776 Nessus Jobs - Page 29

Job Description: Prudent Technologies and Consulting is hiring for a fast-growing Cybersecurity team that supports a customer base including the world s largest organizations. We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelor s degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary We are seeking a highly skilled Sailpoint Developer .If candidate has experience of 2-3 years, he/she must be Sailpoint Certified, above 3 years experience sailpoint certification is not mandatory but good to have. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Analytical Thinking, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, Creativity, CyberArk Management, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF) {+ 22 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae Show more Show less

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience. Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify

Hi All, We are hiring for Product Security Engineer Greetings from Shivsys Softwares Pvt Ltd Role: Product Security Engineer Experience: 3+ Years Location: Noida Job Description: Security Specialist in areas of Security Vulnerability Assessment & Penetration Testing. Responsible for periodic assessment and implementation of remediation with the help of node owners. Job Key Tasks & Responsibilities: · Experience in developing tailored Vulnerability Assessment Profiles in collaboration with clients, outlining assessment scope, methodologies, risk assessment criteria, and reporting structures. · Have created and configured custom scan policies for vulnerability scanners, ensuring accurate, tailored scans to meet organizational needs and risk tolerance. · Configure scan policies for full network scans, application scans, compliance checks, and sensitive data exposure detection. · Performed both authenticated and unauthenticated scans across telecom networks and cloud environments (VNF, CNF). Troubleshooting and debugging scans. · Performed automated and manual scans against the CIS Benchmarks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure compliance with industry best practices. · Performed comprehensive risk triage by analyzing vulnerability reports, verifying false positives, and assigning accurate severity levels to vulnerabilities based on CVSS matrix. · Evaluate the impact of vulnerabilities and prioritize vulnerabilities based on CVSS scoring and considering exploitability in telecom environments (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G). · Perform cloud-specific vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes). · Provide remediation recommendations based on scan findings, including patching, workarounds, configuration hardening, and compensating controls. · Worked on remediation of non-compliant configurations and security issues based on CIS recommendations. · Experience in threat intelligence gathering to identify known exploits and determine the current exploitation risk of vulnerabilities (e.g., availability of exploit POC, exploit in wild). · Experience of working in ticketing tools i.e. ServiceNow, Jira. · Proficiency in Linux, Windows, and cloud security hardening. · Knowledge security frameworks and standards (e.g., NIST, ISO 27001, CIS) Experience & Certification: · Minimum 3+ years of relevant experience in a combination of security and operations technology jobs · Vulnerability Scanning tools: Nessus, Qualys, OpenVAS · Cloud Scanning Tools: Redhat ACS, Anchor, Trivy · Ticketing Systems: Jira, ServiceNow, Remedy Telecom Expertise: Telecom architecture(2G,3G,4G,5G), Nokia Nodes and functionalities You can also share your CV at karan.prajapati@shivsys.com Show more Show less

Job Description What's this role about? We are looking for an AWS,DevOps&SRE Engineer to provide strategic support and execute infrastructure, security, continuous integration, deployment, and IT operations practices, scaling and metrics, as well as running day-to-day operations of production and development infrastructure for a cloud-based commerce /enterprise platform. If you possess a "can do" attitude, are driven by research, problem solving, and thrive on challenges, this opportunity will interest you. You’re comfortable with infrastructure and configuration, but also happy to roll up your sleeves, fix code, write tests, debug, and ship features. Total working experience: 6 - 8 years. Managing and Experience with managing production environments on AWS cloud PaaS layer for enterprise systems and revenue bringing platforms (Ecommerce, Mobile and PoS) Own automation of the infrastructure platform and drive the development of new features for our cloud platform. Knowledge of Application servers (Apache, Tomcat, JBoss, Jetty, WebLogic, Etc.) Knowledge of latest emerging technologies, architectures, and trends Experience in Linux, Objective C, Android and Java. Experience supporting web applications (JavaScript & Java,MicroServices) Scripting (Ruby, Perl, Python, Bash, Awk, PHP) Elastic Cloud / Virtualization (SoftLayer, EC2, Rackspace Cloud, Hypervisor, VDI) Build Automation (Jenkins) Systems automation and provisioning frameworks (Chef, Puppet, etc.) Large Scale Databases (MySQL, Oracle, MongoDB, HBase, Cassandra, Hadoop, Etc.) Caching strategy (CDN, Varnish, Memcached, Redis) Familiar with high availability strategies (haproxy, Global Traffic Management / Multiple Datacenters, GeoDNS, failable architecture) Agile Software Development Lifecycle (SDLC) support Monitoring systems and frameworks (Nagios, ELK, Graphite) Custom Alerts (Akamai, NetApp, Etc.) Performance testing, analysis, tuning and improvements (New Relic, Dynatrace, AppDynamics) Package management workflows (Aptitude/dpkg, Yum/RPM) Single Sign on Technologies (LDAP, SSL/TLS, Open Directory) Common Unix Systems Services (NFS, NTP, Apache, nginx) Security frameworks (Iptables, Nessus, Nmap) REST API s using XML and JSON Must Have’s Experience in AWS cloud, Infrastructure support knowledge, system design. Experience in Ecommerce applications. Experience with Java based Microservices. Strong knowledge in Scripting languages (Shell, Python, etc.). Advanced experience of Cloud-native design, architecture and technologies. Enterprise cloud migration (AWS) On-board new tools and technologies Large scale Disaster Recovery solutions Large scale Infrastructure Automation using Terraform. Aws services experience (Mainly in Networking, Storage, Computing). Security implementations using OKTA and Keyclock Build comprehensive monitoring solutions for Kubernetes infra and Backend Microservices Managing Cross cutting concerns for Microservices using Shared Libraries and Service Mesh. Scripting (Ruby, Perl, Python, Bash, Awk, PHP) Elastic Cloud / Virtualization (SoftLayer, EC2, Rackspace Cloud, Hypervisor, VDI) Build Automation and deployment (Jenkins and Kubernetes) Systems automation and provisioning frameworks (Chef, Puppet, etc) Build CICD solutions using Helm, Jenkins and Groovy Must be able to succeed with minimal resources and supervision. Strong Communication skill Good To Have Demonstrates knowledge of cloud applications and open source technologies. Understanding the REST based API creation and testing Triage and root cause analysis across the complete full stack application. Good understanding of OAuth (Authorization and Authentication) and how it works between services. Programming knowledge in any - JAVA / Python Understanding of Landmark Products and technologies are more value add. Here's How You'll Contribute You'll do this by: Core Skills Desired Skills: How We’d Like You To Lead Advantage Zensar We are a technology consulting and services company with 11, 800+ associates in 33 global locations. More than 130 leading enterprises depend on our expertise to be more disruptive, agile and competitive. We focus on conceptualizing, designing, engineering, marketing, and managing digital products and experiences for high-growth companies looking to disrupt through innovation and velocity. Zensar Technologies is an Equal Employment Opportunity (EEO) and Affirmative Action Employer, encouraging diversity in the workplace. Please be assured that we will consider all qualified applicants fairly, regardless of race, creed, color, ancestry, religion, sex, national origin, citizen status, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veterans’ status. Zensar Is a Place Where You Are Free To Express Yourself In An Environment That Values Individuality, Nurtures Development And Is Mindful Of Wellbeing. We Put Our People And Customers At The Center Of Everything That We Do. Our Core Values Include Putting people first Client-centricity Collaboration Grow. Own. Achieve. Learn. with Zensar Show more Show less

