Python, Bash, PowerShell, Terraform, Ansible, etc.). Experience with security tools (Nessus, Qualys, etc.) and vulnerability remediation. Familiarity with CI/CD tools (Jenkins, GitHub Actions, GitLab CI/CD). Knowledge of networking, firewalls, VPNs, and DNS management. Experience with log management, monitoring, and alerting systems. Strong troubleshooting and problem-solving skills. Tech Stack – Programming Languages: Java, Flink, Python Cloud & Databases: AWS (PostgreSQL, DynamoDB) Streaming & Messaging: Kafka Infrastructure-as-Code: Terraform Orchestration & Monitoring: Airflow, New Relic, Splunk Containerization & Deployment: Kubernetes, Docker About SinglepointSolutions: Founded in 2011 with a global presence, Single Point Solutions, a Digital Transformation and Technology provider specializes in Data, Mobile/Web, Cloud, AI, ML, and IoT technologies. Leveraging diverse industry knowledge and a collaborative approach, we deliver high-performing technology solutions. Our commitment to innovation empowers clients to achieve business goals and stay competitive in the digital landscape. Our Build, Operate, and Transfer (BOT) delivery model expertise caters to diverse industries. For more information, please visit https://www.singlepointsol.com . Single Point Solutions (SPS) is a Digital Transformation and Technology provider, with advanced technology solutions, including Mobile and Cloud App development, Artificial Intelligence & Machine Learning, Data, and Cloud infrastructure Show more Show less

Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles. #CybersecurityLeadership #VPOfOperations #SecurityOperations #CyberOpsLeadership #OperationsLeadership #CybersecurityVP #SecurityOps #CybersecurityExec #TechOperations #InfoSecLeadership #VPJobs #LeadershipHiring #CybersecurityCareers #OperationsExcellence #SecurityLeadershipRoles #HyderabadJobs #HyderabadHiring #HyderabadCareers #HyderabadTech #HyderabadVP #HyderabadOperations Show more Show less

About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership Youll drive features end-to-end, from design to deployment. Flexibility A friendly, results-oriented culture that respects your time. Empowerment Your insights are valued, and your work makes a visible difference. Learning & Growth Youll work on complex challenges with smart, passionate peersand have the support to level up continually. If youre ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, wed love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analysts role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. You can also apply to this job using the below Workday link https://bit.ly/4kPFsa7 (if the link doesn't work, simply copy paste the link in your browser) To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman, on Truly Human Leadership : Watch the video https://bit.ly/4kSLZkE (if the link doesn't work, simply copy paste the link in your browser)

Senior Security Consultant (Thick Application Penetration Tester) NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers. Join the mission as a Senior Security Consultant. We are seeking a skilled expert and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting Thick Applications, you will be responsible for performing Thick and Web Application Testing, while working closely with clients to deliver clear, actionable reports and contribute to the development of security best practices. Responsibilities : Conduct engagements independently and provide technical oversight on: Thick Application Penetration Testing Includes Web Application Penetration (WaPen) testing. Occasionally includes Mobile (MaPen) and IOT/embedded penetration testing. Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts Research and develop innovative techniques, tools, and methodologies for penetration testing services. Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations. Minimum Qualifications : Bachelors degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience Minimum of 5+ years of work experience in Thick Application Penetration Testing for applications written in managed (e.g. Java, C#, etc.) and unmanaged (e.g. C, C++, Swift, Rust, etc.) code Includes experience with offensive toolkits used in web application penetration testing. Experience with disassemblers and debuggers Examples include WinDbg, IDA, Ghidra, gdb and lldb. Experience with dynamic instrumentation toolkits Examples include Frida. Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Ability to work independently and as part of a team Proficient communication skills, both written and verbal This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs Preferred Qualifications: Ability to provide technical and QA oversight on Thick Application service line. Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Experience performing fuzz testing. The ability to reverse engineer proprietary application layer protocols. Experience with IOT/embedded penetration testing. Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, GWAPT) We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience. Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Be a part of a team that harnesses advanced AI, ML, and big data technologies to develop cutting-edge healthcare technology platform, delivering innovative business solutions. Job Title : Security Test Engineer Job Location : Pune, Maharashtra, India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. HiLabs is looking for highly motivated and technical Sr. Software Development Engineers focused on the application of emerging technologies, who should continually strive to advance engineering excellence and technology innovation. The mission is to power the next generation of digital products and services through innovation, collaboration, and transparency. Responsibilities Design, implement, and manage security controls across cloud environments. Conduct regular vulnerability assessments, penetration tests, and risk analyses. Develop and execute test plans, test cases, and security automation scripts. Lead incident response activities including identification, containment, mitigation, and post-incident analysis. Collaborate with cross-functional teams to remediate vulnerabilities and strengthen defenses Work collaboratively with IT and engineering teams to integrate security best practices into daily operations and development cycles. Assess security controls and ensure compliance with relevant standards (e.g., OWASP, NIST, HIPAA, SocII Type2) by working closely with the compliance team. Maintain detailed security documentation and provide periodic reports to management Stay up to date with emerging threats, vulnerabilities, and security best practices. Desired Profile Bachelor’s degree in Computer Science, Information Security, or a related field. 3-6 years of experience in IT security, or related roles. Strong knowledge of IT security frameworks, best practices, and standards (e.g., NIST, ISO 27001). Hands-on experience with vulnerability management tools, SIEM solutions, and endpoint security technologies. Hands-on experience with security tools such as Kali Linux, Metasploit, Burpsuite, Wireshark, SonarQube, AppSec, Nmap, OWASP ZAP, and Nessus Understanding of security vulnerabilities, exploits, and mitigation techniques Proficiency in cloud security (AWS, Azure, or GCP) is a plus Solid understanding of network protocols, firewalls, VPNs, and IDS/IPS systems. Knowledge of security frameworks and standards (e.g., OWASP Top 10, CVSS, CIS Benchmarks). Excellent problem-solving skills and the ability to respond effectively under pressure Passionate about technology and delivering solutions to solve complex business problems Great collaboration and interpersonal skills Ability to work with team members and lead by example in code, feature development, and knowledge sharing Nice to Have Certifications such as CEH, OSCP or CompTIA Security+. Experience in the healthcare industry and knowledge of HIPAA compliance. Familiarity with container security and DevSecOps practices. Experience with automation and scripting (Python, Bash) for security tasks HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

India - Hyderabad JOB ID: R-217073 ADDITIONAL LOCATIONS: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jun. 03, 2025 CATEGORY: Information Systems Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What you will do Let’s do this. Let’s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization’s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization’s security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking – Comfortable working with data and identifying patterns Attention to Detail – Careful review and tracking of vulnerabilities Communication Skills – Able to clearly document and explain findings Collaboration & Teamwork – Works well with cross-functional teams Curiosity & Continuous Learning – Strong interest in cybersecurity and professional growth Problem-Solving Mindset – Seeks practical solutions to real-world security issues What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job Description -: Experience of 4+ years • Hands-on experience of conducting security assessments of Web Applications, Mobile Applications, Web Services/APIs, Thick-clients. • Experience in tools such as burpsuite, nessus, nmap, acunetix, metasploit, checkmarx, etc. • Experience with Open Web Application Security Project (OWASP),SANS, Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. • Ability to explain technical vulnerabilities to both technical and non technical audience highlighting business risk. • Knowledge of at least one cloud technology (AWS, Azure,GCP) is desirable, preferrably AWS and Azure. • Good understanding of coding best practices and standards. • Good knowledge of at least one of the following programming/scripting languages viz. python, ruby, C#, powershell, C/C++, Java • Good communication skills. • Critical thinking and good problem-solving abilities. • Organized in planning and time management skills are preferred. • Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable. Roles & Responsibilities -: Conduct vulnerability assessment and penetration testing for application, and other infrastructure Conduct application security assessment of web applications, mobile applications, thick-client application and API. Conduct configuration reviews for Operating System, Database, Middleware, Firewall, Routers, Switches and other infrastructure. Conduct red-team assessments Conduct cloud security assessments Conduct source-code review using automated and manual approaches Ensure timely execution of projects, delivery of status updates and final reports. Stay abreast of the latest updates in technology, security trends, vulnerabilities, exploit techniques and security news. Proficient in Ms-Excel and Powerpoint.

