Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network architecture, firewall policies, VPNs, NAT, and VLAN segmentation. Analyze and mitigate threats like DDoS, MITM, spoofing, etc. Configure and manage intrusion detection/prevention systems (IDS/IPS). Perform routine audits and packet-level analysis for suspicious activity. Cloud Security Secure cloud infrastructure (Alibaba Cloud/AWS/Azure/GCP). Manage IAM, WAF, Security Groups, and cloud-native threat detection tools. Audit and improve security configurations in containers, CI/CD pipelines, and serverless deployments. Monitoring, Audit, and Compliance Work closely with compliance teams to meet standards like SAMA-CSF, ISO 27001, and PCI-DSS . Implement and tune SIEM/SOAR systems for proactive monitoring and incident response. Maintain audit trails, security reports, and logs for investigations and audits. Qualifications & Requirements Bachelor’s degree in computer science, Cybersecurity, or a related field. 4+ years of experience in cybersecurity roles with exposure to infrastructure and application security. Proficiency in tools like Burp Suite, Nessus, Wireshark, Nmap, Suricata, OSSEC/Wazuh, etc. Strong knowledge of TCP/IP, Linux security, cloud security, and secure coding principles. Experience with at least one cloud platform (Alibaba Cloud preferred). Familiarity with regulatory and compliance standards in the GCC region is a plus. Security certifications such as CEH, OSCP, CISSP, or CISM are a plus. Preferred Strong problem-solving and analytical skills. Ability to work under pressure in a fast-paced environment. Excellent communication skills to interface with technical and non-technical stakeholders. Self-motivated and able to work independently or as part of a team. Minimum 5 + yrs of exp as security specialists Job Types: Full-time, Permanent Pay: ₹2,000,000.00 per year Benefits: Health insurance Leave encashment Paid sick time Provident Fund Schedule: Day shift Monday to Friday Morning shift Education: Bachelor's (Preferred) Experience: Information security: 5 years (Preferred) audit: 4 years (Preferred) Compliance management: 4 years (Preferred) SoC: 1 year (Preferred) Work Location: In person

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Work Location: In person

Category: Administration Main location: India, Karnataka, Bangalore Position ID: J0625-0283 Employment Type: Full Time Position Description: Company Profile: Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com. Job Title: Cyber Security Engineer Position: Senior Systems Engineer/Lead Analyst Experience: 7+ yrs Category: IT Infrastructure Main location: Bangalore Position ID: J0625-0283 Employment Type: Full Time Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 3 years of relevant experience. Job Description: At least 7+ years’ Experience in Vulnerability Assessment and Penetration testing of web applications, mobile applications, API and thick client applications. Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in setting up the network environment for VAPT Manual penetration testing skills and techniques are required besides automated tools and frameworks. Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Strong knowledge of tools for mobile application security, including but not limited to Appuse, MOBSF, Geny Motion, Kali Linux, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify On Demand Good Understanding of OWASP Top 10 for web application security and Mobile application security. Perform mobile vulnerability assessment and Penetration testing. Good understanding of Microservice based architecture Experience working in a DevSecOps environment with knowledge of continuous integration, containers, DAST/SAST tools Good understanding of Database security requirements. Good knowledge of cloud environments and should be able to perform VAPT on AWS, Azure etc. Scripting and coding experience(good to have) Certifications: OSCP, CEH Must have Skills : Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Good to have Skills : Excellent customer interfacing skills. Excellent written and verbal communication skills. Participating in Daily Standups and weekly reviews Strong attention to detail and outstanding analytical and Problem-solving skills. Understanding of Business, emerging technologies in relevant industry (Banking/CIAM ) , strong understanding of trends (market and technology) in areas of specialization. CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs. Life at CGI: It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons Come join our team, one of the largest IT and business consulting services firms in the world Skills: Vulnerability Assessment(IAVA) What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Job Title Specialist I - Product security and Privacy Job Description Job title: Application Security Test Engineer Job Description: Application Security Test Engineer Responsibilities: This is an individual contributor role. As part of the larger Security and Privacy team, the Application Security Engineer would - · Perform comprehensive Dynamic Application security Testing (DAST) · Understand and analyze the applications from security point of view. · Understand the application security risks and Threat modeling of applications · Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application. · Able to guide and support development teams to fix the security vulnerabilities in the code. Preferred Experience: · 3+ years of work experience in Application Security Testing, VAPT · Understanding and familiarity with common code review methods and standards · Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) Methodologies · Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite · Experience is creating new security test cases based on the type of the application being tested · Application development experience · Good to have python language experience on security automation. · Research and pilot new services / technologies to support secure software development · Knowledge of standard SDLC practices · Experience with DevSecOps, security test automation, security testing as part of CICD · Advantageous to have experience in clout technologies like AWS & Azure. Educational Qualifications: · Bachelor degree with concentration in Computer Science, Information Systems, Information Security or similar would be preferred. Preferred Security certifications Ideally, candidate will possess any one of the below Security certifications(but not mandatory) · CEH · ECSA · LPT · OSCP How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities. Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations. Indicate if this role is an office/field/onsite role. About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. Learn more about our business . Discover our rich and exciting history . Learn more about our purpose . If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here .