Implement security-as-code principles and automate security controls in CI/CD pipelines. Conduct secure code reviews and assist developers in adopting secure coding practices. Deploy and manage security tools such as SAST, DAST, SCA, IAST, and container security solutions.

Company Description BETSOL is a cloud-first digital transformation and data management company offering products and IT services to enterprises in over 40 countries. BETSOL team holds several engineering patents, is recognized with industry awards, and BETSOL maintains a net promoter score that is 2x the industry average. BETSOL’s open source backup and recovery product line, Zmanda (Zmanda.com), delivers up to 50% savings in total cost of ownership (TCO) and best-in-class performance. BETSOL Global IT Services (BETSOL.com) builds and supports end-to-end enterprise solutions, reducing time-to-market for its customers. BETSOL offices are set against the vibrant backdrops of Broomfield, Colorado and Bangalore, India. We take pride in being an employee-centric organization, offering comprehensive health insurance, competitive salaries, 401K, volunteer programs, and scholarship opportunities. Office amenities include a fitness center, cafe, and recreational facilities. Learn more at betsol.com Job Description Roles & Responsibilities: Triage alerts and analyze security events/logs for threats such as computer viruses, exploits, and malicious attacks. Use critical thinking to bring together information from multiple sources to determine if a threat is present. Conduct security incident response and investigation. Conduct comprehensive security assessments and risk analysis on existing systems and applications. Analyze web traffic for suspicious patterns and potential security breaches. Perform vulnerability assessments and penetration testing. Prepare and provide security documentation and evidence for internal and external audits, ensuring compliance with regulatory requirements and security standards. Stay abreast of the latest cybersecurity trends, threats, and technologies to proactively address emerging risks. Qualifications Bachelor’s degree in computer science, Information Technology, cybersecurity, or a related field. 3+ years of relevant experience. Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing. Experience deploying and maintaining email security systems including anti-phishing, DLP, and encryption technologies to safeguard sensitive data and mitigate threats. Hands-on experience with security tools and technologies such as IDS/IPS, SIEM, and Penetration testing tools like Qualys/Tenable. Hands-on troubleshooting skills for security alerts related to Firewall (SonicWall & FortiGate), Microsoft Entra ID/O365, Windows and Linux Servers. Strong knowledge of GRC frameworks such as PCI-DSS ISO 27001:2022 & 9001:2015, SOC2 Type II CEH (Certified Ethical Hacker) AZ-500 Microsoft Azure Security Technoligies/Cloud Security Certifications with hands on experience Experience with evidence gathering for any of the compliances like PCI DSS, SOC2, HIPPA and ISO. Good understanding of the IT infrastructure architecture both on-prem and AWS and Azure clouds. Tools: Vulnerability management: Tenable, QualysGuard, Nessus Endpoint protection: Sophos, Bitdefender, Trend Micro, Windows Defender SIEM: Wazuh, DataDog, Splunk, Microsoft Sentinel, Sumo Logic Email Security: Zix email security, Exchange Online Protection, Defender for Office 365 Compliance standards: ISO ISMS, SOC2, PCI DSS, HIPAA Preferred: Any of the Certifications like - AWS Certified Security - Specialty, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), GIAC Certifications, or NIST Cybersecurity Framework (CSF) Additional Information NA Show more Show less