Dear Candidate Tata Consultancy Services is hiring for VAPT EXCLUSIVE WALK IN DRIVE AT: Hyderabad: TCS Synergy Park Phase1, Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore: TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai: TCS Siru Seri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai: TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida: TCS Yamuna, first floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata: Tata Consultancy Services Limited | Gitanjali Park - IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India. DRIVE DATE: 7-Jun-2025 REGISTRATION TIME 9:30 AM to 2:30PM EXPERIENCE: 6 to 15 Years JOB LOCATION: PAN INDIA Job description: Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST, CISA Experience in Web Application Security Testing, Network security testing, Source code Review and Vulnerability Assessment and Penetration testing (SAST and DAST) Strong Experience of using open- source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix and open source with operating systems Windows and Linux. Perform research on new vulnerabilities, attack vectors, exploits, tools and industry trends for the above- mentioned services. CEH Certification Mandatory. Candidates with CISM, OSCP are preferred. Strong presentation and analytic skills, critical thinking and problem-solving skills are mandatory IF Interested in Walk-In Kindly share the details Interested professionals send your updated CV & the below details to varsha.muthukrishnan@tcs.com Kindly don't apply if you have given an interview in the last 1 month Full Name: Email: Contact Number: Total Experience: Relevant Experience: Current Location: Preferred Location: Notice Period: Current Company Name: All Previous Companies Names: Education or career gap in months/years (kindly mention if there's a gap between your education and your first organization): Reason for gap: Year of 10th Completion: Year of 12th Completion: Year of Under graduation Completion: Year of Post graduation Completion (if applicable): Highest Full-Time Education qualification: Highest Qualification Fulltime Y/N (Part-time courses are NOT eligible): University Name: Current CTC (Voluntary Disclosure): Expected CTC (Voluntary Disclosure): EP Reference Number (if already registered with TCS): Show more Show less

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What You Will Do Let’s do this. Let’s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization’s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization’s security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What We Expect Of You We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking – Comfortable working with data and identifying patterns Attention to Detail – Careful review and tracking of vulnerabilities Communication Skills – Able to clearly document and explain findings Collaboration & Teamwork – Works well with cross-functional teams Curiosity & Continuous Learning – Strong interest in cybersecurity and professional growth Problem-Solving Mindset – Seeks practical solutions to real-world security issues What You Can Expect Of Us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

An extraordinarily talented group of individuals work together every day to drive TNS' success, from both professional and personal perspectives. Come join the excellence! Overview The QA area is responsible for the testing of computer programming systems and applications including the design, coding, testing and deployment of products and solutions to meet goals of TNS' products Responsibilities Quality Assurance Engineer Looking for a candidate with strong technical skills to develop and execute test strategies for telecom related programs. The QA engineer will be responsible for working with other scrum team members to help develop and execute test cases based on a published set of technical requirements. The candidate preferably has an understanding of the telecommunications domain and can work as part of a high performing scrum team in a fast paced agile environment. Responsibilities: Understands project requirements. Develops test strategies and test plans for telephony network applications/infrastructure. Develops and maintains automated regression test suites. Works as part of a scrum team in an agile environment. Works with operations to ensure smooth software deployments in production. Possesses the ability to work with minimal supervision and/or independently. Utilizes experience and judgment to plan and accomplish goals. Creates tests and defect reports using the team standards and best practices. Drives test escape analysis and strategies to prevent defect leakage. Creates and maintains cloud-based lab infrastructure. Experience Required: 5+ years overall test experience developing and executing test cases. Minimum 4 years software testing experience of UNIX or Linux client server applications, including