R1 RCM India is proud to be recognized amongst India's Top 50 Best Companies to Work For™ 2023 by Great Place To Work® Institute. We are committed to transform the healthcare industry with our innovative revenue cycle management services. Our goal is to ‘make healthcare simpler’ and enable efficiency for healthcare systems, hospitals, and physician practices. With over 30,000 employees globally, we are about 14,000 strong in India with offices in Delhi NCR, Hyderabad, Bangalore, and Chennai. Our inclusive culture ensures that every employee feels valued, respected, and appreciated with a robust set of employee benefits and engagement activities Key duties & responsibilities Directly contributes as a member of a scrum team to the test-driven development of software features and non-functional quality attributes, applying software engineering best practices and authoring integration tests. Provides thoughtful recommendations in sessions with scrum team members to structure solution source code and implementation approaches — emphasizing the need to optimize code that follows engineering best practices, and maximizes maintainability, testability and performance. Ensures SOLID principles and standard design patterns are applied to system architectures and implementations. Drive adoption of modern engineering practices such as Continuous Integration, Continuous Deployment, Code Reviews, TDD, Functional\Non-Functional testing, Test Automation, Performance Engineering etc. to deliver high-quality, high-value software Works with product management, business stakeholders and application architects to understand software requirements and helps estimate epics, features and stories. Scripts and maintains automated build steps, continuous integration systems and staging environments. Provides skillful communication and respectful listening — conveying logical and structured thoughts, truthfulness, empathy, confidence and friendliness. Applies consistent levels of strategic thinking, judgment, decision making, attention to detail, teamwork, organization, innovation and initiative. Foster a culture and mindset of continuous learning to develop agility using the three pillars transparency, inspection and adaptation across levels and geographies. Mentors other members of the development team. Evaluates, understands and recommends new technology, languages or development practices that have benefits for implementing. Experience, Skills and Knowledge 12+ years of experience designing and developing n-tier Web applications Well versed with C#, modern UI technologies and database, ORM technologies. Must have solid understanding of modern architectural and design patterns. Advanced knowledge of general engineering concepts like design patterns, OO programming, and SOLID principles, HTTP, MVC, APIs, data structures, and algorithms. Advanced knowledge and experience with automated test tools and techniques including test-driven development, behavior-driven development, automated acceptance testing, Gherkin & Given/When/Then. Advanced knowledge and experience with Microsoft development technologies and tools: C#, Visual Studio or Visual Studio Code, .NET Framework/Core, and Entity Framework. Advanced knowledge and experience with REST and WebAPIs including but not limited to Web Sockets, JSON, RAML, Swagger, OData, or GraphQL. Good working understanding and experience with DevOps practices in source code management, continuous build and deployment tools including but not limited to git, Jira, Jenkins, Docker, Kubernetes, APM tools. Working understanding and experience with secure coding practices: OWASP, XSS, CSRF, SSO/Authentication, static code analysis tools, ethical hacking. Working understanding of application architecture concepts like microservices, Domain-Driven Design, broker pattern/message bus, event-driven, CQRS, ports & adapters/hexagonal/onion, SOA. Deep expertise in one or more Clouds (Azure, AWS, Google Cloud) Strong exposure to Agile software development methodologies and enabling tools such as Jira, Confluence Excellent communicator with demonstrable ability of influencing decisions Knowledge of healthcare revenue cycle management, HL7, EMR systems, HIPAA, FHIR would be preferred. Good working understanding of application architecture concepts like microservices, Domain-Driven Design, broker pattern/message bus, event-driven, CQRS, ports & adapters/hexagonal/onion, SOA would be preferred Key competency profile Spot new opportunities by anticipating change and planning accordingly Find ways to better serve customers and patients. Be accountable for customer service of highest quality Create connections across teams by valuing differences and including others Own your development by implementing and sharing your learnings Motivate each other to perform at our highest level Help people improve by learning from successes and failures Work the right way by acting with integrity and living our values every day Succeed by proactively identifying problems and solutions for yourself and others. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit: r1rcm.com Visit us on Facebook

