1268 Nessus Jobs - Page 5

About the Role Cyberintelsys, a cybersecurity consulting and services provider, is hiring Cybersecurity Interns (VAPT track) . This internship is ideal for students or recent graduates who are passionate about cybersecurity and eager to gain industry experience. Key Responsibilities Assist with security assessments of applications, cloud, and network environments. Support vulnerability identification, risk analysis, and documentation. Research and summarize emerging cybersecurity practices and trends. Contribute to draft reports and recommendations. Collaborate with team members on internal and client-focused initiatives. Skills & Knowledge Required Basic understanding of networking and operating systems (Linux/Windows). Awareness of common security issues and frameworks. Familiarity with tools such as Nmap, Burp Suite, Wireshark, Nessus/OpenVAS. Freshers with CEH (EC-Council) certification are highly preferred. Strong passion for cybersecurity and willingness to learn. What We Offer Practical exposure to live cybersecurity projects. Mentorship from industry professionals. Internship certificate upon completion. High-performing interns may be considered for full-time positions. Job Type : Internship ( Paid) Apply Now: sathish@cyberintelsys.com

Required Security and VAPT Audit Specialist Position Overview We are seeking a skilled Security and VAPT (Vulnerability Assessment & Penetration Testing) Audit Specialist to strengthen our cybersecurity posture. The candidate will be responsible for conducting vulnerability assessments, penetration testing, compliance audits, and risk analysis of applications, networks, cloud, and infrastructure. The role requires a strong understanding of security frameworks, compliance standards, and the ability to provide actionable remediation strategies. Key Responsibilities Conduct end-to-end vulnerability assessments and penetration tests on web applications, APIs, mobile apps, cloud environments, networks, and infrastructure. Perform red team/blue team exercises to simulate real-world cyberattacks. Identify, analyze, and document security weaknesses, misconfigurations, and vulnerabilities. Develop and present detailed VAPT and audit reports with remediation guidance. Ensure compliance with security frameworks like ISO 27001, NIST, OWASP, PCI-DSS, HIPAA, GDPR, CERT-In guidelines etc. Conduct risk assessments and security audits across IT systems and third-party integrations. Collaborate with developers, DevOps, IT, and business teams to prioritize and fix identified vulnerabilities. Stay updated on emerging threats, attack vectors, and security tools/technologies. Assist in the development of security policies, standards, and incident response plans. Required Skills & Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. 2–6 years of experience in cybersecurity, penetration testing, or IT audits. Strong knowledge of security tools (Burp Suite, Nessus, Metasploit, Nmap, Wireshark, Kali Linux, Qualys, Acunetix, etc.). Familiarity with OWASP Top 10, SANS Top 25, MITRE ATT&CK framework. Hands-on experience in Web, Mobile, Cloud (AWS/Azure/GCP), and Network Security Testing. Experience in preparing audit & compliance reports. Certifications preferred: CEH, OSCP, CISSP, CISA, CISM, CREST, CPENT, ISO 27001 LA. Soft Skills Strong analytical and problem-solving abilities. Excellent communication skills to explain technical issues to non-technical stakeholders. Ability to work independently and within cross-functional teams. Attention to detail and strong documentation skills.

What you will do: Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices, Web and Mobile based Applications. Perform attacks and identify vulnerabilities on interfaces like USB, WiFi. Ethernet etc. Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws. Leverage DevSecOps to embed security testing into all phases of SDLC. Provide support/inputs in issue remediation. Prepare Test Plans and Test Reports to support test activities. What you need: Required Qualifications: Bachelor’s in Software/Electronics Engineering or equivalent degree. 5 to 7 years of experience Hands-on experience in Vulnerability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python. Understanding of Cloud based environments like Azure and AWS. Preferred Qualifications: At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Excellent communication and interpersonal skills. Stryker is a global leader in medical technologies and, together with its customers, is driven to make healthcare better. The company offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually.

Infigo Eyecare is looking for Post Segment Retina Surgeon to join our dynamic team and embark on a rewarding career journey Diagnosis: Conducting thorough examinations and using specialized imaging techniques to diagnose a wide range of retinal and vitreous conditions, such as retinal detachment, macular degeneration, diabetic retinopathy, and more Surgical Interventions: Performing various surgical procedures to address retinal disorders This can include vitrectomy (removing vitreous gel), retinal detachment repair, laser surgery, and injections for conditions like macular degeneration or diabetic retinopathy Patient Consultation: Discussing treatment options with patients, explaining surgical procedures, potential risks, and expected outcomes Providing compassionate care and support throughout the treatment process Collaboration: Working closely with other eye care professionals, such as optometrists, ophthalmologists, and other surgeons, to ensure comprehensive eye care for patients with complex eye conditions Postoperative Care: Monitoring patients' progress after surgery, conducting follow-up appointments, and adjusting treatment plans as necessary to achieve optimal visual outcomes Research and Education: Engaging in ongoing research to advance understanding and treatment methods for retinal diseases Contributing to the education and training of future ophthalmologists and retina specialists Having hands on experience in medical & Surgical Retina Must have done decent Surigical Numbers & Confident to handle entire regime of retina Surgeries