testing application installation/configuration, trouble shooting and load/performance. Experience in Telecom Protocol Testing (SIP, SS7, Diameter, VOIP, VOLE, LTE) - MUST (Strong Experience in SS7, SIP, IMS) Experience in handling functional automation testing using SPECTRA, Jmeter, SIPp, Valid8 Experience in product security testing; Exposure to vulnerability assessment tools RAPID7, Nessus Knowledge of Unix fundamentals, scripting and installation and upgrade of software Exposure to cluster and fault-tolerance deployment, Experience in load testing and performance testing Experience Desired: Exposure to public cloud and private cloud environment technology Working exposure on deploying application on virtual machine, VNF Working exposure on cloud native technology, container technology, CNF, Exposure to REST API Testing, Shell scripting preferred. Understanding of Test Automation Robo framework, Ansible, Experience in RestAPI testing. Experience with build integration tools such as Jenkins. Experience with code coverage tools. Experience with defect and agile management tools such as JIRA Education Qualifications: BTECH/MTECH degree in Computer Science or related field. Qualifications If you are passionate about technology, love personal growth and opportunity, come see what TNS is all about! TNS is an equal opportunity employer. TNS evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic. Show more Show less

Daily assessment of vulnerabilities identified by infrastructure scan Evaluate rate and perform risk assessments on assets Prioritizing vulnerabilities discovered along with remediation timeline s Work with associated teams to explain vulnerabilities and remediation steps as required Maintain knowledge of the threat landscape Create reports and provide analysis on vulnerabilities for technical teams and leadership Skill Required Knowledge of application network and operating system security Experience with vulnerability and patch assessment Linux and windows experience Good understanding of Windows and Linux patching Knowledge of vulnerability scoring systems CVSS CMSS Experience on vulnerability scanning tools Excellent writing and presentation skills are required in order to communicate findings and status Primary Skills VMDR Policy Compliance Qualys Tenable Nessus Rapid7 Secondary Skills Excellent writing and presentation skills are required in order to communicate findings and statusCleary communicate priorities and escalation points procedures to other team members Detail oriented organized methodical follow up skills with an analytical thought process Experience performing dynamic scans static scans and penetration testing Development experienceProject management experience Innovative and efficiency focused Track trends and configure systems as required to reduce false positives from true events

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line/Function For 150 years, BNP Paribas Wealth Management has been committed to protecting clients’ wealth, developing it, and eventually passing it on to their loved ones. We deliver tailor-made experience, with outstanding attention to detail and expertise from precise local knowledge to the global know-how that we access from the Group. Our goal is to create a new wealth management experience fit for a world where digital interactions have come to enhance human ones. Wealth Management Investment Solution Hub (WMIS Hub) provides a global IT solution for BNP Paribas Wealth Management where we develop, maintain and evolve IT applications which fits to the specific needs of BNP Paribas Wealth Management business users. Job Title Cybersecurity Manager Date Department: Wealth Management Location: Chennai Business Line / Function ITRCS Reports To (Direct) Grade (if applicable) (Functional) Number Of Direct Reports 16 Directorship / Registration NA Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the team’s goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production/CSIRT/Production Security teams. The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator. Responsibilities Direct Responsibilities WM IT Risk and Security Manager Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development. Coordinate with APAC WM security actors, including India-based resources. Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process. Periodic reporting of security status to WM CISO APAC and WM Global CISO Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication. Ensure the regular reporting for management follow-up IT Security Compliance (delegation on WM APAC scope) Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets. Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes. Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements Ensure the compliance with the Third-party Technology risks and Cloud security. Identify the process gaps and provide solutions. Application Security Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. Identify and implement the latest security standards for internet facing and internal assets. Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing – SAST, Dynamic Acceptance Security Testing – DAST and Software Composition Analysis – SCA). Perform Security risk assessments and reviews to be presented to respective committees. Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider. Production Security Oversight (delegation on WM APAC scope) Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance. Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress. Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents. CyberSecurity Program (delegation on WM APAC scope) Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program. Contributing Responsibilities Coordination with IT Security actors Reporting line to the WM GAIM Global CISO: alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard…) Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope. Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production. Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group. Technical & Behavioral Competencies Cybersecurity / Technical Value-added Competencies ü Cybersecurity Governance: framework (NIST / CIS framework), Security incident management, Logging & Detection (SIEM – ELK products) ü DevSecOps: CI/CD toolchain knowledge of various tools Source code management: sonarQuabe, bibucket, github/gitlab Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan…) Automation/orchestration: Ansible tower, Jenkins ü Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security) ü Vulnerability Management Nexpose, Nessus ü Ethical Hacking Knowledge Kali Linux knowledge (metasploit, nmap) Specific Qualifications (if Required) Qualifications and Experience ü 10 years' experience in information security evaluation and design of technical architectures ü Functional as well as technical knowledge of the applications used within BNP Paribas ü Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies ü Team management experience is a must ü Preferred Master level in Computer science and Information Security Skills Referential Behavioural Skills: (Please select up to 4 skills) Communication skills - oral & written Ability to collaborate / Teamwork Decision Making Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability to set up relevant performance indicators Ability to develop and adapt a process Ability to manage a project Ability To Develop Others & Improve Their Skills Ability to manage / facilitate a meeting, seminar, committee, training… Education Level Master Degree or equivalent Experience Level At least 10 years Other/Specific Qualifications (if Required) Other Value-added Competencies ü Advanced IT security certifications may be advantageous (such as CISM, CCSP, CSK, CEH, CISSP…). ü Operational Risk and Permanent Control ü Data Analytics solutions (Tableau, PowerBI) and strong expertise in Dashboard/reporting Show more Show less

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Infrastructure Specialists at Kyndryl are project-based subject matter experts in all things infrastructure – good at providing analysis, documenting and diagraming work for hand-off, offering timely solutions, and generally “figuring it out.” This is a hands-on role where your feel for the interaction between a system and its environment will be invaluable to every one of your clients. There are two halves to this role: First, contributing to current projects where you analyze problems and tech issues, offer solutions, and test, modify, automate, and integrate systems. And second, long-range strategic planning of IT infrastructure and operational execution. This role isn’t specific to any one platform, so you’ll need a good feel for all of them. And because of this, you’ll experience variety and growth at Kyndryl that you won’t find anywhere else. You’ll be involved early to offer solutions, help decide whether something can be done, and identify the technical and timeline risks up front. This means dealing with both client expectations and internal challenges – in other words, there are plenty of opportunities to make a difference, and a lot of people will witness your contributions. In fact, a frequent sign of success for our Infrastructure Specialists is when clients come back to us and ask for the same person by name. That’s the kind of impact you can have! This is a project-based role where you’ll enjoy deep involvement throughout the lifespan of a project, as well as the chance to work closely with Architects, Technicians, and PMs. Whatever your current level of tech savvy or where you want your career to lead, you’ll find the right opportunities and a buddy to support your growth. Boredom? Trust us, that won’t be an issue. Roles & Responsibilities include: Router & Switch Management. Patch and Upgrade Switch & Router with recommended version. Troubleshoot and resolve network/routing issues. Perform and maintain backup of all the Network Devices & Ensure Log Capturing of all the Network Devices. Monitor bandwidth utilization and recommend upgrade whenever needed. Maintain inventory of Network Devices and all links. Perform Basic Hygiene & Health Check for all the Network Devices as per customer defined schedule. Ensure monitoring is enabled for all Network Devices and Interface. Ensure Network Redundancy at every layer and highlight gaps (if found). Resolving Incidents/Service Requests with respect to Routing & Switching. Coordination with OEM for advanced troubleshooting. Firewall/NIPS Management. Patch and Upgrade Firewalls/NIPS with recommended version Implement Client approved Firewall Rules & Perform Firewall Rules Review as per agreed schedule Monitor & Manage Firewalls & NIPS & Ensure log capturing is enabled and is being performed for all the Firewalls/NIPS Perform and maintain backup of all the Firewall/NIPS Resolving Incidents/Service Requests with respect to Firewalls/NIPS Managing & tracking license and signatures on Firewall/NIPS & Coordination with OEM for advanced troubleshooting. Monitor health for Access Points installed through Central Wireless Controller Coordination with OEM for advanced troubleshooting Cisco Meraki Manage Wireless Reporting Prepare and submit Network Device related reports as and when asked. Physical Support & Wireless Network Management Mount/Unmount Network Devices, as and when required Replace faulty network devices in case of hardware failure Providing cabling support, as and when required Your future at Kyndryl There are lots of opportunities to gain certification and qualifications on the job, and you’ll continuously grow as a Cloud Hyperscaler. Many of our Infrastructure Specialists are on a path toward becoming either an Architect or Distinguished Engineer, and there are opportunities at every skill level to grow in either of these directions. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Experience Total exp of 6 to 8 years. Must have cleared associate level certification like CCNA, JNCIA,CCNP Routing & Switching – Cisco, Juniper, Arista, Brocade, Huawei, HP, KYNDRYL PureFlex Excellent Firewall, VPN & NIPS Understanding – Cisco ASA, FortiGate. Good troubleshooting skills on Routing Protocol (BGP, OSPF, Static Route). Should have understanding about network technologies like SDN (Cloud Vision), L3 Fabric, VxLAN, NSX. Good understanding and troubleshooting skills for Switching/Redundancy Protocol (HSRP, Spanning Tree, VLANs, EtherChannel) Good troubleshooting skills for User Network Issues including WiFi Support. Logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems Strong analytical and problem-solving skills with high attention to detail. Bachelor's Degree. Preferred Technical and Professional Experience : Sound knowledge about various Network Monitoring and management tools (like SolarWinds, Infoblox) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Role Summary You will be responsible for identifying and mitigating web application vulnerabilities, collaborating with development teams, and integrating security best practices across front-end and back-end stacks. Key Responsibilities Bachelor’s in Computer Science, Engineering, or related field. Perform security assessments: static/dynamic analysis , code reviews , vulnerability scans . Secure apps built with JavaScript , .NET (C#) , and Java . Enforce OWASP Top 10 protections and secure coding standards. Automate security tasks using Python . Ensure secure deployments in Docker / Kubernetes environments. Integrate security into CI/CD pipelines . Act as the security point-of-contact within product teams. Required Skills Strong knowledge of Web App Security , OWASP , and secure SDLC. Hands-on with JavaScript , C#/.NET , and Java codebases. Familiar with Burp Suite , Nessus , or AppScan . Experience with Python scripting , Docker , and Kubernetes . Basic understanding of DevOps and CI/CD tools . Preferred Security certifications (e.g., CISSP , OSWE , GWAPT ). Knowledge of security frameworks: NIST , ISO 27001 . Show more Show less