R1 RCM India is proud to be recognized amongst India's Top 50 Best Companies to Work For™ 2023 by Great Place To Work® Institute. We are committed to transform the healthcare industry with our innovative revenue cycle management services. Our goal is to ‘make healthcare simpler’ and enable efficiency for healthcare systems, hospitals, and physician practices. With over 30,000 employees globally, we are about 14,000 strong in India with offices in Delhi NCR, Hyderabad, Bangalore, and Chennai. Our inclusive culture ensures that every employee feels valued, respected, and appreciated with a robust set of employee benefits and engagement activities Key duties & responsibilities Directly contributes as a member of a scrum team to the test-driven development of software features and non-functional quality attributes, applying software engineering best practices and authoring integration tests. Provides thoughtful recommendations in sessions with scrum team members to structure solution source code and implementation approaches — emphasizing the need to optimize code that follows engineering best practices, and maximizes maintainability, testability and performance. Ensures SOLID principles and standard design patterns are applied to system architectures and implementations. Drive adoption of modern engineering practices such as Continuous Integration, Continuous Deployment, Code Reviews, TDD, Functional\Non-Functional testing, Test Automation, Performance Engineering etc. to deliver high-quality, high-value software Works with product management, business stakeholders and application architects to understand software requirements and helps estimate epics, features and stories. Scripts and maintains automated build steps, continuous integration systems and staging environments. Provides skillful communication and respectful listening — conveying logical and structured thoughts, truthfulness, empathy, confidence and friendliness. Applies consistent levels of strategic thinking, judgment, decision making, attention to detail, teamwork, organization, innovation and initiative. Foster a culture and mindset of continuous learning to develop agility using the three pillars transparency, inspection and adaptation across levels and geographies. Mentors other members of the development team. Evaluates, understands and recommends new technology, languages or development practices that have benefits for implementing. Experience, Skills and Knowledge 12+ years of experience designing and developing n-tier Web applications Well versed with C#, modern UI technologies and database, ORM technologies. Must have solid understanding of modern architectural and design patterns. Advanced knowledge of general engineering concepts like design patterns, OO programming, and SOLID principles, HTTP, MVC, APIs, data structures, and algorithms. Advanced knowledge and experience with automated test tools and techniques including test-driven development, behavior-driven development, automated acceptance testing, Gherkin & Given/When/Then. Advanced knowledge and experience with Microsoft development technologies and tools: C#, Visual Studio or Visual Studio Code, .NET Framework/Core, and Entity Framework. Advanced knowledge and experience with REST and WebAPIs including but not limited to Web Sockets, JSON, RAML, Swagger, OData, or GraphQL. Good working understanding and experience with DevOps practices in source code management, continuous build and deployment tools including but not limited to git, Jira, Jenkins, Docker, Kubernetes, APM tools. Working understanding and experience with secure coding practices: OWASP, XSS, CSRF, SSO/Authentication, static code analysis tools, ethical hacking. Working understanding of application architecture concepts like microservices, Domain-Driven Design, broker pattern/message bus, event-driven, CQRS, ports & adapters/hexagonal/onion, SOA. Deep expertise in one or more Clouds (Azure, AWS, Google Cloud) Strong exposure to Agile software development methodologies and enabling tools such as Jira, Confluence Excellent communicator with demonstrable ability of influencing decisions Knowledge of healthcare revenue cycle management, HL7, EMR systems, HIPAA, FHIR would be preferred. Good working understanding of application architecture concepts like microservices, Domain-Driven Design, broker pattern/message bus, event-driven, CQRS, ports & adapters/hexagonal/onion, SOA would be preferred Key competency profile Spot new opportunities by anticipating change and planning accordingly Find ways to better serve customers and patients. Be accountable for customer service of highest quality Create connections across teams by valuing differences and including others Own your development by implementing and sharing your learnings Motivate each other to perform at our highest level Help people improve by learning from successes and failures Work the right way by acting with integrity and living our values every day Succeed by proactively identifying problems and solutions for yourself and others. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit: r1rcm.com Visit us on Facebook