Job Description Summary As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for -Cyber security analysis of controllers, Control systems. -Lead the software and hardware penetration testing activates -Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans. -Streamline SBOM generation. -Lead the cyber security testing for GE Vernova Power Conversion products and analyze the reports and suggest remediation strategy. -Identify Product vulnerabilities, rate and report to development team. Job Description Essential Responsibilities: Lead reviews, suggest architectural changes, conduct tests to ensure systems, controllers, meet Cyber security requirements. Collaborates with a team of controls and system engineers developing operational software for various subsystems. The position requires a clear understanding of OT System, and conversant with all Cyber security requirements. This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. The Security Analyst should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in dierent location to deliver Cyber secure software to meet customer requirements. Roles and Responsibilities You are a skilled Security Analyst who enjoys security work and is an expert in systems security, product / OT security and application security. In this role, you will be working with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents. In this role, you will: Be responsible for providing technical leadership and defining, developing security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure. Work with Cyber Security Leaders and SMEs to understand product requirements. Hands on experience with penetration testing for software applications, Systems, Web Application, mobile application, controllers. Work on Cybersecurity tools like Wireshark, NESSUS and Burp Suite Experienced in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing during the development of software applications. Assist security champions in completing Threat Modelling and Architecture Risk Analysis on product features. Perform Security Code Reviews, Vulnerability Analysis and research on application code. Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera) Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project. Research new application security technologies and implement them to improve application security. Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development. Promote best practices based on OWASP Top 10, SANS Top 25, and the GE Vernova SDLC. Education/Qualification Bachelor /master's degree in IT/computer science or relevant engineering or equivalent knowledge / experience with 8-10 Years of Experience Strong understanding of fundamentals in networking, ethical hacking, cryptography, penetration testing, vulnerability analysis, risk assessment, threat modelling, cybersecurity standards like ISO 27000 and ISA/IEC 62443. Database RDBMS, MySQL NoSQL databases Software component: MS Visual Studio, MS Office, MS Visio, GitHub Linux and Windows OS Hands on experience with Enterprise Application and Web Application servers like Tomcat, and WLP. Certifications like CEH, OSCP, PNPT will be an added advantage.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Pentester, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning pentesting activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure pentesting, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up-to-date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Provide specialised knowledge and guidance in your area of expertise, acting as a resource for team members seeking advice or solutions to complex problems.Organise tasks, facilitate effective communication, and encourage collaboration among team members to help drive results and achieve set objectives efficiently.Take responsibility for the outcomes of decisions made by the team, ensuring transparency and learning from successes or setbacks to continuously improve future decision-making processes. Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team.Good to HaveConduct telecom risk assessments on core and access network nodes (e.g., Voice core, packet core, radio, IMS, 5G Core, fixed line).Demonstrate cybersecurity knowledge for mobile and fixed networks (2G-5G, IMS, VoLTE).Understand telecom protocolsDiameter, SIP, SS7, GTP, SCTP.Familiarity with standards:3GPP, GSMA NESAS, ISO 27001, NIST, and local regulations.Perform penetration testing on telecom infrastructure and services.Contribute to security hardening using industry best practices (3GPP, GSMA NESAS, NIST). Additional Information:The candidate should have a minimum of 7.5 years of experience in Security Penetration Testing.This position is based at our Gurugram office.A 15 years full time education is required. Qualification 15 years full time education

Why join Stryker? Looking for a place that values your unique talents? Discover Stryker's award-winning culture. We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific. Job description We are excited to be named one of the World’s Best Workplaces by Fortune Magazine! We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific. What you will do: Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices, Web and Mobile based Applications. Perform attacks and identify vulnerabilities on interfaces like USB, WiFi. Ethernet etc. Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws. Leverage DevSecOps to embed security testing into all phases of SDLC. Provide support/inputs in issue remediation. Prepare Test Plans and Test Reports to support test activities. What you need: Required Qualifications: Bachelor’s in Software/Electronics Engineering or equivalent degree. 5 to 15 years of experience Hands-on experience in Vulnerability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python. Understanding of Cloud based environments like Azure and AWS. Preferred Qualifications: At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Excellent communication and interpersonal skills. Stryker is a global leader in medical technologies and, together with its customers, is driven to make healthcare better. The company offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Pentester, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning pentesting activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure pentesting, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up-to-date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Provide specialised knowledge and guidance in your area of expertise, acting as a resource for team members seeking advice or solutions to complex problems.Organise tasks, facilitate effective communication, and encourage collaboration among team members to help drive results and achieve set objectives efficiently.Take responsibility for the outcomes of decisions made by the team, ensuring transparency and learning from successes or setbacks to continuously improve future decision-making processes. Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team.Good to Have:Conduct telecom risk assessments on core and access network nodes (e.g., Voice core, packet core, radio, IMS, 5G Core, fixed line).Demonstrate cybersecurity knowledge for mobile and fixed networks (2G-5G, IMS, VoLTE).Understand telecom protocolsDiameter, SIP, SS7, GTP, SCTP.Familiarity with standards:3GPP, GSMA NESAS, ISO 27001, NIST, and local regulations.Perform penetration testing on telecom infrastructure and services.Contribute to security hardening using industry best practices (3GPP, GSMA NESAS, NIST). Additional Information:The candidate should have a minimum of 5 years of experience in Security Penetration Testing.This position is based at our Gurugram office.A 15 years full time education is required. Qualification 15 years full time education

