1589 Network Security Jobs - Page 23

Handling students virtually and training and developing skills to be job ready for cybersecurity space. -Provide cyber training at an intermediate level for software Engineering/Software development personnel. -Preparing Study materials for training students via a variety of training methods for improving training deliveries. -Handling student queries effectively and efficiently. -Maintain training related to MIS (attendance, feedback forms evaluation scores and certificate issued). -Conduct training sessions on cybersecurity fundamentals, ethical hacking, network security, malware analysis, and related topics. -Stay updated with the latest cybersecurity trends, threats, and best practices. -Conduct workshops and awareness sessions on cybersecurity Requirements -Bachelor\u2019s/Master\u2019s degree in Cyber Security, Information Technology, Computer Science, or a related field. -Strong understanding of cybersecurity principles, network security, ethical hacking, firewalls, and intrusion detection systems. -Hands-on experience with security tools, penetration testing, and vulnerability assessments. -Good communication, presentation, and training skills. -Prior experience in training, mentoring, or teaching is an added advantage.

IT Operations Engineer - Security Chennai, Tamil Nadu, India Apply now Share Company Overview At Zuora, we do Modern Business . We re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences. The Team & Role The IT Security Operations team at Zuora is responsible for safeguarding digital assets, defending against cyber threats, and maintaining the confidentiality, integrity, and availability of information systems. The team implements a comprehensive framework of policies, technologies, and procedures to identify, assess, and mitigate security risks across Z s infrastructure, networks, applications, and endpoints. Role: Monitor, Detect and Respond to alerts generated by security controls as part of IT Security operations team Security Incident Response, Containment and Remediation handling. Analyze, document and report on potential security incidents and perform Threat Hunting for business critical environments Collaborating with cross-functional teams to address and resolve vulnerabilities detected within the environment. This is a hybrid position, so you ll work both remotely and in the office. Whenever it is required the engineer should be working from the office Our Tech Stack: Rapid7, Zscaler, CrowdStrike, AWS , WIZ, GCP, HP Aruba, Palo Alto, What you ll do Evaluate, implement, and configure security tools and platforms (e.g., SIEM, EDR, NDR, SOAR) to enhance detection, monitoring, and response capabilities. Familiarity with cloud security (AWS, Azure, GCP), endpoint protection, and network security best practices. Design and implement robust detection and response strategies to identify and mitigate cyber threats. Conduct threat hunting activities and provide recommendations for improving detection capabilities. Deploy and integrate security tools and frameworks into the existing environment. Conduct security assessments, gap analyses, and vulnerability assessments to identify security risks and recommend solutions. Design and implement automation solutions for security operations, incident response, and monitoring processes (e.g., using SOAR tools or custom scripts). Create playbooks, automated workflows, and integration strategies to reduce response time and increase operational efficiency. Provide expert guidance and hands-on support for security incident response efforts, from detection to containment and recovery. Your experience 2-6 years of security experience, specifically on SIEM/ SOC operations. Strong understanding of Network Security, System Security, Web application security, End-point Security including hands-on exploitation skills coupled with defensive skills. Familiarity with infrastructure and systems security domains and automation. Ability to explain complex security issues and their impact to diverse audiences. Be a fast learner and have experience partnering with cross-functional teams. Strong communication and interpersonal skills, with the ability to explain complex technical concepts to nontechnical stakeholders. BA/BSc in Computer Science or similar technical degree or equivalent experience Nice to haves: Industry certifications such as Certified SOC Analyst (CSA), CISM,CISSP or similar are preferred. Additional certifications in security automation (e.g., SOAR tools) or specific technologies like Rapid7, Zscaler, CrowdStrike, Palo Alto are a plus. #ZEOLife at Zuora As an industry pioneer, our work is constantly evolving and challenging us in new ways that require us to think differently, iterate often and learn constantly it s exciting. Our people, whom we refer to as ZEOs are empowered to take on a mindset of ownership and make a bigger impact here. Our teams collaborate deeply, exchange different ideas openly and together we re making what s next possible for our customers, community and the world. As part of our commitment to building an inclusive, high-performance culture where ZEOs feel inspired, connected and valued, we support ZEOs with: Competitive compensation, variable bonus and performance reward opportunities, and retirement programs Medical, dental and vision insurance Generous, flexible time off Paid holidays, wellness days and company wide end of year break 6 months fully paid parental leave Learning & Development stipend Opportunities to volunteer and give back, including charitable donation match Free resources and support for your mental wellbeing Specific benefits offerings may vary by country and can be viewed in more detail during your interview process. Location & Work Arrangements Organizations and teams at Zuora are empowered to design efficient and flexible ways of working, being intentional about scheduling, communication, and collaboration strategies that help us achieve our best results. In our dynamic, globally distributed company, this means balancing flexibility and responsibility flexibility to live our lives to the fullest, and responsibility to each other, to our customers, and to our shareholders. For most roles, we offer the flexibility to work both remotely and at Zuora offices. Our Commitment to an Inclusive Workplace Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all. Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)zuora.com. Apply now Let s do this. You re unique and we re on a journey so let s embark on a unique journey together. We encourage you to apply to all roles that utilize your skills and ignite the passion within you. No matter where you re located, or which team you work on, you ll be part of a group of people working together to build a better world: The World Subscribed. Go ahead and apply! Internal Job Opportunities Are you a current ZEO looking to take on new challenges? If so, check out our internal job openings on our internal job board .