About Apply Digital Apply Digital is a global experience transformation partner. We drive AI-powered change and measurable impact across complex, multi-brand ecosystems. Leveraging expertise that spans across the customer experience lifecycle from strategy, design to engineering and beyond, we enable our clients to modernize their organizations and maximize value for their business and customers. Our 750+ team members have helped transform global companies like Kraft Heinz, NFL, Moderna, Lululemon, Dropbox, Atlassian, A+E Networks, and The Very Group. Apply Digital was founded in 2016 in Vancouver, Canada. In the past nine years, we have grown to ten cities across North America, South America, the UK, Europe, and India. At Apply Digital, we believe in the “ One Team ” approach, where we operate within a ‘pod’ structure. Each pod brings together senior leadership, subject matter experts, and cross-functional skill sets, all working within a common tech and delivery framework. This structure is underpinned by well-oiled scrum and sprint cadences, keeping teams in step to release often and retrospectives to ensure we progress toward the desired outcomes. Wherever we work in the world, we envision Apply Digital as a safe, empowered, respectful and fun community for people, every single day. Together, we work to embody our SHAPE (smart, humble, active, positive, and excellent) values and make Apply Digital a space for our team to connect, grow, and support each other to make a difference. Visit our Careers page to learn how we can unlock your potential. LOCATION: Apply Digital is a hybrid friendly organization with remote options available if needed. The preferred candidate should be based in (or within a location commutable to) the Delhi/NCR region of India , working in hours that have an overlap with the Eastern Standard Timezone (EST). About The Client In your initial role, you will support Kraft Heinz, a global, multi-billion-dollar leader in consumer packaged foods and a valued client of ours for the past three years. Apply Digital has a bold and comprehensive mandate to drive Kraft Heinz’s digital transformation . Through implementable strategies, cutting-edge technology, and data-driven innovation we aim to enhance consumer engagement and maximize business value for Kraft Heinz. Our composable architecture, modern engineering practices, and deep expertise in AI, cloud computing, and customer data solutions have enabled game-changing digital experiences. Our cross-functional team has delivered significant milestones, including the launch of the What's Cooking App, the re-building of 120+ brand sites in over 20 languages, and most recently, the implementation of a robust Customer Data Platform (CDP) designed to drive media effectiveness. Our work has also been recognized internationally and has received multiple awards . While your work will start with supporting Kraft Heinz, you will also have future opportunities to collaborate with the global team on other international brands. THE ROLE: Apply Digital is seeking a Senior Front-end Software Engineer. The Senior Software Engineer role is a highly experienced position within our engineering team, focused on providing technical expertise, strategic problem solving, and advanced mentorship. The individual in this role navigates highly complex learning objectives independently, critically evaluates and advises on project technologies, and takes lead on medium to large-scale software projects. This role requires excellent communication skills, a strong ability to manage and resolve conflicts, and a firm grasp on project estimation and risk management. The ideal candidate for this role has in-depth experience with Typescript and NextJs as well as content management systems such as Contentful. Strong English language proficiency and experience working with remote teams across North America and Latin America are required, as this role requires clear communication and coordination across distributed teams. WHAT YOU’LL DO: Design and implement high-quality, test-driven frontend code for various client projects using TypeScript, Next.js and React. Optimize applications for Core Web Vitals (LCP, CLS, FID) to ensure high performance and superior user experience. Collaborate with designers and UX teams to implement seamless, accessible, and visually appealing interfaces. Implement components accurately based on highly specified figma designs or wireframes. Define and maintain scalable component architecture using Storybook, and Tailwind CSS, or similar libraries. Understand and implement client-side state management solutions, React Query in particular. Work closely with backend teams to optimize REST API integrations, ensuring efficient data fetching and caching strategies. Create and maintain documentation, implement and follow best practices for development workflow. Collaborate effectively with team members to meet project deadlines. Contribute innovative ideas to ensure we deliver the best solutions for our clients. Stay updated on technology trends and continually enhance your skill set. WHAT WE’RE LOOKING FOR: Strong proficiency in English (written and verbal communication) is required. Experience working with remote teams in North America and LATAM, ensuring smooth collaboration across time zones. Deep expertise in TypeScript, with extensive experience in modern Next.js (14+) and React (18+). A strong understanding of a11y and WCAG principles. Strong experience with modern CSS methodologies, specifically Tailwind CSS. Experience with modular front-end architectures, component-driven development, and design systems. Solid understanding of API consumption patterns, including REST, GraphQL and WebSockets. Experience with performance optimization techniques, including