Breach & Attack Simulation, Cloud Security Assessment & Red Teaming

CYBER SECURITY ENGINEER ROLE Job Title:AppSec Engineer The AppSec Engineer is a specialized cybersecurity role focused on DevOps engineering principles. While the expectation of their sibling role – SAE – is to have practical working security knowledge, this role specializes in it. In a multi-product environment as we have here, there are common security concerns that cut across teams. This role will be responsible for building, integrating and maintaining the connective infrastructure that will help automate security processes throughout the various product team’s environments. The person is expected to understand our product environments well – they won’t be doing feature work, but they will not be successful without understanding the overall architecture, the current build environment, and the tooling and technical stack of the product teams. Additionally, the team this role is attached to will lead the triage process for cybersecurity vulnerabilities identified throughout the various product environments . Qualification: Education : Bachelor of Engineering/ Bachelor of Technology/ Master of Engineering/ Master of Technology/ Master of Science Discipline : Computer Science/Relevant engineering Experience : 5 to 10 years Job Responsibilities (Typical day in AppSec Engineer’s life): Read/learn/discuss latest trends/tools/best practices/updates of cyber security, application development, and cloud services industries. Perform custom impact and risk analysis of identified security vulnerabilities for each product team. Create mitigation plans with product teams to resolve security vulnerabilities. Build tooling to automate security into the product teams’ development, build, deployment, and operational processes. Actively contribute to story planning, identifying and providing expertise on work items that involve security considerations. Be On-Call for: Cyber security breaches High impact events (like a day zero effecting a team) or a breach Uptime disruptions caused by their contributions. Skills Required (AppSec Engineer’s superpowers): Cloud Platform: AWS, Microsoft Azure Development Environments: VSCode, JetBrains, Eclipse Programming languages: Know at least a few languages well (Java, JavaScript/TypeScript, C++, C, Python, Powershell, unix shell, etc.) Infrastructure as Code: CloudFormation, CDK, Bicep, Terraform, Ansible, etc. SIEM/SOAR: Microsoft Sentinel, Splunk, Checkmarx OS: Linux, Windows Configuration Management tools: Git, GitHub, GitLab, Azure DevOps Vulnerability management tools: Nessus Pro, Tenable IO, FireEye, CrowdStrike, Defender, SpyCloud etc. Competencies (Who AppSec Engineer is): Willingness to prioritize team success over individual recognition. Champions collaboration, knowledge sharing, and mentoring as foundational practices. Committed to improving DevSecOps processes through continuous learning and experimentation. Supports sustainable pace and actively addresses technical debt. Willing to work onsite one week per quarter. Annual Goals (What AppSecEngineer will be measured on): Direct reduction of measured security vulnerabilities via tooling Cycle time to mitigate vulnerabilities, assigned -> closed When On-Call, 100% of response times under 15 minutes Leads annual threat modeling exercise for all products assigned

As an experienced professional with 8 to 13 years of expertise in the field, you will be responsible for managing vulnerabilities using tools such as Qualys and Nessus. Your role will involve effectively identifying, assessing, and mitigating vulnerabilities to ensure the security of the organization's systems and data. Your in-depth knowledge and experience in vulnerability management will be crucial in safeguarding against potential threats and maintaining a secure environment. Collaborating with cross-functional teams, you will play a key role in developing and implementing strategies to address vulnerabilities effectively. Your proactive approach and strong understanding of security best practices will be essential in mitigating risks and ensuring compliance with industry standards.,