0px> Who are we In one sentence As Information Security Team Lead specializing in DevSecOps, youll partner with Amdocs development teams to seamlessly integrate security tools into our CI/CD pipeline. Youll oversee the security tools environment while driving automation initiatives through scripting, test development, and monitoring dashboards. The role requires staying ahead of emerging security code scan threats and collaborating with teams to implement robust protection measures. Youll guide RD teams in adopting secure development practices and provide expert security consultation to diverse teams across product development, engineering, and services departments. What will your job look like Manage a team of DevSecOps security analysts and implementation engineers Implement DevSecOps tools in all product dev environments Follow up with staff members to ensure completion of security-related tasks Manage and maintain Security health check of the integrated automation. Provide professional support for the developed automations, responding to incidents to avoid system outages or restore availability to meet SLAs. Analyze the implementation needs and provide effort estimation to the users Stay abreast of industry best practices (Research new technologies) and contribute ideas for improvements in DevOps practices, delivering innovation through automation. Tracks and reports on the test execution in a timely manner with attention given to achieving a high level of quality. Liaise with development and infra teams to get the defect resolutions Onboard new hires, train and share knowledge, take an active role in technical mentoring and elevating team knowledge. Working with external vendors for support, manage the relevant vendor employees and make sure the support is performed as planned Maintaining hardware and software deployment and POC planning All you need is... Must-Have 3+ years of experience in leading a team (team of security analysts is preferrable) 5+ years of relevant experience in information Security DevSecOps Total experience - 6-8 years Extensive expertise in Application security and security architecture area. Hands on experience in SAST Tools (e.g. Checkmarx), Container Scanning tools (Twistlock, Wiz) Expertise in Security code reviews and onboarding process for managing false positives 5+ years experience in FOSS security issues and security hardening (CIS benchmarks) 3+ years experience in setting up continuous integration and continuous delivery systems 2-3 years experience with continuous-integration tools such as Hudson/Jenkins, LiquiBase, Github actions Understanding of build process, best practices and tools such as Maven, Jenkins pipeline, groovy Knowledge of OWASP top 10 list of vulnerabilities, NIST SP-800-xx, NVD, CVSS scoring etc concepts Great Communication skills - (Ability to communicate with a Developer, a Manager or Director level). Project Management Skills 2-3 years basic understanding of Cloud Platforms BS in Computer Science, or equivalent Working in Agile/Scrum team Nice to have: Familiarity with REST Services, Service Oriented Systems and Micro-services architecture Scripting skills in at least one of the following: Python, Django web framework, Perl, Ruby, shell (bash, ksh, csh) Knowledge in distributed systems, software and network security preferred. Security concepts and knowledge of security attacks on Web applications, REST services, distributed systems Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks. 2+years of experience on docker /k8S Why you will love this job: You will have the opportunity to work with the industry most advanced technologies and experts in a global company You will have opportunities to evolve yourself in the future of all cutting-edge technologies and business trends. You will be working with a great team

Project Role : Infra Tech Support Practitioner Project Role Description : Provide ongoing technical support and maintenance of production and development systems and software products (both remote and onsite) and for configured services running on various platforms (operating within a defined operating model and processes). Provide hardware/software support and implement technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Work includes L1 and L2/ basic and intermediate level troubleshooting. Must have skills : Storage Area Networks (SAN) Architecture and Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Infra Tech Support Practitioner, you will provide ongoing technical support and maintenance for production and development systems and software products. You will be responsible for configuring services on various platforms and implementing technology at the operating system-level. Your role will involve L1 and L2 troubleshooting and providing hardware/software support. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Ensure smooth functioning of production and development systems.- Perform regular maintenance and updates on software products.- Troubleshoot and resolve hardware and software issues.- Configure services on different platforms.- Implement technology at the operating system-level.- Collaborate with software vendors and brands.- Conduct L1 and L2 troubleshooting.- Provide basic and intermediate level support.- Manage and maintain server and network areas.- Ensure data integrity and security.- Monitor system performance and identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Storage Area Networks (SAN) Architecture and Design.- Good To Have Skills: Experience with virtualization technologies.- Strong understanding of server and network architecture.- Experience with hardware and software troubleshooting.- Knowledge of operating systems and software solutions.- Familiarity with different software vendors and brands.- Ability to perform L1 and L2 troubleshooting.- Excellent problem-solving and analytical skills. Additional Information:- The candidate should have a minimum of 5 years of experience in Storage Area Networks (SAN) Architecture and Design.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

What youll be doing: Be the architecture lead, providing mentorship and guidance to technical resources. Creating architectural standards to delivery M365 solutions to our end clients Create deep subject matter expertise within the Practice and nurture talent across the grades. Working as part of the Practice team to drive our strategic partnership with Microsoft to support and enable innovation, investment and growth. Cultivate and enable a professional services culture and discipline, where the teams influence, sell and deliver specialist solutions and take responsibility for self-learning, career management and opportunities. Work directly with clients to present and deliver Microsoft 365 Solutions Lead Copilot readiness assessments and M365 landscape analysis Architect end-to-end Copilot integration across workload Customize Copilot Studio solutions (custom GPTs, bots) Create governance models for Copilot lifecycle management What you ll bring: Demonstrable experience in M365 implementation with a technical background and experience in architecture Demonstrable experience leading delivery teams, developing and mentoring people. Demonstrable knowledge of Microsoft solutions and application to client strategy. Strong communication and leadership, with experience in developing metrics around utilization, Great Place to Work, contribution, productivity and GPS scores. Core Technical Knowledge Required: M365 Core Services (Exchange, SharePoint, Teams, OneDrive) Microsoft 365 Copilot (end-user, admin semantic index) Copilot Studio (custom Copilot GPT integration) Power Platform integration (Power Automate, Power Apps, Power BI) Microsoft Graph API Microsoft Entra ID, Conditional Access M365 Security Compliance (DLP, sensitivity labels) Microsoft Viva + Copilot integration Semantic Index configuration Microsoft Search Governance Change Management Azure IaaS (virtual machines, storage, networking, security). Azure Governance (Blueprints, policies, tagging, cost management) Active Directory\Entra ID (Azure AD, Azure AD DS, on premises AD DS). Total Experience Expected: 10-14 years Certifications: Microsoft 365 Administrator Expert (Core foundation) Identity and Access Administrator (For Entra ID/CA) Designing and Implementing an Azure AI

Project Role : Infra Tech Support Practitioner Project Role Description : Provide ongoing technical support and maintenance of production and development systems and software products (both remote and onsite) and for configured services running on various platforms (operating within a defined operating model and processes). Provide hardware/software support and implement technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Work includes L1 and L2/ basic and intermediate level troubleshooting. Must have skills : Enterprise Network Operations Good to have skills : Cloud Network OperationsMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Infra Tech Support Practitioner, you will provide ongoing technical support and maintenance of production and development systems and software products both remote and onsite. You will work within a defined operating model and processes, implementing technology at the operating system-level across all server and network areas, and for particular software solutions/vendors/brands. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Implement new technologies for enhanced network operations- Conduct regular network performance monitoring and optimization- Troubleshoot and resolve network issues efficiently Professional & Technical Skills: - Must To Have Skills: Proficiency in Enterprise Network Operations- Good To Have Skills: Experience with Cloud Network Operations- Strong understanding of network infrastructure and protocols- Knowledge of network security principles and best practices- Experience with network monitoring tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Enterprise Network Operations- This position is based at our Pune office- A 15 years full time education is required Qualification 15 years full time education

Network Security Architect - J49120 Key Responsibilities: Design and develop secure network architectures for on-premises, cloud, and hybrid environments. Evaluate and recommend security solutions, tools, and technologies. Conduct risk assessments and vulnerability analyses of network infrastructure. Define and enforce security policies, standards, and procedures. Collaborate with IT and DevOps teams to integrate security into system and application design. Monitor network traffic for unusual activity and respond to security incidents. Lead penetration testing and red/blue team exercises. Ensure compliance with regulatory requirements (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide technical guidance and mentorship to security engineers and analysts. Stay current with emerging threats, vulnerabilities, and security trends. Required Qualifications: Bachelors or Masters degree in Computer Science, Information Security, or related field. 8+ years of experience in network security or cybersecurity roles. Strong knowledge of firewalls, VPNs, IDS/IPS, SIEM, and endpoint protection. Experience with cloud platforms (AWS, Azure, GCP) and their security models. Familiarity with Zero Trust Architecture and Secure Access Service Edge (SASE). Proficiency in scripting and automation (Python, PowerShell, etc.). Relevant certifications (e.g., CISSP, CCSP, CISM, CEH).

At least 4 to 5 years of experience handling Network Security , Incident Response , knowledge and Hands on experience on WAF or any Reverse proxy Layer 7 security appliance Other skill sets include OWASP top 10 Knowledge of networking protocols such as HTTP, SSL, FTP, DNS etc and good idea about OSI layer and packet flow Knowledge of Syslog and SNMP monitoring tools Basic Linux knowledge Basic knowledge in cloud technologies ITIL knowledge and service management skills would be a plus Basic understanding and Knowledge on Automation tools and software Your benefits We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl up to 25 days per year working from abroa We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technology Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry We oversee the full digitalization spectrum \u2013 from one of the industry\u2019s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age D&I statement Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment We are interested in your strengths and experience We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life Join us Let\u00B4s care for tomorrow You IT

Business Unit: Global Technology Reporting To: Manager, Cybersecurity Shift: About Russell Investments, Mumbai: Russell Investments is a leading outsourced financial partner and global investment solutions firm providing a wide range of investment capabilities to institutional investors, financial intermediaries, and individual investors around the world. Building on an 89-year legacy of continuous innovation to deliver exceptional value to clients, Russell Investments works every day to improve the financial security of its clients. The firm is Top 12 Ranked Consultant (2009-2024) in P&I survey 2024 with $906 billion in assets under advisement (as of December 31, 2024) and $331.9 billion in assets under management (as of March 31, 2025) for clients in 30 countries. Headquartered in Seattle, Washington in the United States, Russell Investments has offices around the world, including London, New York, Toronto, Sydney, Tokyo, Shanghai - and has opened a new office in Mumbai, India in June 2023. Joining the Mumbai office is an incredible opportunity to work closely with global stakeholders to support the technology and infrastructure that drives the investment and trading processes of a globally recognized asset management firm. Be part of the team based out of Goregaon (East) and contribute to the foundation and culture of the firm s growing operations in India. The Mumbai office operates with varying shifts to accommodate time zones around the world. For more information, please visit https: / / www.russellinvestments.com . Job Description: We are seeking an experienced Cybersecurity Senior Engineer to join our Mumbai based Cybersecurity Proxy team. The Proxy team is responsible for supporting the Russell Investments web proxy infrastructure. This role requires experience with web proxy appliances and cloud services, as well as general cybersecurity experience. You ll work alongside the Seattle based Cybersecurity team, IT support teams, and other groups within Russell Investments to ensure our web proxy platforms are configured and performing optimally. These mission critical platforms are used for internet access by nearly every system in the environment. Your expertise in proxy technology will be crucial in safeguarding our organizations critical assets and ensuring the integrity of our systems and data. Years of Experience Minimum 5 years experience in Cybersecurity or related field Qualifications Experience with web proxy infrastructure, including deploying, configuring, upgrading, and maintaining proxy appliances and cloud proxy services. Special Requirements Occasional after hours and weekend work as needed. Responsibilities Configure and maintain web proxy platforms. Understand Russell Investments network architecture. Create and maintain documentation. Participate in various projects, including platform refresh and upgrades. Review proxy policies to ensure new and emerging threats are accounted for. Generate web usage reports. Propose solutions to enhance our security posture. Be familiar with our security Policies and Standards. Develop and maintain response plans, playbooks, and procedures. Candidate Requirements Bachelors degree in Computer Science, Cybersecurity, or a related field. Relevant certifications (e.g., CISSP, CEH, GCIH, etc.) are highly desirable. Proven experience of at least 5 years in a similar role within Cybersecurity In-depth knowledge of cybersecurity principles, methodologies, and best practices, including network security, host security and application security. Familiarity with industry standards and frameworks, such as NIST Cybersecurity Framework and ISO 27001. Understanding of networking technology such as load balancers, firewalls, switches, and routers. Excellent analytical and problem-solving skills, with the ability to assess complex issues and propose effective solutions. Strong communication skills, both written and verbal, with the ability to articulate technical concepts to non-technical stakeholders. Core Values Strong interpersonal, oral, and written communication and collaboration skills Strong organizational skills including the ability to adapt to shifting priorities and meet frequent deadlines, Demonstrated proactive approach to problem-solving with strong judgment and decision making capability. Highly resourceful and collaborative team-player, with the ability to also be independently effective and exude initiative and a sense of urgency. Exemplifies our customer-focused, action-oriented, results-driven culture. Forward looking thinker, who actively seeks opportunities, has a desire for continuous learning, and proposes solutions. Ability to act with discretion and maintain complete confidentiality. Dedicated to the firm s values of non-negotiable integrity, valuing our people, exceeding client expectations, and embracing intellectual curiosity and rigor.

Leads IT security projects in terms of design, plan, and implementation of security infrastructure & solutions including d evelopment and management of overall enterprise security approach in terms of Infrastructure, Network, Data, Cloud and Endpoint Security. Analyse business requirements by partnering with key stakeholders across the organization to develop security solutions. Develop and review security-related documents such as SOPs, Process documents, Operational Reports & Metrics Dashboards, etc. Hands on experience with implementation of various security solutions, such as Cloud Security Solutions, Data Security Solutions, Network Security Solutions & Endpoint Security Solutions. Validate use cases and events configured on SIEM in coordination with SOC Manager. Develop & implement strategies for Infra and Application hardening. Prepare plan and strategies to ensure security of the organization including both high and low risk events. Identify & implement security best practices through fine tuning of appliances, solutions and applying audit recommendations. Well-versed and experienced in threat landscape, risk profiling and continuous improvement in security processes. Work with IT service providers and partners to ensure industry standard platform, network, and endpoint security posture is maintained. Lead vulnerability management and penetration testing activities for Infrastructure, improvise them and ensure closure as per the established practices alongwith analysing, reporting, and tracking of all the identified vulnerabilities. Work in collaboration with internal teams and other business units to identify and highlight security issues and ensure timely closure. Should be able to work under pressure and ensure that timelines are met, and projects and other initiatives are delivered in agreed timelines. Leads on the identification of data security and information protection risks across the organisation and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate. Help to achieve the highest standards of information security across the organisation. Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction. Develops strategies to respond to and recover from a security breach. Coordinate s security activities with relevant vendors. Working alongside the cross-functional teams & stakeholders in conjunction with Cloud Development, Architecture and DevOps teams to provide visibility of cloud security posture including security of Containers & Serverless environments. Day to day management, troubleshooting and housekeeping of security toolsets. Delivering and maintaining security metrics and improvements. Should have experience in presenting the overall Information security status to CISO with all security metrices for defined KPIs. Planning and implementation of automated remediation activities. Ensuring work is completed in such a way to comply with established compliance and other internal standards.

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. You drive the strategic direction and execution of penetration testing initiatives. Leveraging your deep understanding of security assessments and the vulnerability management landscape, you will define and prioritize penetration testing activities as a Product Owner. Your expertise will ensure the ongoing safety of our networks, users, proprietary information, patient data, and computer systems and web applications against evolving threats. Responsibilities: Define and prioritize penetration testing activities and requirements, acting as the Product Owner within an agile framework. Leverage your penetration testing expertise to inform the evaluation and prioritization of security issues identified through testing and bug bounty programs. Utilize enterprise vulnerability management tools in conjunction with penetration testing insights to pinpoint high-risk systems. Communicate identified risks effectively and collaborate with system owners and other teams to develop and track vulnerability mitigation plans. Enhance security vulnerability and incident response capabilities, informed by penetration testing outcomes. Contribute to security monitoring efforts within a global environment. Minimum Qualifications: Associate s degree in a relevant field or 5+ years of experience in information security with a strong foundation in penetration testing principles and methodologies. Proven understanding of web application, network, and computer security assessment concepts. Experience working within agile methodologies, with a demonstrated aptitude for product ownership or similar strategic roles. Preferred Qualifications: Web application, network, and computer security assessments Attack surface management experience Cloud security assessment experience Programming experience (e.g. Python, Node.js, JavaScript) Demonstrated ability to analyze, triage, and escalate security vulnerabilities Familiarity with various defensive and offensive security tool sets Relevant Offensive security certifications such as OSCP and eCPPT. Familiarity with mobile security is a plus Experience working in a large, global, and complex environment Ability to communicate information security related risks, concepts, and situations to a technical and non-technical audience A passion for the field of computer and network security, with awareness of current penetration testing trends. Fluent English, other languages are a plus Who we are . Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position About Roche Join Roche, a global pioneer in pharmaceuticals and diagnostics focused on advancing science to improve people s lives. At Roche Information Solutions India Private Limited, located in Pune, we foster a collaborative and innovative environment where your expertise contributes directly to meaningful healthcare solutions. We are committed to developing cutting-edge technology that transforms patient care, and we are looking for passionate individuals to join our mission. Role Overview We are seeking a skilled and motivated Cloud DevOps Engineer with strong expertise in Google Cloud Platform (GCP) and Infrastructure as Code (IaC) using Terraform. You will be a key member of our team, responsible for designing, building, automating, managing, and monitoring robust, scalable, and secure cloud infrastructure on GCP. Your work will directly enable our development teams to deliver innovative healthcare solutions efficiently and reliably. This role requires deep hands-on experience with GCP networking, databases, caching, container orchestration, CI/CD pipelines, and a passion for automation using Terraform. Key Responsibilities Infrastructure as Code (IaC): Design, build, manage, and maintain GCP infrastructure using Terraform following best practices for security, reliability, and maintainability. GCP Networking: Implement and manage VPC networks, subnets, firewall rules, load balancing, and connectivity solutions (e.g., VPN, Interconnect, Private Service Connect) within GCP. Compute & Containerization: Deploy, manage, and scale applications using Cloud Run and Google Kubernetes Engine (GKE) leveraging Docker containers. Database Management: Provision, configure, manage, and monitor GCP database services like Cloud SQL and potentially other relevant database solutions. Caching: Implement and manage GCP caching solutions (e.g., Cloud Memorystore) to optimize application performance. CI/CD Pipelines: Design, implement, and maintain robust CI/CD pipelines (e.g., using GitLab CI, GitHub Actions, Cloud Build) for automated testing and deployment of infrastructure and applications. Monitoring & Logging: Implement and manage comprehensive monitoring, logging, and alerting solutions using GCP native tools (Cloud Monitoring, Cloud Logging) and potentially other tools (e.g., Prometheus, Grafana). Automation: Automate infrastructure provisioning, configuration management, and operational tasks using scripting languages (e.g., Python, Bash). Security: Implement and enforce cloud security best practices, including IAM policies, network security controls, and secrets management. Collaboration: Work closely with development, security, and operations teams in an Agile environment to support application deployment and troubleshoot issues. Optimization: Continuously evaluate and optimize cloud infrastructure for performance, cost-efficiency, and reliability. Documentation: Maintain clear and comprehensive documentation for infrastructure configurations, processes, and runbooks. Required Qualifications (Must-Haves) Bachelors degree in Computer Science, Engineering, or a related field, or equivalent practical experience. A minimum of 3-5 years of hands-on experience in a Cloud DevOps or Infrastructure Engineering role. Mandatory, strong, proven experience with Google Cloud Platform (GCP) services and infrastructure management. Mandatory, deep expertise in Infrastructure as Code (IaC) using Terraform. Mandatory, solid understanding and practical experience with GCP networking concepts and services (VPC, subnets, firewalls, load balancing). Mandatory experience managing cloud databases on GCP (e.g., Cloud SQL). Mandatory experience implementing and managing caching solutions on GCP (e.g., Cloud Memorystore). Mandatory experience with containerization (Docker) and container orchestration (Kubernetes/GKE, Cloud Run). Demonstrable experience building and managing CI/CD pipelines. Proficiency in scripting languages such as Python or Bash. Experience with cloud monitoring and logging tools (e.g., Cloud Monitoring, Cloud Logging). Strong Linux system administration skills. Excellent problem-solving, communication, and teamwork skills. Experience working within an Agile/Scrum development methodology. Preferred Qualifications (Nice-to-Haves) GCP Certifications (e.g., Professional Cloud DevOps Engineer, Professional Cloud Architect, Professional Cloud Network Engineer). Experience with configuration management tools like Ansible. Experience with advanced monitoring tools like Prometheus, Grafana, or Datadog. Familiarity with other GCP services (e.g., Pub/Sub, BigQuery, Spanner). Experience working in regulated industries, particularly healthcare. Specific experience with GitLab CI, GitHub Actions, or Jenkins. What We Offer The opportunity to work on challenging and impactful projects that contribute to improving healthcare globally. A collaborative, innovative, and supportive work culture within a leading global company. Opportunities for continuous learning, professional growth, and career development, particularly within the GCP ecosystem. A competitive compensation and benefits package. Who we are . Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. You drive the strategic direction and execution of penetration testing initiatives. Leveraging your deep understanding of security assessments and the vulnerability management landscape, you will define and prioritize penetration testing activities as a Product Owner. Your expertise will ensure the ongoing safety of our networks, users, proprietary information, patient data, and computer systems and web applications against evolving threats. Responsibilities: Define and prioritize penetration testing activities and requirements, acting as the Product Owner within an agile framework. Leverage your penetration testing expertise to inform the evaluation and prioritization of security issues identified through testing and bug bounty programs. Utilize enterprise vulnerability management tools in conjunction with penetration testing insights to pinpoint high-risk systems. Communicate identified risks effectively and collaborate with system owners and other teams to develop and track vulnerability mitigation plans. Enhance security vulnerability and incident response capabilities, informed by penetration testing outcomes. Contribute to security monitoring efforts within a global environment. Minimum Qualifications: Associate s degree in a relevant field or 5+ years of experience in information security with a strong foundation in penetration testing principles and methodologies. Proven understanding of web application, network, and computer security assessment concepts. Experience working within agile methodologies, with a demonstrated aptitude for product ownership or similar strategic roles. Preferred Qualifications: Web application, network, and computer security assessments Attack surface management experience Cloud security assessment experience Programming experience (e.g. Python, Node.js, JavaScript) Demonstrated ability to analyze, triage, and escalate security vulnerabilities Familiarity with various defensive and offensive security tool sets Relevant Offensive security certifications such as OSCP and eCPPT. Familiarity with mobile security is a plus Experience working in a large, global, and complex environment Ability to communicate information security related risks, concepts, and situations to a technical and non-technical audience A passion for the field of computer and network security, with awareness of current penetration testing trends. Fluent English, other languages are a plus Who we are A healthier future drives us to innovate. Together, more than 100 000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position About Roche Join Roche, a global pioneer in pharmaceuticals and diagnostics focused on advancing science to improve people s lives. At Roche Information Solutions India Private Limited, located in Pune, we foster a collaborative and innovative environment where your expertise contributes directly to meaningful healthcare solutions. We are committed to developing cutting-edge technology that transforms patient care, and we are looking for passionate individuals to join our mission. Role Overview We are seeking a skilled and motivated Cloud DevOps Engineer with strong expertise in Google Cloud Platform (GCP) and Infrastructure as Code (IaC) using Terraform. You will be a key member of our team, responsible for designing, building, automating, managing, and monitoring robust, scalable, and secure cloud infrastructure on GCP. Your work will directly enable our development teams to deliver innovative healthcare solutions efficiently and reliably. This role requires deep hands-on experience with GCP networking, databases, caching, container orchestration, CI/CD pipelines, and a passion for automation using Terraform. Key Responsibilities Infrastructure as Code (IaC): Design, build, manage, and maintain GCP infrastructure using Terraform following best practices for security, reliability, and maintainability. GCP Networking: Implement and manage VPC networks, subnets, firewall rules, load balancing, and connectivity solutions (e.g., VPN, Interconnect, Private Service Connect) within GCP. Compute & Containerization: Deploy, manage, and scale applications using Cloud Run and Google Kubernetes Engine (GKE) leveraging Docker containers. Database Management: Provision, configure, manage, and monitor GCP database services like Cloud SQL and potentially other relevant database solutions. Caching: Implement and manage GCP caching solutions (e.g., Cloud Memorystore) to optimize application performance. CI/CD Pipelines: Design, implement, and maintain robust CI/CD pipelines (e.g., using GitLab CI, GitHub Actions, Cloud Build) for automated testing and deployment of infrastructure and applications. Monitoring & Logging: Implement and manage comprehensive monitoring, logging, and alerting solutions using GCP native tools (Cloud Monitoring, Cloud Logging) and potentially other tools (e.g., Prometheus, Grafana). Automation: Automate infrastructure provisioning, configuration management, and operational tasks using scripting languages (e.g., Python, Bash). Security: Implement and enforce cloud security best practices, including IAM policies, network security controls, and secrets management. Collaboration: Work closely with development, security, and operations teams in an Agile environment to support application deployment and troubleshoot issues. Optimization: Continuously evaluate and optimize cloud infrastructure for performance, cost-efficiency, and reliability. Documentation: Maintain clear and comprehensive documentation for infrastructure configurations, processes, and runbooks. Required Qualifications (Must-Haves) Bachelors degree in Computer Science, Engineering, or a related field, or equivalent practical experience. A minimum of 3-5 years of hands-on experience in a Cloud DevOps or Infrastructure Engineering role. Mandatory, strong, proven experience with Google Cloud Platform (GCP) services and infrastructure management. Mandatory, deep expertise in Infrastructure as Code (IaC) using Terraform. Mandatory, solid understanding and practical experience with GCP networking concepts and services (VPC, subnets, firewalls, load balancing). Mandatory experience managing cloud databases on GCP (e.g., Cloud SQL). Mandatory experience implementing and managing caching solutions on GCP (e.g., Cloud Memorystore). Mandatory experience with containerization (Docker) and container orchestration (Kubernetes/GKE, Cloud Run). Demonstrable experience building and managing CI/CD pipelines. Proficiency in scripting languages such as Python or Bash. Experience with cloud monitoring and logging tools (e.g., Cloud Monitoring, Cloud Logging). Strong Linux system administration skills. Excellent problem-solving, communication, and teamwork skills. Experience working within an Agile/Scrum development methodology. Preferred Qualifications (Nice-to-Haves) GCP Certifications (e.g., Professional Cloud DevOps Engineer, Professional Cloud Architect, Professional Cloud Network Engineer). Experience with configuration management tools like Ansible. Experience with advanced monitoring tools like Prometheus, Grafana, or Datadog. Familiarity with other GCP services (e.g., Pub/Sub, BigQuery, Spanner). Experience working in regulated industries, particularly healthcare. Specific experience with GitLab CI, GitHub Actions, or Jenkins. What We Offer The opportunity to work on challenging and impactful projects that contribute to improving healthcare globally. A collaborative, innovative, and supportive work culture within a leading global company. Opportunities for continuous learning, professional growth, and career development, particularly within the GCP ecosystem. A competitive compensation and benefits package. Who we are A healthier future drives us to innovate. Together, more than 100 000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

Job Description: 1. The candidate should have a good understanding of Firewall technologies Palo Alto, Cisco, Checkpoint, Fortinet. 2. Should have very good understanding of firewall subnets, Network zones, DMZ and Firewall rules 3. Experience working on performing dependency mapping for servers and applications so that only minimum required services/ports are only allowed on the firewalls. 4. Experience performing firewall rule base audits to identify the risk rules, unused objects and rules, too widely defined rules. 5. Experience working on identifying the risky rules and working with the server, application owners in validating the same before removing those rules from the firewall. 6. Able to review and identify risk associated with the rules allowing public access to internal resources. 7. Should be able to analyze the firewall traffic logs and recommend as to what all needs to be allowed so that the applications and services keep working with minimum required source, destination, and services. 8. Should have experience documenting firewall rule base review and ensure its repeated use in the environment to reduce overall risk. 9. Should have experience working on firewall assurance tools, Skybox, Algosec, etc. 10. Should have exposure working on Panorama and help identifying threat via correlating firewall access logs with vulnerabilities. 11. Should have experience working on firewall hardening to ensure configuration relates vulnerabilities are addressed. 12. Should have a good understanding of various compliance requirements like PCIDSS etc.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- 1. Identity and Access Management (IAM)IAM ensures that only authorized individuals have access to the systems and data they need to perform their job functions. Proper governance ensures compliance with security policies, legal regulations, and business requirements.Key Aspects:Identity Lifecycle Management:Governance involves defining policies for how identities are created, modified, and deleted. This includes managing user access rights and ensuring that users have appropriate permissions for their roles.Authentication and Authorization:Governance ensures that access is properly authenticated (e.g., multi-factor authentication) and authorized based on role-based or attribute-based access control.Compliance:IAM governance helps organizations adhere to industry regulations (e.g., GDPR, HIPAA) by enforcing policies around data access and ensuring that sensitive information is adequately protected.Audit and Monitoring:Regular audits and monitoring help ensure that access is being granted according to policy, and that improper access is flagged and remediated.2. Security Operations Center (SOC)A SOC is responsible for detecting, analyzing, and responding to security incidents and events in real-time. Governance in this area is crucial to ensuring that the SOC operates efficiently, effectively, and in line with corporate and legal requirements.Key Aspects:Incident Response:A key element of governance in SOC is ensuring that incident response procedures are well-defined, tested, and followed when a security breach or anomaly is detected.Monitoring and Detection:Ensuring that SOC uses appropriate tools (e.g., SIEM, IDS/IPS) to monitor network traffic and detect suspicious activities in real-time.Compliance and Reporting:The SOC must generate reports for regulatory compliance (e.g., PCI-DSS, NIST) and provide visibility into the organization's security posture.Continuous Improvement:Governance includes reviewing the performance of SOC teams, assessing incidents, and refining processes to improve the security posture over time.3. Network Security (NetSec)Network security governance focuses on protecting an organization's network infrastructure from internal and external threats. Proper governance ensures that network security policies are in place, enforced, and continuously reviewed.Key Aspects:Firewall and Perimeter Security:Ensuring that the network perimeter is adequately secured by firewalls, intrusion prevention systems (IPS), and other technologies.Network Segmentation:Governance involves defining policies around network segmentation to limit the spread of threats and control traffic flow.Encryption and Data Protection:Ensuring that sensitive data in transit and at rest is encrypted, and that secure communication protocols are enforced.Vulnerability Management:Network security governance requires regular vulnerability assessments and patch management to address known threats and weaknesses.Security Delivery Governance FrameworkTo ensure effective security governance across IAM, SOC, and NetSec, a comprehensive framework should include:Policies and Procedures:Clear, actionable security policies, procedures, and guidelines must be established and regularly updated. These should cover all aspects of IAM, SOC, and NetSec.Risk Management:Regular risk assessments to identify vulnerabilities and mitigate them proactively. This involves continuous evaluation of potential threats and alignment with the overall risk tolerance of the organization.Compliance and Legal :Governance must ensure that all activities related to IAM, SOC, and NetSec are compliant with relevant laws and regulations, such as GDPR, HIPAA, PCI-DSS, and more.Incident Management and Response:Well-defined processes for responding to incidents that include communication protocols, escalation procedures, and documentation to ensure compliance and improvement.Auditing and Reporting:Regular audits should be conducted across IAM systems, SOC operations, and network security controls to ensure compliance with the organizations security policies and regulatory requirements.Continuous Monitoring and Improvement:An ongoing process of reviewing and refining security strategies, implementing new technologies, and training staff to adapt to emerging threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security architecture principles.- Experience in implementing security controls in cloud environments.- Knowledge of regulatory compliance requirements.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

About Rackspace Cyber Defence Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Proactively detect and respond to cyber-attacks - 24x7x365. Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What we re looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3) to support Rackspace s strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain. As a Security Operations Analyst(L3), you will be responsible for detecting, analysing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments. The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not. You will also be required to liaise closely with the customer s key stakeholders, which may include incident response and disaster recovery teams as well as information security. Key Accountabilities Should have experience of 10 years in SOC and 5 years in Azure Sentinel. Ensure the Customer s operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner. Critical incident handling & closure. Escalation management and handling escalations from L2 Analysts. Proactive discovery of threats based on MITRE ATT&CK framework. Deep investigation and analysis of critical security incidents. Post breach forensic incident analysis reporting. Review the weekly and monthly reports. Review new use cases created by L2 and implement in cloud-native SIEM (Security Information and Event Management). Assist with customer onboarding (such as use case development, identifying data sources, configuring data connectors etc) Advanced threat hunting. Develop custom dashboards and reporting templates. Develop complex to customer specific use cases. Advanced platform administration. Solution recommendation for issues. Co-ordinate with vendor for issue resolution. Basic and intermediate playbook and workflow enhancement. Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Develop the custom parsers for the incident and alert enrichment. Problem specific playbook and workflow creation and enhancements Required to work flexible timings. Skills & Experience Existing experience as a Security Operations Analyst, or equivalent. Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: - o Microsoft Sentinel o Microsoft 365 Defender o Microsoft Defender for Cloud o Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint. o Firewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco. o Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF. o Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office o Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec o Nice to have skills/experience includes: Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Experience with scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Experience with DevOps practices and tools such as Backlogs, Repo s, Pipelines, Artifacts, CI/CD, JIRA, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - o Certified Information Security Systems Professional (CISSP) o Microsoft Certified: Azure Security Engineer Associate (AZ500) o Microsoft Certified: Security Operations Analyst Associate (SC-200) o CREST Practitioner Intrusion Analyst (CPIA) o CREST Registered Intrusion Analyst (CRIA) o CREST Certified Network Intrusion Analyst (CCNIA) o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP) o GIAC Certified Incident Handler (GCIH) o GIAC Security Operations Certified (GSOC) A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer.

Project Role : Operations Engineer Project Role Description : Support the operations and/or manage delivery for production systems and services based on operational requirements and service agreement. Must have skills : Network Infrastructures Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Operations Engineer, you will support the operations and/or manage delivery for production systems and services based on operational requirements and service agreement. Your typical day will involve ensuring the smooth functioning of production systems and services, addressing operational issues, and adhering to service agreements. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Monitor and maintain the performance of production systems.- Troubleshoot and resolve operational issues efficiently.- Implement changes to production systems as per operational requirements.- Collaborate with team members to optimize system performance.- Document operational procedures and best practices for future reference. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Infrastructures.- Strong understanding of network protocols and configurations.- Experience with network monitoring tools such as Wireshark or Nagios.- Knowledge of network security principles and best practices.- Hands-on experience in configuring routers, switches, and firewalls. Additional Information:- The candidate should have a minimum of 3 years of experience in Network Infrastructures.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Designer Project Role Description : Assist in defining requirements and designing applications to meet business process and application requirements. Must have skills : Network Infrastructures Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Designer, you will assist in defining requirements and designing applications to meet business process and application requirements. Your typical day involves collaborating with teams to ensure efficient application design and functionality. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the application design process- Conduct regular team meetings to discuss progress and challenges- Stay updated on industry trends and best practices Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Infrastructures- Strong understanding of network security protocols- Experience with network monitoring tools such as Wireshark- Knowledge of cloud networking principles- Hands-on experience with network troubleshooting and optimization Additional Information:- The candidate should have a minimum of 5 years of experience in Network Infrastructures- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Skills Required : Cyber Security, Security Operations Center Education/Qualification : BTech Years Of Exp : 13 to 20 Years

Essential duties & responsibilities: Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organization s systems and products. Collaborate with DevOps, Platform Engineering and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualification & Experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Network security (e.g., IDS/IPS, firewall hardening) , Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) , Application security (e.g., SAST, DAST, API security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF), CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team

Help us build and maintain scalable, secure infrastructure for our cloud-native applications Experience with AWS, GCP, Azure Kubernetes, and CI/CD pipelines is required Experience:2 years of experience required Skills: Linux Monitoring Microsoft Azure FinTech AWS GCP Kubernetes CI/CD InfoSecTerraform AWS EKS Responsibilities: Design, implement, and maintain scalable, secure, and highly available infrastructure across AWS, GCP, and Azure Develop Infrastructure as Code (IaC) using Terraform to automate cloud resource provisioning Deploy and manage Kubernetes (EKS, GKE, AKS) clusters for containerized applications Build and maintain CI/CD pipelines using GitHub Actions, AWS CodePipeline, or equivalent tools Integrate third-party tools (eg, SonarQube) into CI/CD workflows for security and quality assurance Configure and manage Linux-based environments and implement monitoring, logging, and alerting systems Ensure security best practices in cloud environments, including IAM, VPC configurations, and compliance adherence Automate operational tasks using Bash, Python, or PowerShell Collaborate with development and security teams to optimize deployment strategies and enhance system reliability Requirements: 2+ years of hands-on experience in a DevOps or Engineering role within a fintech company Strong expertise in Kubernetes (K8s) and container orchestration Proficiency in Terraform for IaC and cloud automation Experience managing and deploying applications on AWS, GCP, and Azure Strong understanding of CI/CD processes and cloud-native deployment tools Knowledge of cloud networking, security configurations, VPCs, IAM, and endpoint protection Experience working with ECS, EKS, or equivalent container services Familiarity with InfoSec principles and compliance frameworks relevant to fintech

Job Description: Responsibilities: 1)Implement and manage Azure Active Directory (AAD) with appropriate access controls. 2)Configure network security groups (NSGs), Azure Firewall, and VPN gateways. 3)Monitor Azure Security Center, implement threat detection, and respond to security incidents. 4)Create and manage Azure storage accounts, containers, and blobs. 5)Implement encryption, manage shared access signatures (SAS), and configure firewall rules for secure data access. 6)Deploy and manage web applications using Azure App Services, ensuring high availability and scalability. 7)Configure app settings, environment variables, and connection strings for web applications. 8)Use Infrastructure as Code (IaC) tools like ARM templates, Terraform, and Azure CLI for automating deployment and management tasks. 9)Continuously monitor and optimize the performance of Azure resources. 10) Maintain documentation for the deployed infrastructure and provide training on best practices. Ability Requirements Strong knowledge of Azure cloud services and best practices. Proficiency in network security, identity and access management (IAM), and compliance. Expertise in managing and optimizing blob storage and implementing secure data management practices. Skilled in deploying and managing web applications with a focus on security and performance. Ability to use automation tools for infrastructure deployment and management Key Skills : Cloud Solutions Azure Services Devops Practices

Position Title: 23946-31619-Backfill- Analyst Infra Security I (IND) Job Family: IFT > IT Infrastructure & Support Shift: Job Description: JOB DESCRIPTION Job Title Analyst IT Security II (IND) (Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF)) Requirement Type Full-Time Employee Job Location Bangalore Requirement Level Associate Hiring Manager Vikram Shah Primary Skill Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) Business STS Skill Category Super Niche ABOUT ELEVANCE HEALTH Elevance Health is a leading health company in America dedicated to improving lives and communities and making healthcare simpler. It is the largest managed health care company in the Blue Cross Blue Shield (BCBS) Association serving more than 45 million lives across 14 states. A regular in Fortune 500 list, Elevance Health ranked 20 in 2022. Gail Boudreaux , President and CEO of Elevance Health has been a consistent name in the Fortune list of most powerful women and currently holds 4th rank on this list. ABOUT CARELONCARELON Carelon Global Solutions (CGS) is a healthcare solutions company that is simplifying complex operational processes to improve the health of the healthcare system. Previously known as Legato Health Technologies, Carelon Global Solutions (hereinafter, CGS) underwent a name change and joined the Carelon family of brands in January 2023, as a fully owned subsidiary of Elevance Health (Previously Anthem Inc.). CGS brings together a global team of like-minded innovators who manage and optimize operational processes for health plans as well as providers. Our brightest minds housed across our global headquarters in Indianapolis as well as Bengaluru, Hyderabad and Gurugram in India, Manila in the Philippines, Limerick in Ireland and San Juan in Puerto Rico bring with them innovative capabilities and an unmatched depth of experience. This global team uniquely positions CGS to enable scalable, next-generation platforms and specialized digital tools that make healthcare operations more practical, effective and efficient. OUR MISSION & VALUES Our Mission: Improving Lives and Communities. Simplifying Healthcare. Expecting More. Our Values: Leadership | Community | Integrity | Agility | Diversity JOB POSITION We are seeking a Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) within our InfoSec team to help support our strategic security and compliance objectives. As an Application Security Engineer (WAF), you will partner with Application Security team, and will be a part of a fast-paced, results-driven, multi-national InfoSec organization. You will design, configure, deploy, and support the Web Application Firewall (WAF), DoS and BOT mitigation policies as well as CDN and caching configurations for on premise and in the cloud WAF deployments. The candidate will work closely with other members of the application security team, including security analysts, penetration testers, and leaders, to ensure that our applications are secure and compliant with industry standards. JOB RESPONSIBILITY Analyst IT Security II (IND) ( Web Application Firewall Engineer (WAF Engineer) or Application Security Engineer (WAF) ) : Able to demonstrate understanding of extensive working experience with DNS, network protocols and web technologies (e.g. IP, TCP, UDP, SSL/TLS, HTTP/HTTPS, gRPC, web sockets). Provide operational support, trouble shooting and maintenance of major Security related processes, controls or products. Analyze, configure, test, document and implement upgrades to WAF security processes, controls or products. Recognize, analyze patterns, and respond to security events and escalates as necessary. Consult with technical and business peers to analyze, support, and resolve Cybersecurity events. Engineer, configure, deploy, and maintain Web Application Firewall (WAF) solutions. Configure new sites and applications for WAF protection and perform analysis of traffic to remove false positives. Work with application developers and developer teams to analyze, prioritize, and support WAF configurations or application remediation to address security issues. Develop, maintain, test, patch and troubleshoot WAF rules/signatures to mitigate threats and implements best practices. Demonstrate experience in delivering technical projects with an ability to manage multiple priorities. Excellent problem-solving and analytical skills Effective communication and interpersonal skills Ability to work independently and in a team environment. QUALIFICATION EXPERIENCE Experience working in large organizations (25,000+) in fast paced environments with competing projects and priorities. Experience with large-scale application onboardings to WAF, and/or migrations between WAF solutions Confidence to lead triage calls for security events, web traffic disruptions or network outages. SKILLS AND COMPETENCIES Bachelor s degree or equivalent years (4-8+) as an Application Security Analyst/Engineer and WAF Security Engineer Cybersecurity, privacy principles, threats, vulnerabilities, risk management, and IT security methods. (e.g., firewalls, dmz, encryption, SSL certificates). Network security architecture concepts and protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and IAM/directory services (e.g. Okta, Siteminder, Ping, LDAP) Experience working with industry standard WAF solutions like CloudFlare, Akamai, F5 Networks, Imperva, Fastly, etc. Knowledge of Layer 7 security attacks and application security vulnerabilities (OWASP Top 10, SANS Top 25, XSS, SQLi, CMDi, RCE, CSRF/SSRF, CVEs and CWEs, etc.) Basic understanding of CDN and caching techniques, Load Balancing, etc. Basic understanding of various Clouds (AWS, GCP, Azure, Oracle Cloud) THE CARELON PROMISE Aligning with our brand belief of limitless minds are our biggest asset , we offer a world of limitless opportunities to our associates. It is our strong belief that one is committed to a role when it is not just what the role entails, but also what lies in its periphery that completes the value circle for an associate. This world of limitless opportunities thrives in an environment that fosters growth and well-being, and gives you purpose and the feeling of belonging. LIFE @ CARELON Extensive focus on learning and development An inspiring culture built on innovation, creativity, and freedom Holistic well-being Comprehensive range of rewards and recognitions Competitive health and medical insurance coverage Best-in-class amenities and workspaces Policies designed with associates at the center EQUAL OPPORTUNITY EMPLOYER Reasonable Accommodation Our inclusive culture empowers Carelon to deliver the best results for our customers. We not only celebrate the diversity of our workforce, but we also celebrate the diverse ways we work. If you have a disability and need accommodation such as an interpreter or a different interview format, please ask for the Reasonable Accommodation Request Form. Job Type: Full time