code-splitting, lazy loading, image optimization, and CDN strategies. Familiarity with headless CMS platforms, specifically Contentful. Understanding of containerization technologies for development environments. Understanding of Google Cloud Run as a web application run time environment. Experience with CI/CD pipelines for front-end deployments (GitHub Actions preferred). Knowledge of front-end security best practices, including CSP, OWASP Top 10, and secure authentication/authorization mechanisms (OAuth, JWT). Ability to communicate effectively with technical and non-technical stakeholders. You should feel comfortable explaining technical concepts in simple terms. Experience working in fast-paced, Agile environments, balancing priorities across multiple projects. NICE TO HAVES: Experience with headless ecommerce platforms such as Commercetools Back-end engineering experience, notably in NestJs Experience with GCP and terraform Experience with Edge computing and serverless deployments (Cloudflare Workers, Vercel). Knowledge of micro frontends and federated architectures. Experience with progressive web applications (PWAs) and service workers. Understanding of internationalization (i18n) and localization strategies. Familiarity with implementing A/B testing and personalization tools (Ninetailed, Segment). #Promoted LIFE AT APPLY DIGITAL At Apply Digital, people are at the core of everything we do . We value your time, safety, and health, and strive to build a work community that can help you thrive and grow. Here are a few benefits we offer to support you: Location: Apply Digital is a hybrid friendly organization with remote options available if needed. The preferred candidate should be based in (or within a location commutable to) Delhi/NCR, with the ability to overlap with the US/NA times zones when required. Comprehensive Benefits: benefit from private healthcare coverage, contributions to your Provident fund, and a gratuity bonus after five years of service. Vacation policy: work-life balance is key to our team’s success, so we offer flexible personal time offer (PTO); allowing ample time away from work to promote overall well-being. Great projects: broaden your skills on a range of engaging projects with international brands that have a global impact. An inclusive and safe environment: we’re truly committed to building a culture where you are celebrated and everyone feels welcome and safe. Learning opportunities: we offer generous training budgets, including partner tech certifications, custom learning plans, workshops, mentorship, and peer support. Apply Digital is committed to building a culture where differences are celebrated, and everyone feels welcome. That’s why we value equal opportunity and nurture an inclusive workplace where our individual differences are recognized and valued. For more information, visit our website’s Diversity, Equity, and Inclusion (DEI) page. If you have special needs or accommodations at this stage of the recruitment process, please inform us as soon as possible by emailing us at careers@applydigital.com . Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Our Company Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape — particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. What we are looking from an ideal candidate? Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Preferred Skills What skills do you need? Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills And Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Role Description The Cybersecurity Incident Management and Response Team is responsible for effectively and efficiently managing all information and cybersecurity incidents across the Group on a 24x7 basis. This function is structured into two primary missions: Incident Management: Coordinating and orchestrating the global technical response to cybersecurity incidents, and ensuring timely, effective communication to Global Business and Functional stakeholders, Senior Executive Leadership, and relevant regulatory bodies. Incident Response: Conducting technical and forensic investigations arising from threat intelligence, security testing, and user-reported incidents. The goal is to effectively contain, mitigate, and remediate both active and potential attacks. Key Responsibilities Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. Define and refine detailed processes and procedures for managing cybersecurity events. Enhance technical capabilities of security platforms and incident response tools. Support the development of the team’s capabilities, including training and mentoring junior team members. Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. Drive self-improvement and maintain subject matter expertise in cybersecurity. Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies Strong understanding of cybersecurity incident management and investigation techniques. Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. Ability to independently analyze complex problems and determine root causes. Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. Strong collaboration and stakeholder engagement skills across diverse teams. High level of integrity, urgency, and personal accountability. Demonstrated ethical conduct and commitment to organizational values. Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills Cybersecurity Incident Management Intrusion Detection/Prevention Systems (IDS/IPS) TCP/IP Protocols and Network Analysis Forensics Tools and Techniques Security Automation & Orchestration Platforms Threat Intelligence Integration SIEM Tools (e.g., Splunk, QRadar, etc.) Skills Incident response,Forensic Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Dear Candidate, TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: Application Penetration Tester Experience Range: 4+ years Joining Location: Bangalore/ Bhubaneshwar Desired Skill Set Any: Application Penetration testing Knowledge OWASP Vulnerabilities Experience with Secure Source Code Review using tools like Snyk, Checkmarx Experience with DAST tools like BrightSec Preferably having Development background and understanding of Multiple Coding language for Vulns eg .Net , Java, Python etc Good communication skills We are seeking skilled penetration tester to assess our systems, application and network through structured and unstructured testing. The candidate should have strong experience using tools such as Burp Suite, kali Linux, Metasploit and other offensive security frameworks to identify vulnerabilities and propose actionable mitigations Key Responsibilities Conduct penetration test on web , applications, API , internal and external networks. Perform vulnerability assessments and exploit the weakness using manual techniques and automated tools (e.g. Burp Suite , Kali Linux etc) Create comprehensive reports outlining findings , potential impact and remediation guidance Collaborate with development and infrastructure to prepare the plan for conducting the test and also mitigate the finding identified during the exercise. Required skills & Experience Proven experience in penetration testing and ethical hacking (5+ experience preferred) Strong knowledge and hands-on experience with Burp Suite, Kali Linux, NMAP, Metasploit etc. Proficiency in scripting languages for automating tasks and exploits Deep understanding of OWASP top 10 , MITRE ATT&CK framework and CVSS scoring Familiarity with various operating systems Ability to document technical findings in a clear, concise manner Regards, Priscilla Nancy HR TAG - Cyber Security Tata Consultancy Services Show more Show less

About Energy Exemplar In an era where the world is rapidly advancing towards a cleaner future through decarbonization, stakeholders from across the entire energy value chain are having to navigate the complexities of the energy ecosystem. We seek to enable our customers to do so with confidence . Our mission: Empowering Transformative Energy Decisions. Founded in 1999 in Adelaide, Australia, Energy Exemplar’s PLEXOS ® modeling and simulation software is trusted by innovative organizations across the globe. On one unified platform, stakeholders from across the entire energy value chain are revolutionizing the energy ecosystem and seamlessly planning for the future of energy with unprecedented clarity, speed, and innovation. Our impact is global and is being recogni z ed across the industry : Finalist for the 2024 Reuters Global Energy Transition Awards in the 'Technologies of Change' category Finalist for the 2024 Go:Tech Awards in the 'Most Innovative Use of Technology’ category 2022 USEA/USAID Corporate Volunteer of the Year 2022 Impact Award Winner for our impact on the energy industry and the current energy transition At Energy Exemplar, we believe in empowering our people by offering flexibility in how, when, and where they work. This flexibility has been a cornerstone of our success, fueling significant growth over the years, with the company expanding at an impressive rate of approximately 30% year over year . We understand that the best results come when our team members can balance their professional and personal lives, so we support various working arrangements that help you thrive. We don’t just celebrate the excellence of our product s but champion the quality of our people. They own their outcomes and perform to their best – every day. whether you're working from home, in the office, or on the go. Our flexible work culture fosters innovation, collaboration, and trust, making it easier to stay engaged and connected, no matter where you are. That’s what makes us who we are and a great place to work. Our core values ‘Customer Success ’ , ‘One Global Team ’ , ‘Integrity and Ownership’ and ‘Innovation Excellence’ reflect the way we work and are always a t the forefront of everything we do . About the Position Reporting to the Software Engineering Manager as a member of the Development team in India, the Software Engineer is responsible for delivering quality and performant software and design to handle the vast array of use cases that our customers have today. This role is responsible for Developing Software Solutions by learning information needs, discussing with managers, studying systems flow, data usage, finding problem areas and coming up with solutions & following the software development lifecycle. Location: 4th Floor, WeWork Amanora Crest, Amanora Park Town, Magarpatta, Hadapsar, Pune, Maharashtra 411028 Work Type: Hybrid (3 days a week in office) We are looking for: 9+ years of experience in product development field 2+ years of recent experience in building products on cloud Strong understanding of data structures, algorithms, and designing for performance Strong knowledge in OOPS with .Net, C# or relevant technologies with SQL Server or any RDBMS Hands-on experience in development with either Angular, VueJS or React Experience with Microservices Architecture Hands-on experience in building products for Unix systems in addition to Windows Working knowledge of CI/CD pipelines and AWS/Azure cloud services Knowledge of asynchronous programming and WebAPI development is required Knowledge and awareness of cloud/ application security is a must (OWASP at the minimum) Extensive experience in mentoring junior engineers to success Strong logical, analytics and problem-solving skills Must be able to work effectively across team boundaries Attention to details Strong oral and written communication skills Candidate Requirements & Qualifications: Graduate/Master's degree in Computer Science, Engineering, or a related discipline Strong logical, analytics and problem-solving skills Must be able to work effectively across team boundaries Attention to details Ability to work independently Energy Exemplar is an equal opportunities employer and we value your unique identity and perspective . We are fully committed to providing and fostering a workplace that reflects the diversity of society. Bring your authentic self and help us build an inclusive world together! To support you in being the best version of yourself during the application and interview process, please let us know if you have any specific requirements. Show more Show less

PwC India is inviting applications for Secure Code Reviewer/Specialist to join in Kolkata Responsibilities: Review application source code based on the industry standard security frameworks and organization's internal security policy. Running the source code scan and analyzing the results derived from the SAST platform. Coordinate with application development teams to ensure identified gaps are fixed in proper time. Work with the application development team to eliminate false positives, to clarify compensating security controls. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. Work closely with other team members, including project leads, regional leads and territory security leadership team. Provide regular updates on progress and issues to project managers and stakeholders Skill sets Strong knowledge of secure coding practices and common security vulnerabilities (e.g., OWASP Top 10). Strong knowledge of Industry standard SAST tools (e.g. Veracode, Fortify on Demand). Strong knowledge of Industry standard SCA tools (e.g. Blackduck). Strong knowledge in manual and tool-based code review process, focusing on OWASP methodology. Strong Knowledge of security vulnerability identification and remediation methodologies. Familiarity with industry standard security frameworks and policies. Strong knowledge of DevSecOps practices and integration of security within C Show more Show less

Education Criteria (Must): B.Sc (IT/CS) / B.Tech in any Engineering background, BCA, MCA M.Sc. Information Technology, or related field. CEH, CISSP, CISA, CISM, CRISC (If any security related certification) 11-15 years of experience in Application Security, Network Security, and IT Risk Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Client and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management Skill-Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation.

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility

Atlas Energy - Cybersecurity Analyst Security Analyst - Threat Management and Vulnerability Assessment Seeking a skilled Security Analyst (4-6 years) specializing in threatmanagement and vulnerability assessments. The ideal candidate will haveexperience with Defender for Cloud (migration from L1 to L2), Rapid7, andIntune, and a foundational understanding of Operational Technology (OT)systems, particularly the Dragos platform. This role involves advanced threatdetection and remediation, vulnerability assessments, patching, and hardeningtasks. Qualifications: - Experience with Defender for Cloud and Rapid7. - Proficiency in vulnerability assessments, patch management, and systemhardening. - Familiarity with Intune and Rapid7 agent deployment issues. - Basic understanding of OT systems and security, particularly the Dragosplatform. - NIST controls implementation. - Excellent communication and documentation abilities. Shift Timing - US CST hours

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Manual Penetration Testing using OWASP checklists, Penetration Testing, Vulnerability Assessment, OWASP Top 10, OWASP ZAP, AWS Cloud, Azure Cloud, Cyber Security, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Data Security Assessment Consulting Perform Penetration testing Develop and recommend mitigation strategies to enhance the defense mechanisms of critical infrastructure components Collaborate with IT and security teams to refine security measures and response strategies Prepare detailed reports on findings from simulations and suggest improvements Facilitate training sessions for internal teams on security awareness and breach response tactics

Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, Static/dynamic testing of mobile applications, Static Code analysis Artifacts/Grey box Infra Activity (VA/CA) Windows Server - Performing Scanning and preparing reports - application Security Testing/ Infra VACA