As a Vulnerability Management Specialist at frog, you will be an integral part of the cybersecurity team, responsible for overseeing and enhancing our vulnerability management program. Leveraging your extensive expertise with tools like Nessus, you will be instrumental in identifying, prioritizing, and mitigating security vulnerabilities within our clients" environments. Your role will involve leading the development and execution of the vulnerability management strategy, policies, and procedures. You will regularly conduct vulnerability assessments and penetration tests using industry-standard tools to pinpoint security weaknesses in networks, systems, and applications. Analyzing scan results, you will prioritize vulnerabilities based on severity, exploitability, and potential impact. Collaboration with cross-functional teams is paramount, as you will work together to devise and implement remediation plans promptly. Additionally, you will provide technical guidance and mentorship to junior team members within the vulnerability management team. Staying informed about emerging cyber threats, vulnerabilities, and industry best practices will be crucial in enhancing the effectiveness of the vulnerability management program. You will also be responsible for preparing and presenting reports on vulnerability assessment findings, remediation progress, and the overall program effectiveness to senior management and clients. Your primary skills should encompass Vulnerability Management & Assessment, Remediation, Reporting, Qualys, Rapid7, Nessus, Scanning, Patching, and False Positive Analysis. Secondary skills include Qualys, Nessus, and Rapid 7. Joining frog means becoming part of a global network of studios characterized by a vibrant culture. At frog, curiosity, collaboration, and courage are celebrated, with a focus on improving the human experience. Emphasizing positivity, humor, and community alongside performance, our culture is open, flexible, inclusive, and engaging. Working at frog empowers you to make a significant impact not only on projects but also in your studio, community, and the world at large.,

Job description Some careers shine brighter than others. If you're looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of a Senior Consultant Specialist. In this role, you will: As a Vulnerability Manager, you will be responsible for assessing, and mitigating vulnerabilities within our organization's IT infrastructure. You will play a critical role in enhancing our security posture by implementing effective vulnerability management processes and collaborating with various teams to ensure the protection of our systems and data. Conduct regular vulnerability assessments and review security weaknesses across the organization. Analyze and prioritize vulnerabilities based on risk, impact, and compliance requirements. Collaborate with IT, security, and development teams to develop and implement remediation plans for identified vulnerabilities. Monitor and report on the status of vulnerabilities and remediation efforts to stakeholders. Stay informed about the latest security threats, vulnerabilities, and industry best practices. Develop and maintain vulnerability management policies, procedures, and documentation. Provide training and guidance to staff on vulnerability management best practices and security awareness. Assist in compliance audits and ensure adherence to relevant security standards and regulations. Requirements To be successful in this role, you should meet the following requirements: Bachelor's degree in Computer Science, Information Technology, or a related field (preferred). Proven experience in vulnerability management, security assessments, or a related role. Strong understanding of security frameworks and standards (e.g., NIST, ISO 27001). Proficiency in vulnerability scanning tools and techniques (e.g., Nessus, Qualys, Rapid7). Excellent analytical and problem-solving skills with attention to detail. Strong communication and collaboration skills to work effectively with cross-functional teams. Creative thinking and the ability to approach challenges with innovative solutions. A strong team-oriented attitude, valuing collaboration and open-mindedness in a supportive environment. You'll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by - HSBC Software Development India

Roles Responsibilities Conduct Vulnerability Assessments Black-box / Grey-box Penetration tests on System, Network infrastructure, Cloud, Web, APIs (REST SOAP), Mobile (Android +iOS) Thick-client applications using various open source,commercialtoolsandmanualtestingmethods. Location: Pune, India Mode of work: Work from office (Daily) Qualification Bachelor’s degree in Computer Science, Information Technology, or a related field. 8 - 10 years of relevant Experience CEH Certified CREST / OSCP Certifications will be an added advantage MSSP (ManagedSecurityServices Provider) experience supporting multiple customers infrastructure Broad background of networks,operating systems(Window,Unix,Linux),firewalls and security engineering concepts Knowledge of scripting languages(C++,C#,Perl,CGI,HTML,Java,TCL,Shell)will be added advantage Willing to travel overseas on projects InfrastructureVA/PT Job Description Map out a network, discover ports and services running on the different exposed networkandsecuritydevices Conduct penetration test and launch exploits using NMap, Nessus, Metasploit,Backtrack,KaliLinux penetration testing toolssets Research and maintain proficiency in computer network exploitation,tools,techniques, counter measures,and trends in computer network vulnerabilities, data hiding,networksecurity,andencryption Analyze scan reports and recommend remediation /mitigation actions Keep track of new vulnerabilities for all relevant technology platforms Audit configuration of OS, Network and Security devices Provide Cloud Infrastructure Assessments Providingclientspecificreports Understand IT infrastructure and traffic flows to manage VAPT exercises Communicate with the customer to understand their needs and address concerns. Application VA/PT Conduct Web, Mobile (iOS + Android) and Thickclient application assessments based on industrystandards/benchmarks like OWASP Conduct assessments using relevant automated toolsandcomplimentwithmanualreviews Social Engineering Conduct phishing and spear-phishing simulated assessments, and techniques in the social engineering domain to assess the adequacy of awareness and training programs in organizations. Required Skills Experience on Network Vulnerability Scanning and Penetration Testing Experience on Cloud Infrastructure Security Assessments ExperiencewithNessus,Net Cat,NMAP, Kali,Metasploit,HPing, Frida, Objection, Drozer andsimilartoolssetlikeRetinaCS,Qualys KnowledgeofNetworkSecuritytechnologyinareasofFirewall,IPS,VPN,Gatewaysecuritysolutions(DNS, VLAN, proxy, webfiltering) In-depth understandingon Common Vulnerability Exposure (CVE)/Cert advisory database Analyticalthinkerwillingto“thinkout of thebox”to resolve customer impactin situations on first contact;understand customer risk profile Knowledge in RPF preparation, Solution architecture, VAPT review and presentation in customer arena Strong Presentation and Documentation Skills. Self-starter andabilitytodeliverunderdefinedtimelines, team player with leadership capabilities

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you'll solve complex problems and identify potential future issues across the spectrum of platforms and services. You'll be at the forefront of new technology and modernization, working with some of our biggest clients - which means some of the biggest in the world. There's never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You'll be managing systems data for clients and providing day-to-day solutions and security compliance. You'll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You'll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times Yes! But you'll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Technical and Professional Expertise: Having 5 Years of Experience in Network and Security Remote Support. Analysis of alerts arising from Security Solution Tools Security experience with the following tools/platforms PaloAlto management platform Vulnerability Assessment (Qualys/Rapid7/Nessus) Risk and Compliance Knowledge Good understanding of cloud security Knowledge of Skybox firewall Assurance, Vulnerability control & Change Manager Knowledge of and ability to utilize tools, techniques and processes for gathering and reporting data in a particular department. Sound understanding of data correlation & data analysis. Generating reports for business managers to evaluate the efficacy of the security policies in place. Risk Assessment of network and processes in terms of exposure and threat. Transformation participation and adoption by teams for any automation/new tools introduction for Network Infrastructure Good understanding of tools and technology to determine emerging threat patterns and vulnerabilities Preferred Technical and Professional Experience: Investigate security alerts and provide incident response Generate reports for both technical and non-technical staff and stakeholders Thorough understanding of the latest technologies, security principles, and protocols. Coordination with OEM/partner for the resolution of incidents Network security best practices are executed through auditing: router, change control, switch, firewall configurations, and monitoring Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you'll solve complex problems and identify potential future issues across the spectrum of platforms and services. You'll be at the forefront of new technology and modernization, working with some of our biggest clients - which means some of the biggest in the world. There's never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You'll be managing systems data for clients and providing day-to-day solutions and security compliance. You'll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You'll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times Yes! But you'll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Technical and Professional Expertise Having 4 Years of Eperience in Network and Security Remote Support. Analysis of alerts arising from Security Solution Tools Security experience with the following tools/platforms PaloAlto management platform Vulnerability Assessment (Qualys/Rapid7/Nessus) Risk and Compliance Knowledge Good understanding of cloud security Knowledge of Skybox firewall Assurance, Vulnerability control & Change Manager Knowledge of and ability to utilize tools, techniques and processes for gathering and reporting data in a particular department. Sound understanding of data correlation & data analysis. Generating reports for business managers to evaluate the efficacy of the security policies in place. Risk Assessment of network and processes in terms of exposure and threat. Transformation participation and adoption by teams for any automation/new tools introduction for Network Infrastructure Good understanding of tools and technology to determine emerging threat patterns and vulnerabilities Preferred Technical and Professional Experience: Investigate security alerts and provide incident response Generate reports for both technical and non-technical staff and stakeholders Thorough understanding of the latest technologies, security principles, and protocols. Coordination with OEM/partner for the resolution of incidents Network security best practices are executed through auditing: router, change control, switch, firewall configurations, and monitoring Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

Job Description: Lead Cybersecurity - Vulnerability Management About the Job: This position is a Lead Cyber Security, responsible for contributing to 24/7 coverage of the latest cybersecurity threats, specifically focusing on vulnerability intelligence. This role requires a proactive approach to identifying, analyzing, and mitigating security vulnerabilities to ensure the safety and integrity of our systems, networks, and applications. Experience Level: 12+ years Location: Hyderabad or Bengaluru Roles and Responsibilities: Continuous monitoring and analysis of cybersecurity threats, requiring shifts and on-call availability to provide round-the-clock coverage. Vulnerability Assessments: Regular assessments of systems, networks, and applications to identify and evaluate security vulnerabilities. This involves using various tools and techniques to conduct thorough assessments. Risk Assessments: Detailed risk assessments based on identified vulnerabilities to determine the potential impact and exploitability. This includes preparing comprehensive reports and documentation. Mitigation Strategies: Development and implementation of effective strategies to mitigate identified vulnerabilities. This requires collaboration with cross-functional teams and staying updated with the latest security practices. Reporting and Documentation: Preparation of detailed reports and documentation on findings, recommendations, and remediation efforts. This includes maintaining accurate records and ensuring compliance with regulatory requirements. Threat Intelligence Response: Evaluation and response to weekly internal threat intelligence alerts. This involves analyzing alerts, determining the level of risk, and taking appropriate actions to address potential threats. Primary / Mandatory skills: 12+ years of Proven experience using threat intelligence to prioritize remediation efforts 8+ years of experience with vulnerability management technology, process, and programs. Working knowledge of cloud security and web application security testing Continual assessment of enterprise attack surface using tools such as Tenable, Xpanse, and Censys. Proficiency in using vulnerability assessment tools such as Nessus, Qualys, and OpenVAS Strong understanding of network protocols, operating systems, and security frameworks Additional information (if any): Flexible to provide coverage in US morning hours upon need and on call weekend coverage. Certification : Relevant certifications such as CISSP or CCSP or equivalent are highly desirable. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

The Opportunity Hitachi Energy is a global technology leader that is advancing a sustainable energy future for all. We serve customers in the utility, industry and infrastructure sectors with innovative solutions and services across the value chain. Together with customers and partners, we pioneer technologies and enable the digital transformation required to accelerate the energy transition towards a carbon-neutral future. We are advancing the world’s energy system to become more sustainable, flexible, and secure whilst balancing social, environmental, and economic values. Modular Advanced Control for HVDC (MACH™), is the brain in HVDC transmission systems. This system is designed to run 24/7 for thirty years or more, allowing the HVDC system to be controlled and protected in the most reliable way throughout its lifetime. The system consists of Control & Protection Main Computers, Station Control and Monitoring servers, Operator Workstations, Digital Signal Processing units, Input / Output systems and Valve Control Units. How You Will Make An Impact To evaluate the cyber security functionalities of products and improve the security posture. You will work to fulfill security compliance requirements for the products. You will be responsible to perform Threat modeling/ Security assessment for products. To perform operating system and network devices hardening, to allow only necessary function for products operation. You will be contributing to verification of Cybersecurity functionality on control system components. You will be participating in the Vulnerability handling of the products. You will be responsible for ensure compliance with applicable external and internal regulations, procedures, and guidelines. Living Hitachi Energy’s core values safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business. Your Background Required Bachelor’s or Post Graduate degree in Engineering Required 2-6 years of experience in Cybersecurity. Good understanding of cybersecurity principles like cybersecurity architecture, defense in depth, default deny, least privilege, compartmentalization, privilege initiation, AAA etc. Good understanding of cybersecurity controls like, IDS/IPS (host/network), hardening, security policies, Malware Protection, Filtering, NGFW etc. Required knowledge in Networking, Patch Management, Security standards like IEC 62443, ISO 27001. Hands-on experience with protocols like HTTP, HTTPS, SSL, SSH, ICMP, DHCP, L2TP, PPTP, DNS, SNMP, RDP, NTP. Hands-on experience in automation using Python, PowerShell and Batch scripts also with Security tools like NMAP, Nessus, Wireshark, etc. Knowledge of protocols like IEC 61850, Goose, Modbus are added advantages, Windows and Virtual Machine Administration. Certifications like MCP/MCITP/MCSE/CEH/CISSP/CISA are advantage. Strong Collaborations, training and mentoring skills. Good interculture sensitivity, sense of ownership and responsibility. Aptitude to learn new Technology. Excellent communication, both verbal & written in English. More About Us Excited about a new opportunity? If this sounds like you, we’d like to see your application! Our selection process is ongoing, so don’t wait—apply today! Hitachi Energy is a global technology leader in electrification, powering a sustainable energy future through innovative power grid technologies with digital at the core. Over three billion people depend on our technologies to power their daily lives. With over a century in pioneering mission-critical technologies like high-voltage, transformers, automation, and power electronics, we are addressing the most urgent energy challenge of our time – balancing soaring electricity demand, while decarbonizing the power system. Headquartered in Switzerland, we employ over 50,000 people in 60 countries and generate revenues of around $16 billion USD. We welcome you to apply today.

We are seeking a highly motivated and detail-oriented Cyber Security Intern to join our IT security team. This internship offers hands-on experience in protecting digital assets, identifying vulnerabilities, and learning real-world cyber security practices in a professional environment. Key Responsibilities: Assist in monitoring and analyzing security alerts and logs. Support vulnerability assessments and risk analysis. Help implement and enforce security policies and procedures. Conduct research on current cyber threats and trends. Assist with incident response and forensic investigations. Test and evaluate internal security tools and software. Document security processes, findings, and recommendations. Participate in training sessions and security awareness programs. Requirements: Currently pursuing a degree in Cyber Security, Computer Science, Information Technology, or a related field. Basic understanding of networking, firewalls, and security protocols. Familiarity with common operating systems (Windows, Linux). Knowledge of cybersecurity principles and practices. Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Preferred Skills (Optional): Familiarity with tools such as Wireshark, Nessus, or Splunk. Basic scripting knowledge (Python, Bash, etc.). Certifications like CompTIA Security+, CEH (in progress or completed). Benefits: Hands-on experience with real-world cyber security tools and systems. Mentorship from experienced professionals. Opportunity to work on impactful projects. Certificate of completion and recommendation (based on performance). Job Types: Full-time, Permanent, Internship Contract length: 3 months Benefits: Paid sick time Work Location: In person

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you’ll solve complex problems and identify potential future issues across the spectrum of platforms and services. You’ll be at the forefront of new technology and modernization, working with some of our biggest clients – which means some of the biggest in the world. There’s never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You’ll be managing systems data for clients and providing day-to-day solutions and security compliance. You’ll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You’ll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times? Yes! But you’ll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise Having 4 Years of Eperience in Network and Security Remote Support. Analysis of alerts arising from Security Solution Tools Security experience with the following tools/platforms PaloAlto management platform Vulnerability Assessment (Qualys/Rapid7/Nessus) Risk and Compliance Knowledge Good understanding of cloud security Knowledge of Skybox firewall Assurance, Vulnerability control & Change Manager Knowledge of and ability to utilize tools, techniques and processes for gathering and reporting data in a particular department. Sound understanding of data correlation & data analysis. Generating reports for business managers to evaluate the efficacy of the security policies in place. Risk Assessment of network and processes in terms of exposure and threat. Transformation participation and adoption by teams for any automation/new tools introduction for Network Infrastructure Good understanding of tools and technology to determine emerging threat patterns and vulnerabilities Preferred Technical and Professional Experience: Investigate security alerts and provide incident response Generate reports for both technical and non-technical staff and stakeholders Thorough understanding of the latest technologies, security principles, and protocols. Coordination with OEM/partner for the resolution of incidents Network security best practices are executed through auditing: router, change control, switch, firewall configurations, and monitoring Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you’ll solve complex problems and identify potential future issues across the spectrum of platforms and services. You’ll be at the forefront of new technology and modernization, working with some of our biggest clients – which means some of the biggest in the world. There’s never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You’ll be managing systems data for clients and providing day-to-day solutions and security compliance. You’ll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You’ll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times? Yes! But you’ll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise: Having 5 Years of Experience in Network and Security Remote Support. Analysis of alerts arising from Security Solution Tools Security experience with the following tools/platforms PaloAlto management platform Vulnerability Assessment (Qualys/Rapid7/Nessus) Risk and Compliance Knowledge Good understanding of cloud security Knowledge of Skybox firewall Assurance, Vulnerability control & Change Manager Knowledge of and ability to utilize tools, techniques and processes for gathering and reporting data in a particular department. Sound understanding of data correlation & data analysis. Generating reports for business managers to evaluate the efficacy of the security policies in place. Risk Assessment of network and processes in terms of exposure and threat. Transformation participation and adoption by teams for any automation/new tools introduction for Network Infrastructure Good understanding of tools and technology to determine emerging threat patterns and vulnerabilities Preferred Technical and Professional Experience: Investigate security alerts and provide incident response Generate reports for both technical and non-technical staff and stakeholders Thorough understanding of the latest technologies, security principles, and protocols. Coordination with OEM/partner for the resolution of incidents Network security best practices are executed through auditing: router, change control, switch, firewall configurations, and monitoring Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae

Job Title: VAPT Manager / Sr. Manager Location: Mumbai / Gurgaon Experience: Minimum 6 years Job Type: Full-time Department: Cybersecurity / Information Security About the Role: We are seeking a highly skilled and experienced Vulnerability Assessment and Penetration Testing (VAPT) Manager / Sr. Manager to join our growing cybersecurity team. The ideal candidate will lead the VAPT team in planning, executing, and reporting on security assessments for applications, networks, cloud environments, and infrastructure across the organization. This role involves both hands-on testing and strategic leadership responsibilities. Key Responsibilities: Lead end-to-end VAPT projects across applications (web, mobile, APIs), networks, cloud platforms (AWS, Azure, GCP), and infrastructure. Manage a team of VAPT professionals, mentoring junior members and reviewing technical deliverables. Define and implement VAPT strategy, methodology, tools, and best practices aligned with business goals. Identify security vulnerabilities, misconfigurations, and risks through manual and automated testing. Perform threat modeling and risk assessments to prioritize testing efforts. Develop and present technical reports to stakeholders, including risk severity and recommended mitigations. Coordinate with application owners, DevOps, IT, and other teams to ensure remediation of identified vulnerabilities. Stay updated with the latest vulnerabilities, exploits, and threat intelligence. Manage third-party VAPT vendors and ensure quality and compliance of their deliverables. Ensure compliance with relevant security standards (OWASP, NIST, ISO 27001, PCI-DSS, etc.). Required Skills and Qualifications: Bachelor’s degree in Computer Science, Information Security, or a related field. Minimum of 6 years of experience in cybersecurity, with at least 4 years focused on VAPT. Strong knowledge of tools such as Burp Suite, Nessus, Nmap, Metasploit, Qualys, Nikto, Wireshark, etc. Expertise in identifying and exploiting vulnerabilities in web applications, APIs, mobile apps, networks, and cloud infrastructure. Hands-on experience in secure code review and reverse engineering is a plus. Strong understanding of OWASP Top 10, SANS Top 25, MITRE ATT&CK framework. Industry certifications such as OSCP, OSWE, CEH, GWAPT, GPEN, or CISSP are preferred. Excellent communication, reporting, and stakeholder management skills. Preferred Qualifications: Experience managing or mentoring VAPT teams. Exposure to DevSecOps and integrating security into CI/CD pipelines. Familiarity with regulatory requirements and audits (e.g., GDPR, RBI, ISO, etc.). Cloud security experience (AWS/GCP/Azure certifications are a plus). Employment Type: Full-time | Permanent Work Mode: Hybrid / On-site (as per business requirement)