Job Title: Lead Engineer – Security Operations Department: Engineering and Operations Location: Mumbai Reporting: Manager Security Operations Job Type: Full Time Shift: Rotational Shift PRE-REQUISITES Strong technical and subject matter expertise in at least four or more of the following security specialties: Firewall: Cisco, Palo Alto, Checkpoint, Fortinet, Zscaler, Barracuda VPN - IPSEC, SSL VPN: Ivanti, F5, Cisco, GlobalProtect NAC: Cisco ISE, Aruba ClearPass Unified Thread Management (UTM) SIEM products Qradar, Microsoft Sentinel etc. Load Balancers: F5 BigIP LTM/GTM, Citrix ADC Network Security (multi-vendor) experience. Cloud Infrastructure Mgmt.: Cloud stack, OpenStack, AWS, Azure, Netskope, PaloAlto Prisma Knowledge on scripting language like Python and automation Working knowledge and hands-on experience on Linux/Unix OS is desirable. Customer service experience preferably in a Global Operations Center environment Ticketing system knowledge Ability to workdays, evenings and weekends as required; 24x7 support in rotating shifts Flexibility with the ability to manage stressful situations and adapt to rapidly changing environments and requirements Analytical thinker willing to “think outside the box” to resolve customer impacting situations on first contact; understand customer pain Ability to work with Operations and Engineering on the priority of issues to resolve the urgent customer impacting issues first Aptitude and desire to learn advanced Network Security services. Creative, flexible thinker who is willing to take initiatives and share alternative solutions with peers and management Hands-on experience on Vulnerability Scanning, Penetration Testing Tools (Qualys, Nessus, Rapid7) Exceptional documentation and communication skills Ability to thrive in a fast paced, multi-cultural, customer-oriented environment MS Office proficiency RESPONSIBILITIES Incident Resolution Ticket resolution - work on trouble tickets, support the operation of advanced Network Security Services and take escalations Queue Management - keep a watch on queue and assign tickets Service Request - working on request for changes as per client requirements Perform the minor/major changes as per defined SoC process and work instructions Be a Subject Matter Expert (SME) on a few products Create Standard Operation Procedure Attend client calls and other technical meetings Assist in creation of Root Cause analysis (RCA) Security Performance Tuning Identify areas of Service Improvement Program (SIP) for key clients and reduce incidents Review code upgrade and test implement before rolling on to production Review documentation Recognize successful intrusions and compromises through review and analysis of relevant event detail information Review and update ROE on yearly basis Other Functions Work with hardware/software vendors to resolve problems Coordinate shifts and exchange handoff between various shifts Cross-train and mentor juniors Participate in various network and security related projects Perform other duties as assigned Any additional task given to the incumbent from time-to-time based on business needs TRAINING AND CERTIFICATION REQUIRED CCNA, CCSA, Fortinet NSE-4, PCNSE, CCIE, CEH EXPERIENCE Minimum 10 years of progressive, relevant experience and proven capability to work in a complex network environment EDUCATION Bachelor in Engineering - Computers/Electronics/Communication or related field Graduate/Post Graduate in Science/Maths/IT or related streams with relevant technology experience TECHNICAL AND OTHER SKILLS Knowledge of ITIL, ISO27K, SOC 2 will be beneficial Show more Show less

Essential Services: Role & Location fungibility To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service. The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role At ICICI Bank, Information Security Group believes in providing services to its customers in the safest and most secure manner keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. Our support application team performs application vulnerability assessments and document vulnerabilities which were found and provides recommendations for remediation according to BFSI guidelines and industry best practices. As an Application Security Manager, you will provide guidance to the application team on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. You will work along with cross functional business teams to get closure of identified gaps and utilize escalation matrix effectively wherever necessary. You will conduct application security assessment results review and mitigation approval. You will keep abreast of new technologies to ensure that the organization remains at the forefront of security. Key Responsibilities Support and Testing: Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets with security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc. Analysis: Perform in-depth analysis of VAPT results, Review assessment reports to provide risk mitigation & recommendations on that basis. Collaborate: Collaborate with the application team and provide them guidance on application security best practices, support remediation effort and track open issues and follow up to ensure remediation Key Qualifications & Skills Education Qualifications: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent Certifications: OSCP Compliance: Knowledge of cyber security trends & hacking techniques, MITRE ATT&CK framework with hacker mindset. Network Security: Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Key Technologies: Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance, Knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends.