177 Osint Jobs - Page 3

Job Title : Skilled Data Analyst Location : New Delhi Job Type : Full-time Experience : 2- 5 Years Department : Intelligence / Cyber Forensics / Data Analytics Salary: Upto 4.8 LPA Job Summary We are seeking a Skilled Analyst with a strong background in data and intelligence analysis. The ideal candidate will possess experience in OSINT, CDR/IPDR, financial auditing, digital forensics, and dark web intelligence. The role involves handling various types of data, conducting thorough analysis, and preparing accurate reports to support investigations and strategic decisions. Key Responsibilities Perform Open-Source Intelligence (OSINT) collection and analysis. Analyse Call Detail Records (CDR) and Internet Protocol Detail Records (IPDR) . Conduct financial audits and forensic analysis of financial data. Perform digital forensic examinations on various devices and platforms. Analyse data from sources including the dark web , to extract meaningful intelligence. Prepare trend analyses , intelligence reports, and dashboards. Design and maintain structured databases for efficient analysis and reporting. Collaborate with cross-functional teams to derive actionable insights. Ensure the confidentiality and integrity of data and reports. Proficient in PowerBi, Advance Excel, SQL, Linux Required Qualifications Educational Background : Graduate in one of the following fields: B.C. A / B.E. / B.Tech B.Sc. (Physics / IT / Mathematics / Statistics) B.A. (Mathematics) B. Com Or an equivalent degree with a strong academic record. Professional Experience : Minimum 2 years in Data Analysis or Business Analysis . Preferred Skills Strong analytical and problem-solving skills. Hands-on experience with CDR/IPDR and OSINT tools. Familiarity with digital forensic tools and techniques. Ability to analyze large datasets and derive patterns. Understanding of dark web environments and data extraction. Proficiency in report writing and communication. Knowledge of database systems and data visualization tools is a plus.

JD for Threat Hunting Role: - A threat hunting role at HDFC Bank involves proactively searching for and identifying advanced cyber threats within enterprise environments using cutting-edge security tools and threat intelligence. Threat hunters collaborate with other teams like incident response, threat intelligence, IT, application owners to improve security posture of HDFC Bank by identifying new threats and techniques and misconfigurations. Threat hunters also develop new tools and techniques, improve existing ones, and share their findings to enhance the overall security. Key Responsibilities: - Proactive Threat Hunting: Actively search for signs of malicious activity that may not be detected by traditional security systems. Cyber Threat Intelligence: Utilizing threat intelligence from various sources to identify potential threats and understand adversary tactics. Behavioural Analysis: Analysing system behaviour and network traffic to identify anomalies that could indicate malicious activity. Data Analysis: Analyse large datasets from various sources (endpoints, identities, cloud, network) to identify anomalies and potential threats. Tool Development: Contribute to the development of new threat hunting tools, automations, and capabilities. Mitigation Strategies: Develop and recommend mitigation strategies to address identified threats and improve overall security posture. Cross-Disciplinary Collaboration Working with incident response, threat intelligence, and other teams to share findings and coordinate response efforts Staying Ahead of Threats: Researching and experimenting with new hunting techniques to identify and mitigate emerging threats Communication: Effectively communicating findings and recommendations to various stakeholders and cybersecurity leadership. Key Skills and Experience: - · Minimum experience of 7+ years in Threat Hunts/Incident response · Strong cybersecurity knowledge, including incident response, threat intelligence, network security, Forensics, OS Internals. · Strong understanding of threat landscapes, and attack methodologies. · Experience with threat intelligence platforms, security monitoring tools, and SIEM solutions. · Proficiency in data analysis and correlation techniques to identify malicious activity. · Ability to develop and implement new threat hunting techniques and tools. · Excellent communication and collaboration skills. · Excellent analytical and problem-solving skills. · Experience with threat hunting methodologies and techniques. · Excellent understanding of cloud attack & defence · Understanding of how advance APTs works translate OSINT information in meaningful hunt · Able to analyse large data using data analytics. · Proficiency with Python, KQL, SQL, XQL · Bachelor’s degree in computer science, Cybersecurity, or a related field. · Relevant certifications (e.g., CISSP, GCIH, GCFA, GCFR) are a plus.

WHO ARE WE? We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy! CloudSEK, one of India’s most trusted Cyber security product companies, is on a mission to build the world’s fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we’ve grown at a frenetic pace and have been able to achieve some accolades along the way, including: CloudSEK’s Product Suite: CloudSEK XVigil constantly maps a customer’s digital assets, identifies threats and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats including takedown support. A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers’ attack surfaces. CloudSEK's BeVigil uses a combination of Mobile, Web, Network and Encryption Scanners to map and protect known and unknown assets. CloudSEK’s Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Key Milestones: 2016 : Launched our first product. 2018 : Secured Pre-series A funding. 2019 : Expanded operations to India, Southeast Asia, and the Americas. 2020 : Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. 2021 : Raised $7M in Series A funding led by MassMutual Ventures. Awards & Recognition : Won NetApp Excellerator's "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. 2025 : Secured $19 million in funding led by Tenacity Ventures, Commvault. About the Role We are seeking a Threat Intelligence Lead, a player - coach to spearhead our threat intelligence initiatives, driving strategic and operational excellence in identifying, analyzing, and mitigating cyber threats. This role combines technical expertise with business acumen to enhance our security posture and contribute directly to organizational growth. The ideal candidate will have a proven track record in leading threat intelligence teams, designing proactive defense strategies, and collaborating cross-functionally to align security efforts with business objectives. Key Responsibilities Technology Leadership: Collaborate with customer success and engineering teams to refine detection mechanisms and automate threat intelligence workflows for client solutions. Own co-development with the Engineering team to build and maintain the Threat Intelligence platform delivering high quality intel in a timely manner to all our customers. Continuously refine threat models, frameworks and processes to address evolving cyber risks. Lead advanced threat hunting and malware analysis to uncover risks relevant to customer environments. Team Leadership and Development: Lead, mentor, and grow a team of cybersecurity researchers and analysts focused on threat intelligence and vulnerability discovery. Establish a vision and strategic direction for the team, ensuring alignment with the broader organizational revenue goals. Provide ongoing training, support, and professional development for team members, fostering an environment of growth and knowledge-sharing. Oversee the day-to-day operations of the team, ensuring effective task prioritization and resource allocation. Establish metrics to measure team impact on threat detection accuracy and response times. Reporting and Incident Support: Produce high-quality, technical reports on research findings, detailing potential vulnerabilities, threat actor activities, and risk levels. Help define security metrics and KPIs that measure the effectiveness of threat research efforts. Assist in incident response by providing in-depth analysis of threats, vulnerabilities, and attack techniques used by adversaries. Lead the development of security advisories and public-facing content regarding threats affecting SaaS products. Customer-Centric Incident Support Serve as a trusted advisor to customers during security incidents, providing actionable threat intelligence to guide their containment, remediation, and recovery efforts. Develop customer-focused incident playbooks and threat briefings to empower clients with proactive defense strategies. Analyze post-incident data to generate tailored reports for customers, highlighting adversary TTPs, lessons learned, and recommendations to strengthen their security posture. Business Growth & Customer Success Design and execute a comprehensive threat intelligence strategy aligned with organizations business goals. Translate technical findings into customer-facing threat reports, advisories, and executive briefings that demonstrate value and drive ARR growth. Enable the customer success managers with quality content to help them demonstrate the value to the customer. Collaborate with the sales team on lead generation and prospecting opportunities - Leverage in-house research on emerging threats (e.g., dark web activity, exploit chains) to create customer-centric content (blogs, webinars) that positions the company as a thought leader. Qualifications & Skills Experience: 5+ years in threat research/analysis, including 2+ years in leadership roles. Prior experience in SaaS/cybersecurity firms preferred. Technical Expertise: Proficiency in threat intel platforms , OSINT tools, and malware analysis. Deep knowledge of APT groups, ransomware trends, and TTPs. Business Acumen: Demonstrated ability to collaborate with sales teams, drive ARR growth, and improve customer retention. Certifications: CISSP, GIAC (GCTI, GCFA), CEH, or equivalent certifications. Education: Bachelor’s/Master’s in Computer Science, Cybersecurity, or related fields. Soft Skills: Strong communication, stakeholder management, and strategic thinking.

Job Description: We are seeking a results-driven AI with Python Team Lead on immediate basis who can guide a team of AI engineers and independently manage AI/ML projects particularly in adverse media analysis, risk intelligence, and data-driven compliance solutions . The ideal candidate will have a solid foundation in Python-based AI/ML development and hands-on experience working with unstructured data sources for screening, classification, and risk identification. Candidates who can join immediately will be preferred. Responsibilities Lead a team of AI/ML engineers focused on building intelligent systems, particularly for Adverse Media detection and analysis . Develop and deploy scalable AI/ML models using Python to analyze structured and unstructured media sources. Build and optimize NLP pipelines for entity extraction, sentiment analysis, and news classification. Architect and implement solutions that classify and score entities (individuals or companies) based on risk. Translate compliance and regulatory requirements into AI-powered systems. Independently handle project lifecycles from scoping and design to delivery and optimization. Mentor junior team members and enforce best practices in AI development. Conduct regular performance reviews, knowledge sharing, and skill development sessions within the team. Collaborate with cross-functional teams including Data Associates, and QA. Document AI systems, model decisions, and ensure auditability of outputs. Qualifications and Required Skills Bachelor’s or Master’s in Computer Science with AI Specialization. 4 years of hands-on experience in Python-based AI/ML development. Strong experience in Adverse Media , KYC, AML, or regulatory intelligence. Proficiency in NLP, text classification, named entity recognition (NER), topic modeling, and sentiment analysis. Strong command of Python libraries like SpaCy, Transformers (Hugging Face), Scikit-learn, Pandas, NumPy , etc. Experience handling multilingual media sources and identifying fake, biased, or non-reputable sources. Familiarity with risk scoring methodologies, sanctions screening, or negative news processing. Preferred Skills: Experience working with third-party adverse media feeds or OSINT platforms. Exposure to ML pipelines (MLflow, Airflow) and MLOps practices. Familiarity with graph databases and link analysis for network detection (e.g., Neo4j, NetworkX). Experience in working with Tor network data, onion sources, or dark web crawlers.

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

Job Description Join our dynamic Global Security team as an Analyst in the Global Intelligence Open Source Collections Cell (OSCC), where you'll play a pivotal role in safeguarding our firm's people, assets, events, and reputation. As an OSINT expert, you'll leverage cutting-edge open source, third-party, and vendor platforms to identify and evaluate potential threats, assessing their likelihood and impact on both tactical and strategic levels. Job Summary As an Analyst Global Intelligence Open Source Collections Cell (OSCC) within the Global Security team, you will be responsible for conducting OSINT monitoring and analysis by leveraging open source, third party, and vendor platforms to evaluate threats that may impact the firm's people, assets, events, and reputation; their likelihood; and their potential tactical and operational impact and strategic implications. You will report on tactical monitoring to include event security, disruptive incident/crisis monitoring, and Workplace Violence cases. Secondary responsibilities may include covering other Global Security stakeholder cases - Global Intelligence, Investigations, Physical Security, Global Security Operations Centers, and others by request. You will have a high degree of analytic ability, resourcefulness and drive, critical thinking skills, and exposure to tactical and operational security. You must have the ability to address complex and multidimensional research challenges with innovative, rigorous, and inter-disciplinary analytical methods to produce proactive and reliable assessments. You must be technically savvy, able to deal with and work through ambiguity, exhibit flexibility needed to shift workload in accordance with changing priorities, be comfortable leading in a sometimes stressful and fast-paced, priority-driven environment, and be prepared to brief senior departmental leadership. You must be a highly motivated self-starter who can operate within a global team. This role is for a night shift focused on U.S. security issues and incident monitoring. Job Responsibilities Conduct OSINT research and monitoring in advance of and during high security incidents; utilizing social media, public records, and third-party databases to build leads, escalate emerging issues, and provide investigative support. Support senior management updates and escalations, mostly on tactical and operational threats of concern, following escalation workflows and ensuring coherent and comprehensive hand-off to the next shift. Deliver analytical assessments in clear, succinct, and appropriately caveated products that project credibility, convey recommendations, and reinforce key messages. Collaborate with key stakeholders within and without the department and firm to develop assessment that integrate disparate and seemingly innocuous data/information Required Qualifications, Capabilities And Skills 2+ years relevant work experience in performing OSINT research, intelligence analysis, or investigative work. Experience monitoring social media for domestic/global real-time all-hazard threats and incidents; analyzing potential threats and risks and disseminating error free reports with limited supervisory review/edits. Experience escalating issues in a time-sensitive manner to the appropriate parties. Handle high-level of pressure associated with complex projects and programs in a demanding customer environment. Confident and experienced in handling executive communication (written and verbal) with senior-level management. Experience leveraging vendors/technology. Independent thinker with strong analytical and problem-solving skills. Proficiency with MS Office suite. Undergraduate degree in Political Science, Psychology, International Affairs, Cyber Security, or related discipline Preferred Qualifications, Capabilities And Skills Experience in law enforcement, military, or prior private sector risk intelligence experience About Us JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. About The Team Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success. The Global Security (GS) team protects the firm’s people and assets, ensuring the safety of business operations through the implementation of technology, best-in-class talent and client collaboration. Teams are responsible for developing safety policies and procedures, customer safety, pre-employment screening, fraud investigations and security operations on a global basis.

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

WHO ARE WE? We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy! CloudSEK , one of India’s most trusted Cyber security product companies, is on a mission to build the world’s fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we’ve grown at a frenetic pace and have been able to achieve some accolades along the way, including: CloudSEK’s Product Suite: CloudSEK XVigil constantly maps a customer’s digital assets, identifies threats and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats including takedown support. A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers’ attack surfaces. CloudSEK's BeVigil uses a combination of Mobile, Web, Network and Encryption Scanners to map and protect known and unknown assets. CloudSEK’s Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Key Milestones: 2016 : Launched our first product. 2018 : Secured Pre-series A funding. 2019 : Expanded operations to India, Southeast Asia, and the Americas. 2020 : Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. 2021 : Raised $7M in Series A funding led by MassMutual Ventures. Awards & Recognition : Won NetApp Excellerator's "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. 2025 : Secured $19 million in funding led by Tenacity Ventures, Commvault. ABOUT THE ROLE We are looking for a Cyber Security Analyst to be a part of the CloudSEK Cyber-Security team. An ideal candidate will demonstrate an aptitude for learning new technologies, evidenced by the ability to expand upon core knowledge. She/he should be highly analytical with the ability to derive facts quickly, methodically, and accurately. This is a technical role with partial customer-facing responsibility to solve product and cybersecurity-related problems of low to high complexity. You will also act as a focal point for customer problem resolution. We will rely on you to provide timely and accurate analysis for the security incidents tagged on XVigil (CloudSEKs proprietary digital risk monitoring platform). Responsibilities: Passionate Problem Solver: Demonstrated passion for cybersecurity with a love for solving complex problems, ensuring sleepless nights until solutions are found. Continuous Learner: Excitement about new technologies and a commitment to continuous learning in the dynamic field of cybersecurity. Network Proficiency: Strong understanding of network processes, protocols, and architecture fundamentals. Coding Skills: Proficient in coding languages such as Python, Ruby, and R. Ability to develop Bash scripts, and a quick learner for new languages. Web App Penetration Testing: Hands-on experience in web application penetration testing, with a focus on practical skills rather than relying on certifications. OSINT and/or SOCMINT Skills: Possess a keen interest and skills in Open Source Intelligence (OSINT) and/or Social Media Intelligence (SOCMINT). Community Engagement: Active participation in various cybersecurity forums and communities, showcasing a strong network within the cybersecurity domain. Product Utilization: Excitement about using organizational products to identify security incidents and applying skills to identify, amplify, and highlight cyber and business risks. Global Collaboration: Engage with cybersecurity teams worldwide, providing support to identify and mitigate risks to their organizations. Cross-Functional Collaboration: Work closely with Subject Matter Experts (SMEs) including cybersecurity researchers, AI and product developers, business development professionals, and customer success experts. Deadline-Driven: Ability to meet deadlines while ensuring the fulfillment of the specified requirements. Team Player: Strong team player with excellent collaboration skills to contribute effectively within the CyberSEK Security Research & Consulting team. Time Management: Prioritize and manage time effectively to balance multiple tasks and responsibilities. Skills Required - Demonstrated passion for cybersecurity with a love for solving complex problems, ensuring sleepless nights until solutions are found. Solid team player. Ability to interact confidently with clients to identify what the security problem is and explain the solution. Problem-solving skills The ability to prioritize your workload and time management skills Enjoys problem-solving and displays an eagerness to learn new technologies/skills. Ability to quickly learn new languages Technical Expectations: Solid knowledge of cyber security, must know the general attack vectors and attack scenarios. Intermediate level of knowledge of networking, the internet, and protocols. Intermediate level knowledge of Firewall, VPN, IDS, and related network security design and implementation. Experience with web application penetration testing and techniques. Must have strong knowledge of one or more programming languages (such as Python, Java, Ruby, etc) Basic knowledge of Bash Scripting Strong understanding of network processes, protocols, and architecture fundamentals. Benefits of Joining CloudSEK We provide an environment where you can develop and enhance your skills while delivering meaningful work that matters. You’ll be rewarded a competitive salary as well as a full spectrum of generous perks and incentives which include: Flexible working hours. Food, unlimited snacks and drinks are all available while at office. And, the finest part is yet to come! Every now and then we ensure to unwind and have a good time together, which involves games, fun, and soulful music. Feel free to show off your artistic side here!

What You’ll Do This security analyst will be part of a team tasked with identifying, tracking and verifying the remediation of vulnerabilities in internal and external applications and systems. This role involves performing deep-dive analysis of vulnerabilities, operating vulnerability scanning tools, and building relationships with other groups within the IT organization. You will work closely with IT infrastructure, product teams, supply chain, and Cyber Security operations to reduce Eaton's attack surface. Stay up to date with the evolving technological and threat landscape and its potential impact on modern and legacy technologies, applications, and business processes. Monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services. Conduct continuous discovery, vulnerability assessment and remediation status of enterprise-wide assets. Advise employees responsible for remediation on the best reduction and remediation practices. Review and analyze vulnerability data to identify trends and patterns. Regularly report on the state of vulnerabilities, including their criticality, exploit probability, business impact, and remediation strategies. Serve as a point of contact for new and existing vulnerability-related issues. Collaborate with business teams and cyber security stakeholders to ensure appropriate governance structures are in place and that risks are documented. Provide vulnerability education and guidance to stakeholders, developers, IT and business leaders as needed. Maintain documentation related to vulnerability policies and procedures. Assist maintaining records for Eaton assets, their vulnerability state, remediation recommendations, overall security posture and potential threat to the business. Identify areas of opportunity for improvement and automation within team processes. Perform other duties as assigned, including on-call rotations. Qualifications Bachelor’s degree in a technical discipline Overall 5-8 years of experience 3+ years of experience in security operations or vulnerability management. Skills Ability to analyze and understand vulnerabilities and exploits Proficiency with commercial and open source vulnerability management solutions. Understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques. Understanding of operating systems, applications, infrastructure, and cloud computing services. Understanding of OWASP, CVSS, MITRE ATT&CK framework. Capacity to comprehend technical infrastructure, managed services, and third-party dependencies. Preferably some experience with vulnerability management across AWS, Azure, or Google cloud Platform. Experience in Python or Powershell, with an emphasis on scripting, automation, and integrations. Experience in threat hunting or red teaming exercises is a plus. Strong communication skills: Ability to communicate effectively across all levels of the organization. Project management skills: Strong project management, multitasking, and organizational skills ]]>

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that's redefining the Loyalty domain!. At Loyalty Juggernaut, we're on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY- , our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY- delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem. Visit www.lji.io to know more about us. As a Product Security Engineer, you'll to ensure the security of GRAVTY- throughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices. Your Responsibilities Will Include And Not Limited To Conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure. Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps. Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others. Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more. Perform API and mobile platform security testing, including vulnerability discovery and exploit validation. Execute and document Open-Source Intelligence (OSINT) investigations. Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices. Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management. Monitor and respond to production security alerts and assist with security incident handling. To be successful in this role, you should have : A Bachelor's degree in Engineering, preferably CS/IT. 3+ years of proven experience in penetration testing and vulnerability management. Minimum of 1-3 years of experience in Red Teaming. Strong coding/scripting proficiency in Python, Java, Ruby, or similar. Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices. Exposure to DevSecOps, including implementing security tools in CI/CD, and production environment protection. Experience in Secure Development Lifecycles, access controls, and patch & compliance frameworks. Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus. Excellent analytical, communication, and collaboration skills. A curious mind, a passion for security, and a knack for staying one step ahead of adversaries. (ref:hirist.tech)

Job requisition ID :: 84362 Date: Jul 3, 2025 Location: Delhi Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Cyber Threat Intelligence Analyst will be catering a pivotal role in CTI team supporting multiple global clients for recent threat advisories, impact analysis and recommendations via sharing threat advisories coming up from Deloitte threat portals, External Threat Feeds. Demonstrates proven expertise in awareness of threats model around the globe, geographical threats impact aligning with current client’s business infrastructure. CTI analyst will process incoming malware analysis reports, APT threat actors research, zero-day vulnerabilities advisory disclosure and provide recommendations to wide array of customer base. CTI analyst should be well versed with External Attack Surface Monitoring and OSINT techniques which can be used by threat actors to map business infra recon. Member should have working knowledge of CTI toolsets for example OpenCTI, MISP, Threat Feeds, Malware Sandboxes. CTI member expected to share research findings through internal blogs, presentations and will be a pivotal participant in developing threat intelligence cycle. Knowledge of IOC lifecycle management, PIR (Priority Intelligence Requirements) and Threat Modelling. Ability to automate manual and repetitive tasks such as IOC revalidation, IOC extraction, integration with existing tools and technologies and designing of threat intel playbooks/ workflows through scripting knowledge of Python/Bash etc. Familiarity with SIGMA, YARA and other open Standard CTI formats (Openc2, STIX, TAXII) Provide intelligence briefings to wide array of client base on threats or threat actors and risk they bring to the active geographical environment. CTI analyst will participate in incident response process on an as needed basis to prepare recommendations, analytical and remediation instructions to assist customers. Provide dashboard and monthly threat intel reports related to Incidents detected for governance model. Maintain through documentation of cyber threats, threat vectors and attack trends consumptions aligning to threat actors TTPs. Provide OSINT analysis as in when required via available dark web portals, brand monitoring solutions, External Attack Surface Monitoring control sets. Required Professional Experience Overall experience of 4-6 years in intelligence studies, threat actor profiling, cyber threat intelligence. Strong understanding of corporate solutions, attack patterns and cyber kill chain. Experienced with threat intelligence platforms will be value addition like Recorded Future, Threat Connect, Maltego or similar. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Role Overview We are looking for a confident Security Engineer/Researcher position with experience in IT-Security for our Core Research labs in India. McAfee believes that no one person, product, or organization can fight cybercrime alone. It's why we rebuilt McAfee around the idea of working together. Life at McAfee is full of possibility. You’ll have the freedom to explore challenges, take smart risks, and reach your potential in one of the fastest-growing industries in the world. You’ll be part of a team that supports and inspires you. This is a hybrid position based in Bangalore. You must be within a commutable distance from the location. You will be required to be onsite on an as-needed basis; when not working onsite, you will work remotely from your home location About The Role Understand threat telemetry trends and identify patterns to reduce time to detect. Develop automation to harvest malware threat intelligence from various sources such as product telemetry, OSINT, Dark Web monitoring, spam monitoring, etc. Develop early identification and alert systems for threats based on various online platforms and product telemetry. Utilize various data mining tools that analyze data inline based on intelligence inputs. Analyze malware communication and techniques to find Indicators of Compromise (IOC) or Indicators of Attack (IOA). Authoring descriptions for malware either via McAfee Virus Information Library, Threat Advisories, Whitepapers, or Blogs. About You You should have 7+ years of experience as a security/threat/malware analyst. Programming Skills—Knowledge of programming languages like Python and its packages like NumPy, Matplotlib, and Seaborn is desirable. Data source accesses like Spark and SQL are desirable. Machine Learning knowledge is added advantage. Familiarity with UI & dashboard tools like Jupyter and Databricks is an added advantage. Excellent Communication Skills—It is incredibly important to describe findings to a technical and non-technical audience. Company Overview McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment. Company Benefits And Perks We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Bonus Program Pension and Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

WHO ARE WE? We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy! CloudSEK, one of India’s most trusted Cyber security product companies, is on a mission to build the world’s fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we’ve grown at a frenetic pace and have been able to achieve some accolades along the way, including: CloudSEK’s Product Suite: CloudSEK XVigil constantly maps a customer’s digital assets, identifies threats and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats including takedown support. A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers’ attack surfaces. CloudSEK's BeVigil uses a combination of Mobile, Web, Network and Encryption Scanners to map and protect known and unknown assets. CloudSEK’s Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Key Milestones: 2016 : Launched our first product. 2018 : Secured Pre-series A funding. 2019 : Expanded operations to India, Southeast Asia, and the Americas. 2020 : Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. 2021 : Raised $7M in Series A funding led by MassMutual Ventures. Awards & Recognition : Won NetApp Excellerator's "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. 2025 : Secured $19 million in funding led by Tenacity Ventures, Commvault. BeVigil is CloudSEK’s Attack Surface Monitoring (ASM) product used by enterprises globally to identify, monitor, and secure their external attack surface . It enables organizations to discover shadow assets, misconfigurations, leaked credentials, and other exposures—before adversaries do.We are now scaling BeVigil further and are looking for a Product Manager with prior experience in security engineering or research, who can deeply empathize with the user and drive product evolution. What You'll Own Lead the product roadmap and vision for BeVigil, aligning with enterprise customer needs and evolving threat landscapes. Work closely with enterprise security teams to gather insights, validate use cases, and translate needs into product features. Define and enhance features across asset discovery, vulnerability mapping, alerting, and integrations. Collaborate with security researchers, engineers, and designers to ship high-impact features. Stay ahead of attacker trends, emerging vulnerabilities, and technologies in the ASM space. You’ll Be a Great Fit If You Have: 3–6 years of total experience , including at least 1–2 years in a cybersecurity role (security engineer, DevSecOps, or threat researcher) and 1–2 years in product management. Deep understanding of attack surface management , vulnerability assessment, threat exposure, and cyber hygiene practices. Hands-on familiarity with tools like Shodan, Nessus, Nmap, Burp Suite, OSINT frameworks, or SIEM/SOAR platforms . Experience working on enterprise SaaS products , especially in B2B security or developer tooling. Strong communication skills to work cross-functionally with GTM, engineering, research, and client success teams. Bonus: Worked on or evaluated CNAPP, CSPM, or ASM tools in your prior roles.

Skill: Endpoint Detection and Response (EDR) Exp : 3- 8 Yrs NP : 30-60 days Location : Pune & Hyderabad Responsibilities Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS Ability to distinguish between False Positives and False Negatives detections with respect to logs available. Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. Good understanding of Malware Analysis i.e. static and dynamic and its variants. Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch Understanding of Database language i.e. KQL is a Plus. Understanding of Network Security concepts and popular encryption standards. Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. Exposure to reverse engineering of malware samples is a plus. Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred. ***Willing to work in rotational shift timings.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Description: Cyber Threat Intelligence Analyst Position Overview : We are seeking a highly skilled and experienced Senior Cyber Threat Intelligence Analyst to join our cybersecurity team. The ideal candidate will have a strong background in threat intelligence monitoring, report writing, and the use of various threat intelligence platforms. This role requires a proactive individual who can develop and sustain custom threat intelligence feeds, integrate them into SIEMs, and provide in-depth reporting tailored to client needs. The candidate must be comfortable working in the EST timezone (evening shift for overlap with onshore/client team ) and be on-call for high-priority urgent tasks. Key Responsibilities: Monitor and analyze threat intelligence using tools such as ZeroFox, Recorded Future, Digital Shadows, or similar platforms. Write comprehensive and technical cybersecurity reports with strong attention to detail. Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering. Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux. Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP. Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel. Execute domain and social media account takedowns as necessary. Create custom, in-depth reports specific to client requirements. Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis. Utilize Excel and/or Power BI for data visualization and graph creation. Experience with excel data cleansing, VLookups, Pivot Tables Prepare and deliver PowerPoint presentations and reports to stakeholders. Maintain strong verbal and written communication skills in English. Work independently under pressure and prioritize tasks effectively. Be available for on-call duties for high-priority urgent tasks. Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work. Qualifications : Minimum of 2 years of experience with threat intelligence monitoring tools. At least 1 year of experience in threat intelligence report writing. Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search. Experience with scripting in Python, Azure, and Linux. Familiarity with one or more threat intelligence platforms for feed management. Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel. Proven experience with domain and social media account takedowns. Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain. Excellent English writing skills. Proficiency in Excel and/or Power BI for data visualization. Strong experience with PowerPoint presentations and reporting. Strong verbal English and presentation skills. Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus. Certifications specific to cyber threat intelligence are an asset. Ability to work in the EST timezone (evening shift for overlap with onshore/client team ). Strong analytical skills and ability to prioritize tasks effectively. Experience working with MSSPs for backend and client-facing work. Preferred Skills: Experience with additional threat intelligence platforms. Advanced technical writing and reporting skills. Strong analytical and problem-solving abilities. Ability to work independently and as part of a team. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Company Description Neo Prism Solutions LLC is dedicated to providing sophisticated IT and business solutions with a proactive, reliable, innovative, and sustainable approach. We focus on Business Intelligence & Data Warehousing, Database Management Systems, Application Packaging, and Virtualization. Our services are designed to meet evolving client needs, streamlining data processes and optimizing software deployment to enhance agility and scalability. Our commitment to excellence fosters a corporate culture prioritizing professional growth, making us a trusted partner in driving sustained success and innovation for our valued clients. Role Description This is a contract remote role for a Penetration Tester. The Penetration Tester will be responsible for identifying and addressing security vulnerabilities in client systems through reverse engineering, application security assessments, red teaming, and malware analysis. The candidate will work collaboratively with client teams to proactively improve cybersecurity measures and ensure infrastructure robustness. 2. Objectives The primary goals of the penetration test are to: · Assess the security of _____________ from an external attacker's perspective. · Identify vulnerabilities, misconfigurations, and security weaknesses. · Evaluate the effectiveness of current security controls. · Provide actionable recommendations to mitigate identified risks. · Support compliance efforts related to information security standards (e.g., OWASP Top 10, ISO 27001, PCI-DSS, etc.). 3. Scope of Engagement 3.1 In-Scope Assets · Associated subdomains (if provided or discoverable) · Publicly accessible APIs tied to the above domain · Web-based interfaces accessible without internal network access 3.2 Out-of-Scope · Internal corporate systems not accessible through the public domain · Third-party services or integrations unless explicitly authorized · Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) testing · Social engineering (e.g., phishing, vishing) unless separately authorized 4. Testing Methodology Testing will follow industry-standard methodologies, including but not limited to: 4.1 Reconnaissance · DNS enumeration and subdomain discovery · Service fingerprinting and banner grabbing · OSINT (Open Source Intelligence) gathering 4.2 Vulnerability Assessment · Automated scanning to identify common CVEs and misconfigurations · Manual verification of high-risk vulnerabilities 4.3 Exploitation (Non-destructive) • Safe exploitation techniques to validate risk • No disruption or data exfiltration unless explicitly authorized 4.4 Post-Exploitation & Privilege Escalation • Identify lateral movement opportunities within the web application • Session hijacking, privilege escalation, and impersonation checks 4.5 OWASP Top 10 Coverage Testing will include, but is not limited to: • Injection flaws (e.g., SQL, NoSQL, OS) • Broken authentication/session management • Sensitive data exposure • XML External Entities (XXE) • Broken access controls • Security misconfigurations • Cross-Site Scripting (XSS) • Insecure deserialization • Insufficient logging and monitoring • Server-side request forgery (SSRF ) 5. Deliverables Upon completion of the engagement, the following deliverables will be provided: 5.1 Executive Summary • High-level overview for business stakeholders • Risk ratings and business impact of findings 5.2 Technical Report • Detailed list of identified vulnerabilities • Screenshots, payloads, and technical evidence • CVSS scores and risk rankings • Affected assets and reproduction steps 5.3 Remediation Recommendations • Detailed mitigation and remediation guidance • Prioritized recommendations based on risk and impact 5.4 Re-Test Report (Optional) • Confirmation of remediation actions (if included in scope) 6. Timeline Activity Duration Planning & Access Setup 1-2 business days Testing Phase 5 business days Reporting & Review 5 business days Optional Re-test As agreed upon 7. Roles and Responsibilities Client Responsibilities • Provide written authorization for testing • Make available any credentials or API keys (for gray/white-box testing) • Identify business hours and blackout periods • Coordinate with internal stakeholders Testing Team Responsibilities • Conduct tests within agreed scope and timeframes • Minimize impact to production systems • Maintain confidentiality of all data accessed during testing • Report findings promptly if critical/high-risk vulnerabilities are discovered

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Overview: We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies. Responsibilities: Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education). Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence. Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis. Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively. Develop and document threat intelligence playbooks and procedures. Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets. Collaborate with cross-functional teams to assess risks and recommend mitigation strategies. Evaluate and refine alerts triggered by threat intelligence platforms. Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly. Work closely with international IT teams and third-party vendors to understand adversary intent and activity. Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies. Contribute to the design and enhancement of the organization's Threat Intelligence Program. Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program. Perform as-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues. Required Qualifications: Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence). Extensive experience with threat intelligence platforms and playbook development. Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks. Strong analytical skills and expertise in OSINT techniques. Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour. Familiarity with Python, APIs, Docker containers, and automation tools. Proven ability to work independently and handle complex situations. Excellent verbal and written communication skills to deliver briefings to diverse audiences. Additional Information: This position requires support during Canada business hours. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Title: Assignment Manager – Overall Security Operations Location: Cigna Healthcare Campus, Hyderabad Payroll Company: G4S Secure Solutions India Pvt. Ltd. (Deputed at Cigna Health) Employment Type: Full-Time (Immediate Joining Required) Pay package: Purely based on performance during the interview. Age Criteria: 35–40 years Gender Preference: Male Candidates Only Language Preference: Telugu-speaking candidates from Hyderabad preferred. However, that is not compulsory Position Summary This is a leadership position that demands complete ownership of security operations at the Cigna Corporate Campus in Hyderabad. The Assignment Manager will act as the single point of contact between G4S and Cigna for all security-related matters — covering manned guarding, electronic security, vendor governance, intelligence gathering, crisis response, and incident management . The ideal candidate should bring 7–10 years of proven managerial experience in handling end-to-end corporate security operations and must be capable of leading multi-functional teams, managing vendors, optimizing systems, and enabling executive decision-making through security intelligence. Key Responsibilities 1. End-to-End Security Operations Oversight Lead the physical security strategy, deployment, and compliance across the Cigna Hyderabad campus. Supervise 24/7 operations of security staff, control room, access control, visitor management, and CCTV monitoring. Oversee guard discipline, grooming, scheduling, and performance audits. 2. Electronic Security Systems (ESS) Management Ensure 100% uptime of CCTV, Access Control, FAS, VMS, and alarm systems. Coordinate AMC, preventive maintenance, and troubleshooting with OEMs and integrators. Maintain access rights administration, health checks, footage retrieval, and incident footage analysis. 3. Intelligence & Threat Monitoring Proactively gather OSINT, HUMINT, and liaise with local law enforcement and informants. Share actionable risk advisories, flash alerts, and heat maps related to geo-political, civil, weather, and infrastructure risks. Provide live updates during disruptions or crises and support risk-based decision-making. 4. Vendor Management & Compliance Oversee performance, statutory compliance (PF, ESI, PSARA), and manpower strength of private security vendors. Validate bills, reliever logs, and invoices; maintain cost optimization and budget tracking. Facilitate audits, tender evaluations, onboarding/offboarding, and stakeholder reviews. 5. Incident & Crisis Management Lead emergency response plans (evacuations, medical incidents, fire drills, lockdowns). Investigate breaches, coordinate with internal stakeholders, and implement CAPAs. Document incidents in real-time using reporting tools and prepare detailed reports. 6. Team Management & Leadership Manage, train, and coach supervisors and front-line guards. Lead daily briefings, emergency drills, and SOP refreshers. Handle team grievances, ensure motivation, and conduct weekly performance reviews. 7. Reporting & Client Coordination Submit daily, weekly, and monthly MIS to G4S and Cigna leadership. Represent G4S during client review meetings, audits, security walkthroughs, and business reviews. Act as the liaison for all operational escalations, event planning, and emergency preparedness briefings. Candidate Profile Minimum Qualifications Graduate in any stream (Mandatory). Diploma/Degree in Security Management or Electronics/Telecom preferred. Certifications in ESS (e.g., HID, Honeywell, Lenel, CP Plus), or GSOC tools desirable. Experience 7–10 years of progressive experience in corporate security operations in a leadership role. Strong exposure to managing ESS, manned guarding vendors, and crisis/emergency management. Must have experience working with multinational clients or high-compliance sites. Technical Competencies Hands-on with access control, CCTV, alarms, and surveillance systems. Knowledge of network basics (IP, PoE), system integrations, and server-client architecture. Proficient in Microsoft Office (Word, Excel, PowerPoint), incident logging, and presentation skills. Behavioral Traits High integrity, strong interpersonal and communication skills. Attention to detail, composure under pressure, and conflict resolution ability. Ownership mindset with a proactive approach to operations and problem-solving. KPIs for Success Zero non-compliance incidents during audits. ≥95% uptime of ESS systems. ≥90% SLA adherence by vendors. ≤2 major security incidents annually. Timely submission of all reports and dashboards. What We Offer Market competitive salary package Full statutory benefits (PF, ESIC, Gratuity as per G4S policy) Exposure to global MNC security standards Immediate joining and placement in a prestigious client campus How to Apply WhatsApp your resume with DOB and current location to: Abhay Mulik – +91 9113627282 Email: abhay.mulik@in.g4s.com Subject: Application for Assignment Manager – Cigna Hyderabad Job Type: Full-time Work Location: In person Application Deadline: 10/07/2025