3316 Owasp Jobs - Page 37

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SAP Security. Experience: 5-8 Years.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: F5 Load Balancers. Experience: 5-8 Years.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SOAR Tools. Experience: 5-8 Years.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Zscaler Web Security. Experience: 5-8 Years.

Key Job Responsibilities: VOC - VI (Vulnerability Intelligence) & ASM (Attack Surface Management) Analyst Environment / Context Saint Gobain, world leader in the habitat and construction market, is one of the top 100 global industrial groups. Saint-Gobain is present in 68 countries with 171 000 employees. They design, manufacture and distribute materials and solutions which are key ingredients in the wellbeing of each of us and the future of all. They can be found everywhere in our living places and our daily life: in buildings, transportation, infrastructure and in many industrial applications. They provide comfort, performance and safety while addressing the challenges of sustainable construction, resource efficiency and climate change . Saint-Gobain GDI Grou pe (250 persons at the head office, including 120 that are internal) is responsible for defining, setting up and managing the Group's Information Systems (IS) and Telecom policy with its 1,000 subsidiaries in 6,500 sites worldwide. The GDI Groupe also carries the common means (infrastructures, telecoms, digital platforms, cross-functional applications ). IN DEC, the IT Development Centre of Saint-Gobain, is an entity with a vision to leverage India’s technical skills in the Information Technology domain to provide timely, high-quality and cost-effective IT solutions to Saint-Gobain businesses globally. Within the Cybersecurity Department, the Cybersecurity Vulnerability Operations Cen ter mission is to Identify, assess and confirm vulnerability and threats that can affect the Group. The CyberVOC teams are based out of Paris and Mumbai and consist of skilled persons working in different Service Lines . Mission The VOC VI & ASM Analyst will be part of a team responsible for monitoring and identifying vulnerabilities as well as proactively assessing their threat with regards to Saint-Gobain context. The team also provides comprehensive feedback and guidance on detected vulnerabilities to assist Security Officers and Application Manager on the remediationpart. This role takes a holistic approach to identifying newly published vulnerabilities and contextualizing them to Saint-Gobain environment as well as tracking potential external entry points to Saint-Gobain systems anddata. The VOC VI & ASM Analyst is responsible for: Vulnerability Intelligence (VI): Monitor new vulnerabilities and assess their criticality and risk severity based on threat, exploit availability, ease of exploit, impact, …Communicate and publish an assessment on vulnerabilities related to software used in Saint-Gobain's scope Maintain timely, high-quality vulnerability bulletins, prioritizing issues against the Group’s asset exposure Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service Keep the vulnerability database up to date; enrich each CVE and security bulletin with QDS, EPSS, CVSS metrics, … Attack Surface Management (ASM): Operate continuous monitoring of external assets via ASM Security tools Update on a regular basis the coverage of ASM tools, by adding known domains and IP ranges belonging to Saint-Gobain Assess the severity of the findings and confirm their presence (review, challenge, FP assessment, …) Track and report exposure trends; escalate high-risk findings to Blue-Team remediation owners Build and use the external footprint to proactively identify new threats and new vulnerabilities Leverage ASM tools to proactively identify external assets subject to newly published vulnerabilities BlackBox Pentesting: Drive proactive follow-up on detected vulnerabilities, engaging system owners and tracking remediationto closure Active follow up with Application managers to onboard new application in the BlackBox Pentesting service Pentest launch Contract follow-up Tools follow up and maintenance Vulnerability Management:Vulnerability review, recategorization, and false positive identification Proactive vulnerability testingand replayPre-analyze and consolidate vulnerability data from various scanning tools Prepare concise syntheses of available vulnerabilities Offer guidance to the SO and CISO on vulnerabilities Collaborate with key stakeholders to develop strategies for vulnerability management Scripting and automation:Automate data extraction and data push from VI and ASM tools to DataLake tools Build automation workflows to streamline vulnerability identification, assessment, and reporting Collaborate with the offensive and defensive teams to enhance vulnerability assessmentand t esting Skills and Qualifications Bachelor's degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plusProven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration Experience on Penetration testing actions (web application, infrastructure, …) Experience with security scanning tools Experience with VI and ASM tools Experience in investigating newly published vulnerabilities and assessing their risks and severity Experience with scripting languages (e.g., Python, Bash, Powershell, C#, …) for automation and customization of security processes is a plus Experience with Pentester tools (Burp, SQLmap, Metasploit, Kali environment, …) Strong technical skills with an interest in open-source intelligence investigations Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range ofstakeholders. Personal Skills Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience Excellent ability to think critically under pressure Strong communication skills to convey technical concepts clearly to both technical and non-technical stakeholders Willingness to stay updated with evolving cyber threats, technologies, and industry trends Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measures Additional Information The position is based inMumbai (India)