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

Roles & Responsibilities: We are seeking an experienced Vulnerability Management Engineer to join our Security Operations team. The ideal candidate will be responsible for identifying, tracking, and remediating vulnerabilities across cloud and on-premises environments, while also supporting broader security operations initiatives. Vulnerability Remediation & Patch Management: Work with InfoSec and IT teams to coordinate and track the remediation of vulnerabilities across the organization. Provide hands-on support in implementing and verifying patches for critical vulnerabilities on Windows, Linux, and cloud systems. Coordinate with infrastructure and application teams to validate patch readiness, test deployments, and confirm successful remediation. Ensure timely resolution of high and critical vulnerabilities in line with internal SLAs. Reporting & Compliance: Create and maintain weekly remediation reports outlining prioritization, risk classification, remediation status, and compliance metrics. Develop dashboards, trackers, and compliance summaries using internal tools (e.g., Excel, Power BI, or ServiceNow). Track patch management lifecycle from detection to closure with detailed documentation and metrics. Security Operations Support: Continuously monitor security alerts and events via tools like QRadar SIEM, Palo Alto Cortex XDR, and others to identify indicators of compromise. Investigate and respond to security incidents, including endpoint and email threats, escalating as needed. Tune SIEM rules and threat detection logic to reduce false positives and improve response efficiency. Stay updated on emerging threats, vulnerability disclosures, and zero-day advisories to support proactive mitigation. Policy & Documentation: Maintain detailed documentation of vulnerability management procedures, remediation efforts, patch testing results, and lessons learned. Support compliance initiatives (e.g., ISO 27001, HIPAA, GDPR) by ensuring vulnerability data and remediation timelines meet audit requirements. Qualifications: Experience : 6+ years in a Security Operations or Vulnerability Management role. Education : Bachelor's degree in Computer Science, Information Security, or a related field. Certifications (preferred): CISSP, CEH, CISM, CompTIA Security+, or equivalent. Technical Skills : Experience with tools like IBM QRadar, Palo Alto Cortex XDR, Qualys/Tenable/Nessus. Familiarity with cloud security in Azure and Microsoft 365. Strong understanding of patch management, CVSS scoring, and vulnerability lifecycle. Soft Skills : Strong analytical and communication skills. Ability to work cross-functionally with IT and infrastructure teams. Adaptability to changing threat environments and security priorities. Nice to Have: Experience building Power BI dashboards or using reporting tools to visualize patch status. Familiarity with ServiceNow or other ITSM platforms for tracking remediation tasks.

Job Description Develop comprehensive test plans for network equipment, adhering to ITSAR standards. Design and implement methodologies, tools, and frameworks to assess the security of IP Routers, Wi-Fi CPE devices, 5G components and other ITSAR as well . Conduct in-depth security assessments and penetration tests on IP Routers and Wi-Fi CPE devices to identify potential threats and vulnerabilities. Analyze vulnerabilities, misconfigurations, and weaknesses, providing detailed reports on findings. Identify, analyze, and document vulnerabilities in IP Routers and Wi-Fi CPE devices, ensuring compliance with ITSAR security requirements. Collaborate with network architects, engineers, and developers to design and implement secure configurations for network equipment. Develop and propose effective remediation strategies to address identified security issues, improving the overall security posture of network equipment. Provide actionable recommendations to stakeholders and management to enhance network security. Execute vulnerability assessments, penetration tests, and security reviews to identify weaknesses and potential security threats. Validate security configurations, system hardening practices, and patch management processes to ensure they meet NCCS ITSAR standards. Evaluate third-party software and hardware products for compliance with NCCS ITSAR requirements before deployment. Create and maintain comprehensive documentation, including security policies, procedures, audit reports, and technical assessments. Provide regular status updates, risk assessments, and recommendations to senior management on the organization's security posture. Support internal and external audits, ensuring accurate documentation and evidence of compliance with NCCS ITSAR. Stay informed about emerging threats, vulnerabilities, and best practices related to IP Routers, Wi-Fi CPE devices, and related technologies. Participate in incident response activities and investigations related to security breaches or incidents involving network equipment. Act as a subject matter expert on NCCS ITSAR, offering guidance and training to security team members and other departments. Collaborate with software developers, IT operations, and business units to ensure secure design, deployment, and operation of systems. Mentor junior engineers and security analysts, fostering a culture of continuous learning, collaboration, and improvement. Contribute to the development and refinement of security policies, standards, and procedures, with a focus on 5G network security and emerging technologies. Qualifications B. Tech/B.E in ECE/Computer Science/Telecommunication Related field or MCA or MSc (Computer Science or M.Sc. IT) or M.Sc. in Cybersecurity or equivalent. 3+ years of security engineering experience, focusing on system and network security. Proven experience with NCCS ITSAR or similar security assurance frameworks (e.g., Common Criteria, ISO/IEC 27001, Pentesting). Strong understanding of network protocols, encryption technologies, and cybersecurity tools. Proficiency in risk assessment, threat modeling, and vulnerability management. Experience with security testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, Nessus and other kali OS tools). Relevant certifications preferred: CEH, CCNA, OSCP, CCNP and eJPT Excellent problem-solving skills, with the ability to work independently and lead teams for the technical aspect in a fast-paced environment. Strong communication and interpersonal skills, with the ability to convey complex technical information to non-technical stakeholders. About Us A global leader in applied safety science, UL Solutions (NYSE: ULS) transforms safety, security and sustainability challenges into opportunities for customers in more than 110 countries. UL Solutions delivers testing, inspection and certification services, together with software products and advisory offerings, that support our customers’ product innovation and business growth. The UL Mark serves as a recognized symbol of trust in our customers’ products and reflects an unwavering commitment to advancing our safety mission. We help our customers innovate, launch new products and services, navigate global markets and complex supply chains, and grow sustainably and responsibly into the future. Our science is your advantage. Show more Show less