Experience : 5.00 + years Salary : INR 2000000-2200000 / year (based on experience) Expected Notice Period : 7 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Permanent position(Payroll and Compliance to be managed by: PRAEFERRE) (*Note: This is a requirement for one of Uplers' client - PRAEFERRE) What do you need for this opportunity? Must have skills required: CASB, Cloud Security, complaince, Encryption, ISO 270001, Oauth/MFA, SIEM, SOAR, GCP PRAEFERRE is Looking for: Cyber Sec JD ⁠⁠Technical Experience Security fundamentals Encryption (AES, RSA, TLS, SSL) Authentication & authorization (OAuth, SAML, MFA) Secure network architecture (firewalls, VPN, IDS/IPS) Data loss prevention (DLP) tools Symantec DLP, Forcepoint, Microsoft Purview, etc. Cloud security AWS, Azure, GCP data protection services (KMS, IAM policies, encryption at rest/in transit). Vulnerability management Nessus, Qualys, OpenVAS. Endpoint and database security Access controls, database encryption, masking/obfuscation. ⸻ ⁠ ⁠Compliance & Regulatory Knowledge GDPR (UK/EU data privacy laws). UK Data Protection Act 2018. ISO 27001 information security management systems. PCI DSS (if handling payment data). HIPAA (if handling health data). ⸻ ⁠ ⁠Risk & Incident Management Performing risk assessments for data storage and processing. Creating data classification and handling procedures. Incident response – identifying, containing, and remediating data breaches. Writing security policies and SOPs. ⸻ ⁠ ⁠Tools & Platform Experience SIEM systems (Splunk, QRadar, Microsoft Sentinel). CASB (Cloud Access Security Broker) tools. Security automation tools (SOAR platforms). ⸻ ⁠ ⁠Soft Skills Strong analytical thinking to spot risks. Communication skills to explain risks to non-technical stakeholders. Documentation skills for compliance audits. ⸻ ⁠ ⁠Typical Job Role Examples Entry-level: IT Security Analyst, Junior Data Protection Officer, SOC Analyst. Mid-level: Information Security Engineer, Data Security Analyst, Security Compliance Specialist. Senior-level: CISO, Data Protection Officer, Security Architect. How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Role Summary: We are looking for an experienced and technically skilled Application Security Engineer to strengthen our cybersecurity posture. The ideal candidate should possess a solid understanding of application-level vulnerabilities, secure code practices, and vulnerability management tools. You will be responsible for conducting in-depth assessments, secure code reviews, and supporting development teams to remediate findings in alignment with security standards. Key Responsibilities: Safeguard the Confidentiality, Integrity, and Availability of the organization's application ecosystem. Perform Vulnerability Assessment and Penetration Testing (VAPT) for Web, Mobile, and API components using both open-source and commercial tools. Conduct secure code reviews to identify critical flaws and provide remediation guidance to development teams. Lead manual penetration testing and demonstrate proof-of-concept exploits. Guide developers and QA teams in interpreting security findings and applying fixes aligned with secure SDLC practices. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Maintain compliance with PCI DSS and other regulatory/security standards. Drive continuous improvements in security test plans, test cases, and internal security frameworks. Technical Skills Required: 3+ years of hands-on experience in Application Security. Proficient in VAPT (Static & Dynamic Analysis) for Web, API, and Mobile applications. Strong experience with secure code review tools like Fortify, Coverity, Checkmarx. Familiarity with DevSecOps and CI/CD pipeline security integration. Hands-on with tools like Burp Suite, Nessus, Postman, SoapUI, Metasploit. Understanding of WAFs, API gateways, and secure protocol practices. Development/scripting knowledge in Java, JavaScript, AngularJS, or Python. Experience using JIRA for issue tracking and defect logging. Certifications Preferred: OSCP, OSWE, CEH, GWEB or similar security certifications. Soft Skills: Strong communication and documentation skills. Ability to work independently and collaboratively. Must be proactive, with an ownership mindset and attention to detail. Location: Andheri (W), Mumbai, Maharashtra Kindly note: Candidates currently based in Mumbai should apply. Prior experience in the Fintech or BFSI industry will be strongly preferred.