Job Description: Information Security Auditor Location- Andheri or any client Position: Senior Associate Information Security Employment Type: Full-time Key Responsibilities: Conduct vulnerability assessments and penetration tests on web applications, networks, infrastructure, and mobile applications to identify security weaknesses. Perform detailed risk analysis and provide actionable remediation steps based on findings. Engage in manual and automated testing using industry-standard tools (e.g., Burp Suite, Nessus, Metasploit, Nmap, Kali Linux, etc.). Document and communicate the results of assessments clearly, including the severity of the vulnerabilities, recommended mitigations, and overall security posture. Stay up-to-date with the latest security threats, vulnerabilities, and tools, ensuring testing methodologies remain current. Conduct risk assessments and security audits to ensure compliance with industry standards (e.g., OWASP Top 10, NIST, CIS). Perform threat modeling to identify potential attack vectors in system architectures and designs. Perform advanced exploitation techniques (buffer overflows, reverse engineering, etc.). Cloud security and penetration testing methodologies for platforms like AWS, Azure, and GCP. Secure hardening configuration review of infrastructure systems and Cloud environment Assist in preparing security reports for clients and senior management. Skills & Qualifications: Experience: 3-5 years of hands-on experience in penetration testing, vulnerability assessments,security auditing, source code review, red teaming etc. Technical Expertise: Strong knowledge of common web application vulnerabilities (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), etc.). Proficiency with penetration testing tools like Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit, etc. Experience with vulnerability management systems and reporting tools. Familiarity with both manual and automated testing techniques. Strong knowledge of operating systems (Linux, Windows) and networking protocols. Certifications (Preferred): Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) Any additional certifications in cybersecurity or penetration testing. How to Apply: Interested candidates are invited to submit their resume and cover letter to [Pallavi.kulkarni@anbglobal.com]. Please include "VAPT" in the subject line. Equal Opportunity Employer: ANB is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. For more information about our company and culture, visit https://anbglobal.com/

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Threat Protection. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Saviynt. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: F5 Load Balancers. Experience: 5-8 Years.

Acceldata is reimagining the way companies observe their Data! Acceldata is the pioneer and leader in data observability, revolutionizing how enterprises manage and observe data by offering comprehensive insights into various key aspects of data, data pipelines and data infrastructure across various environments. Our platform empowers data teams to manage products effectively by ensuring data quality, preventing failures, and controlling costs. What we are looking for? We are looking for a highly skilled and motivated Security Engineer to join our Infra and Security team. The candidate will be responsible for vulnerability management across our SaaS and on-premise product stacks, driving both remediation and validation efforts. This role also involves conducting penetration testing and leveraging security tools for SAST and DAST to proactively secure our applications and infrastructure. Key Responsibilities: Vulnerability Management- Identify, prioritise, and manage security vulnerabilities across both SaaS and on-premise environments. Collaborate with product and engineering teams to ensure timely remediation. Track and report on remediation progress and verify effectiveness of fixes. Fixing & Validation - Work with developers to fix vulnerabilities at the code and configuration levels. Validate fixes through retesting, code reviews, and regression testing. Penetration Testing - Conduct internal penetration testing using tools like OWASP ZAP, Burp Suite, and other industry-standard toolkits. Simulate real-world attacks to assess the security posture of applications and infrastructure. Document findings and deliver detailed reports with actionable recommendations. SAST and DAST Integration- Integrate and maintain Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools within CI/CD pipelines. Analyze results and guide development teams on security best practices. Desired Experience: Proven experience in vulnerability management in both SaaS and on-prem environments. Hands-on experience with security testing tools such as OWASP ZAP, Burp Suite, or similar. Familiarity with common vulnerability scanning tools and techniques. Strong understanding of SAST and DAST concepts, tools, and workflows. Knowledge of common security standards and frameworks (e.g., OWASP Top 10, CVSS, NVD). Ability to read, understand, and remediate application code or configurations. Excellent problem-solving and communication skills. We care for our team Mentorship & Growth ESOPs Medical and Life Insurance Paid Maternity & Parental Leave Corporate Uber Program Learning & Development Support Acceldata for All We are a fast-growing company, solving complex data problems at scale. We are driven by strong work ethics, high standards of excellence, and a spirit of collaboration. We promote innovation, commitment, and accountability. Our goal is to cultivate a healthy work environment that fosters a sense of belonging, encourages teamwork, and brings out the best in every individual. Why Acceldata? Acceldata is redefining data observability for enterprise data systems. Founded by experts who recognized the need for innovative monitoring and management solutions in a cloud-first, AI-driven environment, our platform empowers data teams to effectively manage data products. We address common challenges such as scaling and performance issues, cost overruns, and data quality problems by providing operational visibility, proactive alerts, and monitoring reliability across the various environments.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Architecting. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: F5 Load Balancers. Experience: 3-5 Years.