Role Description Job Title: Site Reliability Engineer Experience Range: 5-10 years Hiring Location: Mumbai, Chennai, Gurugram Must-Have Skills Professional experience working with public cloud platforms (AWS) Expertise in Infrastructure as Code (IaC) tools such as Terraform Hands-on experience with CI/CD tools like GitLab CI/CD, GitHub Actions, or Jenkins Strong coding and scripting skills (PowerShell, Bash, Python, or equivalent) Proficiency in Configuration Management tools like Ansible, Puppet, or Chef Experience managing and troubleshooting Linux servers Strong analytical and troubleshooting skills Exposure to security best practices and remediation Familiarity with security-related tools such as Wiz and Qualys Hands-on experience in Static/Dynamic Security Testing & Penetration Testing using tools like SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP Proxy, WebInspect, Fortify, Veracode, Nessus, etc. Good-to-Have Skills Knowledge of System and Application Monitoring tools (Prometheus, Grafana, CloudWatch) Experience with Log Management tools (Elastic Stack, Graylog, Splunk) Working experience with relational databases (MySQL, MS SQL Server, or similar) Use of Secret Management services like HashiCorp Vault Understanding of Change Control procedures Main Responsibilities Deliver resilient application stacks via Infrastructure as Code and DevOps practices Monitor and support critical, high-revenue business applications Diagnose and resolve complex system and application issues Implement and maintain security best practices and remediation strategies Work with cross-functional teams including Development, QA, IT Operations, and Project Management Write and maintain technical and non-technical documentation Skills Aws Cloud,Terraform,Powershell,Github Show more Show less

Cybersecurity Analyst Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 Months Stipend for Top Interns: ₹15,000 Certificate Provided | Letter of Recommendation | Full-Time Offer Based on Performance About the Company: INLIGHN TECH empowers students and fresh graduates with real-world experience through hands-on, project-driven internships. The Cybersecurity Analyst Internship is tailored to develop your expertise in identifying and mitigating cyber threats while gaining practical knowledge of modern security tools and frameworks. Role Overview: As a Cybersecurity Analyst Intern, you will work on monitoring networks, analyzing threats, and helping ensure the security of digital infrastructure. This internship will deepen your understanding of incident response, threat intelligence, and proactive defense strategies in a real-world context. Key Responsibilities: Monitor security systems and analyze logs for suspicious activity Conduct vulnerability assessments and recommend remediation steps Assist in security audits and compliance checks Perform malware analysis and track threat actors using threat intelligence platforms Document security incidents and prepare reports on findings Support the implementation of cybersecurity best practices and policies Qualifications: Pursuing or recently completed a degree in Cybersecurity, Information Security, Computer Science, or a related field Strong understanding of network protocols, firewalls, and endpoint protection Familiarity with security tools such as Wireshark, Snort, Nessus, or Splunk Awareness of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Good problem-solving and analytical thinking skills Eagerness to learn, investigate, and defend against cyber threats Internship Benefits: Hands-on experience with cybersecurity tools and threat detection methods Certificate of Internship upon successful completion Letter of Recommendation for top performers Build a strong portfolio of cybersecurity analysis and incident response case studies Show more Show less

Job title : Security Tester (Core Backend) Vacancy Position : 02 Experience Maximum Budget for 3-5 Years : 10-15% hike or Upto 12 LPA whichever is lower About company The National e-Governance Division has been set up by the Ministry of Electronics & Information Technology as an Independent Business Division under the Digital India Corporation {erstwhile Media Lab Asia}. Since 2009, NeGD has been playing a pivotal role in supporting MeitY in Programme Management and implementation of the e-Governance Projects; providing technical and advisory support to Ministries/ Departments, both at Central and State levels along with other Government organizations. NeGDs major operational areas include programme management, project development, technology management, capacity building, awareness and communications-related activities under the flagship Digital India Programme. NeGD has developed and is managing several National Public Digital Platforms such as DigiLocker, UMANG, Rapid Assessment System, OpenForge, API Setu, Poshan Tracker, Academic Bank of Credits, National Academic Depositories, National AI Portal, MyScheme, India Stack Global, Meri Pehchaan, etc. More details can be seen at https://negd.gov.in Overview The job holder will be designing and implementing security measures to protect computer systems, networks, and data from unauthorized access, attacks, and other security threats, as well as conducting security assessments of existing systems and identifying vulnerabilities or weaknesses that need to be addressed. He/ She may be used in other projects of Digital India as well, whenever required. Roles and Responsibilities The security test engineer will be part of the audit team that shall conduct security audits for web-application security, mobile app security, Network security and IT infrastructure security. Shall be responsible for the development and execution of the individual audit tasks assigned to them and prepares a detailed report in its regards as desired. Conduct post-release/ post-implementation testing. Shall prepare VAPT (Vulnerability Assessment & Penetration Testing) reports using defined templates and assist the management for finalization of audit reports. Shall prepare the audit plans, test cases, and test scenarios to perform the security audit. Create logs to document testing phases and defects. Essential Qualification Graduation/B.E/B. Tech./ MCA or equivalent. Qualification can be relaxed in the case of exceptional candidates. Experience & Skill Experience in Vulnerability Assessment and Penetration testing. Experience in project management and QA methodology. Experience in analysing and in identifying vulnerabilities manually. Experience in web application, MobileApp and network Vulnerability Assessment & Penetration Testing. Experience in Vulnerability Assessment and Penetration testing using industry standard tools such as Vulnerability Scanners for e.g. OWASP ZAP, Nessus, Sqlmap, Acunetix, Nmap, Burp Suite Pro, Netsparker etc. Experience and knowledge of Web Application Security standards such as OWASP/SANS etc. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities: Provide product and technical support for assigned accounts. Support, manage and sell to SMB Customers with defined geographic territory. Drive a culture of success through product expertise and positive account management. Provide accurate forecasting on Sales pipeline. Carefully monitor the quality of all services Qualys delivers to the customer by conducting QBRs (Quarterly Business Reviews) and ensuring adoption of technology and discovering upsell opportunity. Engage with channel partners and provide accurate renewal quotes. Raise any necessary alert for the customer’s business or technical situation in a timely manner. Work closely with customers to grow and expand the implementation/integration of Qualys products and services. Act as customer advocate with focus on improving customer contentment. Qualification: The ideal candidate will come from a security and/or networking background while performing an engineering, administration, or support role with 3-6 years of experience. General knowledge of current IT security fields including Firewall, Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, Vulnerability Management, Network Scanners (Nessus, nmap, Scan alert, ISS Internet Scanner), PCI, Policy Compliance/GRC-IT and Audit Tools is a plus. General knowledge of Desktop and Server operating system configuration, TCP/IP networking hardware, protocols, and LAN configuration, knowledge of LAN and WAN technologies, network design, and web security architectures is a plus. Ability to understand network and security infrastructure elements on advising how best to use Qualys products on cloud platforms. Must have a strong technical background and possess an excellent work ethic with a “make it happen” attitude. Excellent written and verbal communication skills. Works well in small group settings. A strong desire to be a customer-facing, technical solution expert. Extensive use of CRM (preferably salesforce.com) to maintain accurate activity, contact and account information of all customers. Ability to work rotational hours supporting global customers. Preferred Qualification: 3 - 6 years of equivalent experience in consulting or account management. Preferred pre-sales experience in computer networking or information security or public clouds. Candidates from STEM preferred. Show more Show less

Position: VAPT Specialist Experience: 2+ Years Location: Mumbai/ Thane Notice Period: Immediate Joiners Primary Skills: VAPT, CEH Certification, Metasploit, Penetration Testing, Linux Key Responsibilities: Perform Web Application Vulnerability Assessments and Penetration Testing to identify and exploit vulnerabilities in web applications. Conduct Mobile Application Vulnerability Assessments and Penetration Testing on Android and iOS platforms, identifying weaknesses and suggesting appropriate fixes. Lead Network Penetration Testing to evaluate the security posture of internal and external networks. Reverse engineer malware, analyze data obfuscation techniques, and work with cryptographic ciphers to detect and mitigate threats. Utilize industry-leading penetration testing tools such as Metasploit, BurpSuite, w3af, Kali Linux, SQLMap, Skipfish, MObSF, Androbugs, Nessus, and others to automate and perform testing. Leverage Linux/UNIX environments, including proficiency in Bash and PowerShell scripting, to perform testing and automate tasks. Document findings, provide detailed reports, and assist in remediation by working closely with internal teams. Stay up-to-date with emerging threats, vulnerabilities, and penetration testing methodologies. Qualifications & Requirements: 2-4 years of hands-on experience in performing web application, mobile application, and network penetration testing. Strong expertise in Web Application Vulnerability Assessment & Penetration Testing. Hands-on experience with Mobile Application Vulnerability Assessment & Penetration Testing (Android and iOS). Proficient in Network Penetration Testing and Security Assessment techniques. Experience with reverse engineering malware, analyzing obfuscated data, and cryptographic analysis. Strong command of penetration testing tools such as Metasploit, BurpSuite, w3af, Kali Linux, SQLMap, Skipfish, MObSF, Androbugs, Nessus, and others. CEH (Certified Ethical Hacker) certification is mandatory. Knowledge of Linux/UNIX operating systems and Bash or PowerShell scripting. Excellent problem-solving skills and the ability to think creatively in assessing security weaknesses. Strong communication skills for writing technical reports and working with cross-functional teams. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities Key Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory Skill Sets CEH, ECSA, LPT (any one) Preferred Skill Sets OSCP, OSWE Years Of Experience Required 2-10 Years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master of Business Administration, Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world . The Opportunity: ECI has an exciting opportunity for a Senior Systems Escalation Engineer , who specializes in PowerShell scripting, Linux Bash scripting, and server/workstation troubleshooting. The ideal candidate will also take a proactive approach in addressing vulnerabilities across Windows and Linux environments, crafting and implementing remediation plans to ensure system security. This is an onsite role. What you will do: Key Responsibilities: Scripting and Automation: Develop, maintain, and optimize PowerShell scripts for Windows environments and Bash scripts for Linux systems to automate administrative and operational tasks. Troubleshooting: Diagnosing and resolve complex issues related to server and workstation patching, ensuring minimal downtime and quick recovery. Provide advanced-level technical support for both Windows and Linux systems. Vulnerability Management: Perform vulnerability assessments across Windows and Linux platforms to identify security risks. Create and implement vulnerability remediation plans to address identified risks promptly and effectively. Collaborate with IT and security teams to track remediation progress and ensure compliance with organizational policies. Patch Management: Analyze, test, and deploy patches for servers and workstations, addressing both functional and security requirements. Establish best practices for patching processes to reduce system vulnerabilities and enhance performance. Documentation: Prepare detailed documentation, including scripts, troubleshooting guides, vulnerability reports, and remediation action plans. Who you are: 7+ years of relevant experience in scripting, troubleshooting, and vulnerability remediation. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience). Strong experience in PowerShell and Bash scripting for automation and troubleshooting purposes. In-depth knowledge of Windows and Linux systems, including server and workstation environments. Expertise in vulnerability assessment methodologies and tools (e.g., Nessus, Qualys, OpenVAS). Experience with patch management tools and techniques in enterprise environments. Ability to analyze system logs and provide actionable insights for remediation. Bonus points if you have: Excellent communication skills to work with cross-functional teams and present findings to stakeholders. ECI’s culture is all about connection - connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more! If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you! Love Your Job, Share Your Technology Passion, Create Your Future Here! Show more Show less

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world . The Opportunity: ECI is looking for a Network Compliance Engineer to join our Network Engineering Department within a dynamic (MSP) environment. This role is critical in ensuring that both internal and client network infrastructures adhere to industry regulations, security policies, and best practices. You will collaborate with network engineers, security teams, and clients to implement and maintain network compliance frameworks, ensuring secure, reliable, and scalable network environments. As a Network Compliance Engineer, you will be responsible for performing assessments, audits, and remediation efforts, ensuring networks are compliant with relevant regulatory standards such as SOC 2, PCI-DSS, HIPAA, NIST , and other industry-specific requirements. This is an onsite role. What you will do: Ensure Compliance: Conduct regular compliance assessments for internal and client network infrastructure, ensuring they meet industry standards (SOC 2, HIPAA, PCI-DSS, NIST, ISO 27001) and internal security policies. Documentation & Reporting: Develop and maintain network compliance documentation, including risk assessments, configuration baselines, security policy compliance, and audit evidence for clients. Audits & Reviews: Perform network audits to verify compliance with established network security policies, best practices, and relevant industry regulations. Collaboration: Work closely with network engineers and security teams to design, implement, and maintain compliant network solutions for client environments. Remediation & Gap Analysis: Identify and track compliance gaps or vulnerabilities within client networks, and work to remediate those issues with network engineering teams. Compliance Monitoring: Use network monitoring tools (e.g., SolarWinds, PRTG) to continuously assess network configurations and activities for compliance and security risks. Client Interaction: Serve as a compliance advisor for clients, guiding them on how to align their network infrastructures with regulatory and security requirements. Incident Response: Support the incident response process when network-related compliance breaches or security incidents are detected, ensuring corrective actions are implemented. Training & Awareness: Educate and train internal teams and clients on compliance best practices, network security policies, and regulatory requirements. Continuous Improvement: Stay up to date with industry trends, evolving regulations, and emerging threats, integrating those insights into compliance strategies. Who you are: Bachelor’s degree in Information Technology, Network Engineering, Cybersecurity, or a related field (or equivalent work experience). 3+ years of experience in network engineering or network compliance, preferably in an MSP environment. Solid understanding of network protocols, including TCP/IP, VLANs, VPNs, firewalls, NAT, and routing (OSPF, BGP). Hands-on experience with firewall technologies (e.g., Fortinet, Cisco ASA, Palo Alto) and network monitoring tools (e.g., SolarWinds, PRTG, Auvik). Familiarity with industry standards and regulations like SOC 2, HIPAA, PCI-DSS, NIST, and ISO 27001. Strong analytical skills with the ability to assess and resolve network compliance issues. Excellent written and verbal communication skills, particularly for documentation and client-facing interactions. Bonus points if you have: Certifications such as CompTIA Security+, CCNA Security, CISSP, CISA, PCNSE, or Fortinet NSE. Experience with cloud networking, including AWS or Azure compliance standards. Exposure to SIEM tools (e.g., Splunk, LogRhythm) and vulnerability management tools (e.g., Nessus, Qualys). Familiarity with MSP platforms like ConnectWise, Datto, N-Able, or Autotask. Ability to work with cross-functional teams (e.g., security, DevOps, IT) to enforce security policies. ECI’s culture is all about connection – connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more! If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you! Love Your Job, Share Your Technology Passion, Create Your Future Here! Show more Show less

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world . The Opportunity: ECI is looking for an experienced and detail-oriented Senior Network Compliance Engineer to join our Network Engineering Department within our dynamic (MSP) environment. In this senior-level role, you’ll be responsible for overseeing network compliance strategy, ensuring internal and client network environments meet regulatory, contractual, and security standards. You’ll lead efforts to assess, document, and harden network infrastructure across a diverse client base and serve as a critical bridge between engineering, cybersecurity, and compliance functions. This is an onsite role. What you will do: Lead the design and enforcement of network compliance standards across internal and client-facing infrastructure, including firewalls, VPNs, routing/switching, segmentation, and cloud networking. Oversee technical audits of network configurations to ensure alignment with compliance frameworks such as SOC 2, PCI-DSS, HIPAA, NIST, ISO 27001, or client-specific regulatory requirements. Define and maintain network hardening baselines, security controls, and access control standards in collaboration with the network engineering team. Serve as the subject matter expert (SME) for all network compliance initiatives during client onboarding, contract reviews, and formal audits. Conduct gap analyses and risk assessments, and drive remediation efforts with engineering teams to close compliance deficiencies. Lead the development and maintenance of compliance documentation, including network architecture diagrams, control maps, SOPs, and audit evidence packages. Act as a senior advisor to clients on network compliance best practices, supporting business continuity, regulatory alignment, and technical scalability. Partner with the security and GRC teams to support incident response investigations related to network-level breaches or violations. Mentor junior compliance engineers and serve as a go-to resource within the department for all compliance-related technical inquiries. Stay current on regulatory changes and evolving threats, helping the organization and its clients stay ahead of risk and regulatory exposure. Who you are: Bachelor’s degree in Information Technology, Network Engineering, Cybersecurity, or a related field (or equivalent experience). 5+ years of hands-on experience in network engineering, security, or compliance, with at least 2 years in a senior or lead role. Deep understanding of networking concepts and infrastructure, including TCP/IP, VLANs, VPNs, BGP, OSPF, ACLs, firewalls, SD-WAN, and cloud connectivity. Direct experience working with compliance frameworks such as SOC 2, HIPAA, PCI-DSS, NIST, or ISO 27001 in a multi-tenant MSP or consulting environment. Proficiency with industry-standard security and network tools such as Fortinet, Cisco, Palo Alto, SolarWinds, Nessus, Tenable, or SIEM platforms. Excellent analytical, documentation, and communication skills – capable of working with both technical engineers and non-technical stakeholders. Bonus points if you have: Professional certifications such as CISSP, CISM, CISA, CCNP Security, PCNSE, CompTIA CASP+, or GIAC GCCC. Experience working in cloud or hybrid environments (AWS, Azure) with a focus on network security and compliance. Familiarity with MSP tools such as ConnectWise, N-Able, Datto, Autotask, or ServiceNow. Experience with client-facing security assessments and remediation planning across regulated industries (finance, healthcare, legal, etc.). ECI’s culture is all about connection – connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more! If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you! Love Your Job, Share Your Technology Passion, Create Your Future Here! Show more Show less

Diversity hiring for Cyber Security Engineer - 5 to 10 Years at Bangalore. Position Cyber Security Engineer Experience – 5 to 10 Years Location – Bangalore Job Description: 5-8 years of experience in cybersecurity engineering, preferably in the manufacturing or industrial control systems (ICS) sectors. Strong knowledge of cybersecurity principles, risk management, and threat analysis. Proficiency with cybersecurity tools and technologies used for monitoring, detection, and incident response. Familiarity with cybersecurity standards and regulations such as IEC 62443, ISO 27001, NIST, etc. Relevant certifications such as CISSP, CISM, CEH, or GIAC are preferred. If interested, please share cv on omkar@hrworksindia.com Regards, Omkar 8208497043

Job Title: Senior SOC Analyst (SIEM, Threat Hunting & Incident Response) Department: Cybersecurity & IT Risk Management Reports To: CISO / Director – Cybersecurity & GRC Location: Manesar, Haryana (On-site at Client Location) Employer: VVNT SEQUOR, Noida Summary: VVNT SEQUOR is hiring a Senior SOC Analyst to strengthen the cybersecurity posture of a leading client in Manesar, Haryana. This is a full-time on-site role requiring deep hands-on expertise in threat detection, incident response, SIEM management, and vulnerability assessments. As a senior member of the Security Operations Center (SOC), you will lead advanced threat-hunting efforts, optimize detection logic, and ensure rapid response to cybersecurity events. Your key responsibilities will include: Leading 24x7 SOC operations , threat monitoring, triage, and escalations using tools like ArcSight, Splunk, and ELK . Creating and fine-tuning correlation rules , dashboards, and playbooks to enhance detection capabilities. Executing proactive threat hunting using MITRE ATT&CK , EDR telemetry, threat intel feeds, and custom threat models. Coordinating and leading incident response , performing forensic investigations using CHFI methodologies , memory analysis, and endpoint data. Performing and overseeing Vulnerability Assessment & Penetration Testing (VAPT) using Nessus, Qualys, OpenVAS, Metasploit , and Burp Suite . Managing EDR and SOAR platforms , integrating automated responses and threat intelligence feeds. Administering and securing firewalls (FortiGate, Palo Alto), WAFs, IDS/IPS, and Anti-DDoS infrastructure. Maintaining compliance with ISO 27001, NIST CSF, and internal security baselines , conducting regular audits and patch validations. Documenting Root Cause Analyses (RCA) , incident timelines, and post-incident review reports. Leading security awareness programs (e.g., KnowBe4) and mentoring junior analysts. We are looking for someone with: Bachelor's degree in Cybersecurity, Information Security, or related field. 7–9 years of SOC and cybersecurity operations experience. Strong knowledge of SIEMs (e.g., ArcSight, Splunk), EDRs (CrowdStrike, SentinelOne) , and log correlation techniques . Proven skills in threat analysis, IOC handling, malware analysis , and incident lifecycle management . Working experience with security automation (SOAR) and scripting (e.g., Python, PowerShell) for response actions. Solid understanding of MITRE ATT&CK, NIST 800-61, OWASP Top 10 , and compliance mandates . Proven experience in writing technical incident reports, security playbooks, and conducting RCA. Bonus points for: Certifications like CEH, CHFI, Security+, GCIA, GCFA, Splunk Certified Analyst, PCNSE . Experience with Tripwire SCM, KnowBe4 , or cloud-native security tools (AWS GuardDuty, Azure Sentinel). Exposure to OT/ICS security , manufacturing, or automotive environments. Familiarity with Purple Teaming, Red Team/Blue Team drills , and Threat Intelligence Platforms (TIPs) . Why join VVNT SEQUOR? Lead and influence real-time SOC strategies for a mission-critical enterprise. Gain hands-on experience with top-tier cybersecurity technologies and threat landscapes. Subsidized Cab and Lunch facilities at client site. Work in a client-focused, innovation-driven cybersecurity environment. To Apply: Please submit your resume along with the cover letter to chaitali@vvntsequor.in or parveen.arora@vvntsequor.in Also, you can connect over WhatsApp +91-9891810196 or +91-8802801739 IMPORTANT: Do mention clearly to Job Role that you are applying for along with your Last Salary Drawn information as well as your Earliest Joining Date in your covering letter or email. Show more Show less

Job Title: Vulnerability Assessment and Penetration Testing Internship for Technical services - (Performance based conversion to full-time Role) Job Location: Mumbai (On-site) Duration: 6 Months Note: Looking only for Immediate joiners (5 Days) Qualifications: BE/B. Tech with specialization in cyber security, MCA, M. Tech / Master’s in Information security, or Forensics Analysis Knowledge. Mandatory Certifications: CEH-EC-council / EJPT / PNPT / EWPT / CRTP Role and Responsibility: • Conduct Network/ System Vulnerability Assessments, Penetration Testing using tools to evaluate attack vectors, identify system vulnerabilities, and provide appropriate remediation plans for mitigation of the identified vulnerabilities. • Conduct Application vulnerability assessments, Penetration Testing for web applications, identify and report vulnerabilities, provide recommendations, and track closure of identified vulnerabilities. • Perform Configuration compliance assessments for Endpoints / Assets /network devices and help maintain the security settings at compliant level with Specific Security Standards. • Perform regular monitoring of patch compliance of the assets in the network, Analyze Patch Advisories and provide remediation steps for the stakeholders. • Performing comprehensive review and threat adversary modeling for web applications. • Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting • Conduct and compile findings on new vulnerabilities, new tools for departmental use. • Create project deliverables / reports and assist the client with remediations and discussions. • Abide by the project timelines and maintain project discipline. Technical Skills Required: • Hands-on Experience in performing Network Security Assessment and vulnerability Assessment. • Good understanding of OSI layers and fundamental Operating system concepts, security settings for various flavors of Windows and Linux platforms. • Sound knowledge about Application vulnerability assessments and relevant knowledge of OWASP top 10 vulnerabilities and SANS. • Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp Suite, Paros Proxy Nessus, nexpose, Wireshark, sqlmap etc. • Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. • Familiar working with Publicly available exploits codes. • Sound knowledge about infrastructure vulnerability scans, identifying security vulnerabilities, weaknesses, threats, and assessing related risks that exists within an IT Infrastructure or business processes. • Good understanding of firewalls, Switches, and Router’s configuration settings and policies, relevant experience in performing rule base reviews and configuration reviews for network devices. Show more Show less

Job Description Principal Security Software Engineer Are you interested in building large-scale distributed software for the cloud? Oracle’s Service Cloud team is building Software-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services. We’re looking for hands-on engineers with expertise and passion in identifying and resolving difficult security problems in distributed systems, virtualized infrastructure, and highly available services. If this is you, at Oracle you can design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. An engineer at any level can have significant technical and business impact. As a Principal Security Software Engineer you will review the software design and development for all components of Oracle’s Service Cloud team. Develops and execute programs and processes to reduce information security risk and strengthen Oracle’s security posture. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. Things you'll do: Penetration testing Hardening of network, software and firmware Security tool development (e.g. scanning tools) Security metrics definition and delivery Consult across different software development teams Attack vector modeling Champion secure coding practices Minimum Qualifications: Bachelor’s or Master’s degree in Computer Science or related field 7+ years of experience in software engineering or related field Experience working in a large cloud or Internet software company preferred Strong application/product/software security background Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, verbal and written communication skills Ability to succeed through collaboration and working through internal and external organizations and individuals Prior DevOps or continuous delivery and deployment experience preferred Strong security testing experience with Fortify, Burp, Zap or Webinspect. Thorough understanding of latest security principles, techniques, and protocols. Security certifications is a plus. Skills Required: Application architecture and design reviews; Penetration Testing and Vulnerability assessments; Web Services and API security assessments; Product Security Assessments and Threat Modeling; Dynamic Vulnerability Scanning using automated application scanners; Execute Secure Code Audits using manual and automated methods to review product codes; Secure SDLC Processes including DevOps and Agile; Knowledge of languages, including Java, .Net, PHP, C++, and XML; Security Testing tools, including Nmap, Nessus, Web Inspect, BurpSuite, ZAP Scanner, Fortify Secure code scanner, SOAP UI, Kali Linux, and Metasploit; Operating Systems including Windows and Linux; Cryptographic algorithms, hashing algorithms, encryption; and Network and web related protocols, including TCP/IP, TLS/SSL, HTTP, and FTP. Detailed Description And Job Requirements As a member of the software security team, you will assist in defining and developing software for tasks associated with the security testing of software applications. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Develop, implement, and enforce Oracle’s security policies. Develop, implement, and manage Oracle’s compliance with operational security procedures. Develop Security Review threat model and operationalization standards for cloud services to be built and deployed into Oracle’s Service cloud. Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law. Career Level - IC4 Responsibilities Supports the strengthening of Oracle’s security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance. Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In Security role, may manage the creation, review and approval of corporate information security policies. Mentors and trains other team members. Compiles information and reports for management. About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Job Title:DLP Lead Experience8-14 Years Location:Bangalore /Pune : Technical Skills: Experience in configuring s and creating workflows on Email DLP - Proofpoint Prior experience with CASB Netskope or similar solution Knowledge of security principles including cloud , standards and techniques Understanding of cloud principles ,cloud applications and key cloud service providers Prior experience with Data loss prevention tools, SIEM, network devices and other infrastructure Reviews violations of data security procedures to eliminate violations Strong experience on Mimecast email Security solution for threat Protection, Spoofing, Encryption, Archive, URL Defense Strong understanding of email delivery architecture, email gateway and DNS technologies Strong understanding of networking, SMTP, DNS Experience of compliance requirements for database security (e.g. SOX, HIPAA, PCI etc.) Strong verbal and written communications skills; must be able to effectively communicate technical details and thoughts in non-technical/general terminology to various levels of the organization. Work well in team environments with internal and external resources as well as work independently on tasks Strong organizational, and time management skills Process Skills: Overall management of Email DLP solution - Proofpoint Analyze blocked emails Manage CASB operations ,maintain implemented Netskope CASB solution,respond and resolve incidentsinvestigate and conduct analysis Work on email release/drop as per requests Tune/Amend email DLP policies Perform Daily DLP System Health check and publish health report Update/Add - roles modification, response rules, complex and new policies modifications Email DLP – Microsoft E4 licenses CASB –Netskope Behavioral Skills: Effective interpersonal, team building and communication skills Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers, be able to follow instructions, make a team stronger for your presence and not weaker. Ability to see the bigger picture and differing perspectives; to compromise, to balance competing priorities, and to prioritize the user. Desire for continuous improvement, of the worthy sort; always be learning and seeking improvement, avoid change aversion and excessive conservatism, equally avoid harmful perfectionism, 'not-invented-here' syndrome and damaging pursuit of the bleeding edge for its own sake. Learn things quickly, while working outside the area of expertise. Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design Ability to communicate complex technology to no tech audience in simple and precise manner. Ownership skills. Qualification: Must have 4 Year degree (Computer Science, Information Systems or equivalent) 4+ years overall IT experience.