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development - Stay updated on the latest security trends, vulnerabilities, and technology advancements. - Provide training and guidance to the team and other departments on security best practices. Strategy and Planning - Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. - Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: - Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) - Internal/external network penetration, privilege escalation, and lateral movement - Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) - Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels - Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing - Working knowledge of Kali Linux and frameworks like MITRE ATT&CK - Basic understanding of AI/ML securityadversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: - OffensiveBurp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver - ReconnaissanceNmap, Amass, Shodan, OSINT frameworks/tools - Vulnerability ScannersNessus, Qualys, Nexpose Programming/Scripting: - Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills - Excellent written and verbal communication skills - Strong analytical and problem-solving capabilities - Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): - Highly DesirableOSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE - Other ConsideredEWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in performing advanced penetration testing on networks, web & mobile applications, and systems. Having ability to Identify vulnerabilities, exploit weaknesses, and assess the security posture of various assets. Having ability to develop and maintain automated testing tools and scripts. Creating detailed reports outlining findings, risks, and recommended actions. Having Extensive experience in penetration testing, vulnerability assessment, and ethical hacking. Having Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and others. Strong understanding of network protocols, web and mobile applications, and operating systems. Maintaining documentation of testing methodologies, tools, and processes. Knowledge of scripting and programming languages (e.g., Python, Bash). You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 3-4 Years of relevant experience as Penetration Tester. Having Good command over English language (spoken & written) is non-negotiable. Working closely with business partners to understand their needs and translate them into technical requirements. Communicating findings, risks, and remediation strategies to both technical and non-technical stakeholders. Foster strong relationships with business units to ensure security measures align with business goals. Certification Preferred: Entry level certifications like CEH, eJPT, eWPT. Other certifications like eWPTX, OSCP is an advantage. We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at

Role Summary: We are looking for a skilled Software Developer to join our Cybersecurity team, focusing on developing security features and capabilities for Windows environments as part of MRI Scanner Software. The role involves designing and implementing security modules for systems operating across edge devices, cloud platforms, and AI/ML pipelines, ensuring compliance with medical device regulations and robust cybersecurity standards. Key Responsibilities: Design, implement, and maintain security features for MRI scanner software running on Windows and Linux platforms. Develop C#/.NET components (primarily for Windows) and contribute to security modules, ensuring secure design and performance. Collaborate with cybersecurity architects to integrate secure coding principles across Windows components. Implement features for authentication, encryption, secure communication, and system hardening on both platforms. Participate in threat modelling, design reviews, and code reviews with a security focus. Ensure implementations are compliant with regulatory standards (FDA, IEC 62304, ISO 27001, GDPR/HIPAA). Debug and resolve complex software issues related to security on Windows and Linux environments. Work with edge, cloud, and AI/ML teams to integrate security within distributed system architectures. Required Skills & Experience: Bachelor’s or Master’s degree in Computer Science, Information Security, Electronics, or related engineering fields. 3-7 years of software development experience, including: Strong C#/.NET development for Windows. Solid understanding of Windows Security Essentials, including: Authentication & Authorization (Active Directory, Windows Credentials) Windows hardening and privilege management Good Understanding of security concepts such as: User and permission management Secure communication, certificates, and encryption libraries SSH, secure configuration, and OS hardening Knowledge of secure coding practices, OWASP, threat modelling, and vulnerability remediation. Desirable Skills: Exposure to containerization security (Docker, Kubernetes) on Windows/Linux. Familiarity and Desire to work with edge computing, cloud integrations (Azure/AWS), and AI/ML security considerations. Added Advantage Certifications such as Microsoft CertifiedSecurity, Compliance, and Identity Fundamentals, CompTIA Security+, RHCSA/RHCE, or similar. Linux development experience (e.g., using shell scripting, C/C++, or Python for system modules). Soft Skills: Strong problem-solving and analytical abilities. Effective collaboration and communication skills within cross-functional global teams. High attention to detail with a security-first and quality mindset. Why Join Us Contribute to innovative MRI technologies improving patient care worldwide. Be part of a team driving cybersecurity excellence in medical device software. Opportunities to grow across Windows, Linux, edge computing, cloud, and AI/ML security domains.

Role Summary: We are looking for a skilled Software Developer to join our Cybersecurity team, focusing on developing security features and capabilities for Windows environments as part of MRI Scanner Software. The role involves designing and implementing security modules for systems operating across edge devices, cloud platforms, and AI/ML pipelines, ensuring compliance with medical device regulations and robust cybersecurity standards. Key Responsibilities: Design, implement, and maintain security features for MRI scanner software running on Windows and Linux platforms. Develop C#/.NET components (primarily for Windows) and contribute to security modules, ensuring secure design and performance. Collaborate with cybersecurity architects to integrate secure coding principles across Windows components. Implement features for authentication, encryption, secure communication, and system hardening on both platforms. Participate in threat modelling, design reviews, and code reviews with a security focus. Ensure implementations are compliant with regulatory standards (FDA, IEC 62304, ISO 27001, GDPR/HIPAA). Debug and resolve complex software issues related to security on Windows and Linux environments. Work with edge, cloud, and AI/ML teams to integrate security within distributed system architectures. Required Skills & Experience: Bachelor’s or Master’s degree in Computer Science, Information Security, Electronics, or related engineering fields. 8-12 years of software development experience, including: Strong C#/.NET development for Windows. Solid understanding of Windows Security Essentials, including: Authentication & Authorization (Active Directory, Windows Credentials) Windows hardening and privilege management Good Understanding of security concepts such as: User and permission management Secure communication, certificates, and encryption libraries SSH, secure configuration, and OS hardening Knowledge of secure coding practices, OWASP, threat modelling, and vulnerability remediation. Desirable Skills: Exposure to containerization security (Docker, Kubernetes) on Windows/Linux. Familiarity and Desire to work with edge computing, cloud integrations (Azure/AWS), and AI/ML security considerations. Added Advantage Certifications such as Microsoft CertifiedSecurity, Compliance, and Identity Fundamentals, CompTIA Security+, RHCSA/RHCE, or similar. Linux development experience (e.g., using shell scripting, C/C++, or Python for system modules). Soft Skills: Strong problem-solving and analytical abilities. Effective collaboration and communication skills within cross-functional global teams. High attention to detail with a security-first and quality mindset. Why Join Us Contribute to innovative MRI technologies improving patient care worldwide. Be part of a team driving cybersecurity excellence in medical device software. Opportunities to grow across Windows, Linux, edge computing, cloud, and AI/ML security domains.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Metricstream - GRC. Experience:5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Process. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Threat Protection. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: EDR - Cybereason. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SAP Security. Experience: 5-8 Years.

Job Description As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. Provide security guidance and best practices to engineering teams throughout the software development lifecycle. Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. Perform security assessments, including threat modeling and architecture reviews for new features and applications. Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. Deliver secure coding training and resources to engineering teams to foster a security-first culture. Things You Will Need to Be Successful in This Role Typically requires a minimum of 5 years of related experience with a Bachelors degree; or 3 years and a Master’s degree; or a PhD without experience; or equivalent work experience. Proficiency with code scanning tools. Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. Strong analytical skills to interpret scan results and prioritize remediation efforts. Certifications (Preferred): CSSLP or relevant security certifications. Excellent communication and collaboration skills to work effectively with cross-functional teams. A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Zscaler Web Security. Experience: 5-8 Years.

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails