About the job Company Name: Helix Tech INC Job Title : Cyber Security / Networking Technical Expert Company Website: https://helixtechinc.com/ Location: Ahmedabad, Gujarat Shift: US Shift (Night Shift) Working Days: 5 Days working (Monday to Friday) Work From Office Only Requirements: Prepare the Candidates to crack Interviews with fortune 500 companies, help to improve their technical skills and mentor them, also evaluate them to identify areas for improvement. Conduct training and development assessment of candidates for different tools and technologies with real-time projects. Develops training and development programs and objectives. Obtains and /or develops effective training materials utilising a variety of media. Coordinate with candidates to provide the skills and knowledge in different tools and technologies. Create Plans, organise, and facilitate training for candidate development and training sessions. Required Skills: Bachelor’s degree in computer science, software engineering, or a similar field. Advanced knowledge of Cybersecurity technologies 3+ years of work experience in the above-mentioned area Experience in IT Project Management is a plus Knowledge of network technologies (Network, Firewall architecture) and Server operating systems Networking Protocols: TCP/IP, IPv4, VPN, HTTP, DNS, LAN/WAN, OSPF, BGP Security Tools: Nmap, Snort, TCPDUMP, Nessus, Wireshark, Core Impact, OpenVAS, HIDS/HIPS, SIEM, Active Directory, IDS, IPS, DNS, DHCP, Splunk, Burp suite, OWASP, SIM Tools, Vulnerability Scanning Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹18,086.00 - ₹32,727.29 per month Benefits: Internet reimbursement Paid sick time Schedule: Fixed shift Monday to Friday Night shift US shift Supplemental Pay: Overtime pay Performance bonus Quarterly bonus Work Location: In person

Role Overview: This role focuses on integrating security best practices into CI/CD pipelines and production system deployments, ensuring security is embedded throughout the software development lifecycle. As a DevSecOps Engineer, you will work closely with architecture, development, and operations teams to make security a shared responsibility across all stages of software development and deployment. Your primary responsibility will be implementing security best practices, testing, and automation tools into CI/CD pipelines and production environments using industry-standard tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and other security mechanisms. Key Responsibilities : Security Integration into DevOps: Collaborate with development and operations teams to integrate security practices into every stage of the software development lifecycle, from code creation to deployment. CI/CD Pipeline Security: Configure, implement, and manage security tools and automation in CI/CD pipelines to detect vulnerabilities early in the development process. Security Testing: Use SAST and DAST tools to automate security testing for code and applications. Continuously monitor security scans, report findings, and recommend remediation strategies. Automation & Process Improvement: Continuously enhance and automate security processes to deliver secure software efficiently while minimizing manual intervention. Experience Required: 3+ years of experience in DevOps or a similar role focused on integrating security into CI/CD processes. Proven experience implementing and configuring security tools such as SAST, DAST, and other automation tools. Strong hands-on experience with CI/CD tools and languages (e.g., Jenkins, Groovy, Git, Python, Bash) for pipeline automation. Proficiency in cloud-native deployments and management (e.g., Helm, Kustomize), Kubernetes objects, and cluster debugging. Familiarity with Infrastructure as Code (IaC) tools like Terraform and Ansible. Knowledge of CIS benchmark recommendations and system hardening practices. Curious? Apply now :-cognyte.70.75E@applynow.io

? ?Job Description ?Cybersecurity Architect: MRF00741A Keywords 1. Threat Model OR Threat Modeling OR Threat Modeling Frameworks (STRIDE, DREAD, PASTA, VAST, LINDDUN) 2. Security Review OR Security Architecture Review OR Cyber Security Architecture Review 3. Cybersecurity Architecture Design OR Secure by Design 4. Secure Code Reviews OR Secure Coding Standards OR Secure CI/CD (DevSecOps) 5. Cybersecurity Standards and Frameworks - NIST, CIS, OWASP, GDPR, PCI-DSS 6. CIS Controls Implementation Benchmarking Key Role Characteristics: Prepare high quality threat models and apply knowledge of MITRE framework and kill chains. Hands-on practical experience high quality threat models and knowledge of MITRE framework and kill chains Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors. Proficient knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e. g. , public cloud, artificial intelligence, machine learning, mobile, etc. ) Engage with Product, Infrastructure and Engineering teams to build threat models, design secure systems, and secure code reviews at a recurring cadence. Must Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data. Manage to evaluate current and emerging technologies to recommend the best solutions for the future state security architecture. Knowledge of cloud architectures and security controls such as network security, IAM, data protection, PKI and logging and monitoring etc. Understanding of hybrid cloud environments and the complexities of securely deploying applications to the cloud and developing Security baselinesBenchmarking. Develop and maintain re-usable security architecture and design patterns for consumption. Strong understanding of attack vectors and ability to design and articulate security controls. Familiarity demonstrated knowledge and experience in securing cloud technologies such as Azure, AWS, GCP, Kubernetes, Container, and infrastructure as code deployments.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. We are currently seeking an experienced professional to join our team in the role of Lead consultant specialist In this role you will: Hunting for malicious or anomalous activity across the enterprise, using existing tools. Acting in co-ordination with GCO staff to lead the development and implementation of an advanced analysis and search capability focused on identifying potentially sophisticated APT and insider threat activities within the organization. Researching new and existing threat actors and associated tactics, techniques and procedures (TTPs); developing a detailed understanding of their potential impact to the organization, providing recommended solutions for improving our defensive and detective capability. Collaboration with the wider Cybersecurity functions, e. g. , Red Team, to develop hypotheses for new attack techniques and evasion methods. Coordinating threat hunting activities, leveraging intelligence from multiple internal and external sources. Reviewing incident and penetration testing reports and corresponding logs, to identify gaps in our detection capability and provide recommendations to improve them. Providing expert analytic investigative support on large scale and complex security incidents. Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes Training, developing, mentoring, and inspiring colleagues across the function in area(s) of specialism, strengthening Cybersecurity Operations capabilities. Represent HSBC Global Cybersecurity Operations at internal awareness and external cybersecurity forums. Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Requirements To be successful in this role, you should meet the following requirements: Excellent investigative skills, insatiable curiosity, and an innate drive to win. Instinctive and creative, with an ability to think like the enemy. Strong problem-solving and trouble-shooting skills Deep knowledge of hacker culture Developed external peer network for sharing intelligence. Self-motivated and possessing of a high sense of urgency and personal integrity. Excellent understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws. Excellent understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards. Proven experience in identifying and responding to advanced attacker methodologies both within the corporate environment as well as external attack infrastructures, ideally with offensive experience and / or deception environment development (tripwire systems, honeypots, honey-token/accounts, etc. ) using open source, vendor purchased and bespoke/in-house developed solutions. Experience in computer forensics, vulnerability analysis, cyber security analysis, penetration testing and/or network engineering. Highest level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors Expert level knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. Expert Knowledge and technical experience of 3rd Party Cloud Computing platforms such as AWS, Azure and Google

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security Strategy, Risk, Compliance and Resilience – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description Why Gainsight? We are ranked #1 on Glassdoor’s 2023 Best Place to Work List. Here’s why. At Gainsight, our mission is to be living proof you can win in business while being human-first. Our industry-leading platform helps companies of all sizes and industries build durable businesses. Gainsight offers a powerful set of customer success, product, and community engagement solutions that enable businesses to scale efficiently, create alignment, and have a holistic view of their customers—all of which help increase product adoption, prevent churn, and grow renewals and expansions. Our software is used by hundreds of companies, including nearly 200 publicly traded organizations and industry leaders such as GE Digital, SAP Concur, and Box. We have offices in the US, UK, Netherlands, Israel, Japan, and India. Gainsight joined the Vista Equity Partners portfolio in 2020. In 2021, we won their Excellence in Engineering award in recognition of our product and engineering advancements. Gainsight has also been named one of the top 100 private cloud companies in the world by Forbes, one of the fastest-growing private companies in America by Inc. Magazine, and one of 20 Great Workplaces in Tech by Fortune Magazine. With diversity and inclusion at the forefront of our values, we promote a culture that celebrates diversity and inclusiveness regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age. Location : Hyderabad Role Overview As an Associate Information Security Engineer at Gainsight, you will play a crucial role in reinforcing the security of our cutting-edge applications across multiple product lines. This position provides a diverse experience, combining thorough security testing with proactive threat management. You'll collaborate closely with our innovative development teams to seamlessly integrate security into the fabric of our product lifecycle. Your mission will be to ensure the highest standards of security are maintained, utilizing advanced technologies and practices to protect our applications against evolving threats. This role offers a unique opportunity to develop your expertise in product and application security, enabling you to make tangible contributions to the safety and resilience of our software offerings. What You’ll Do Conduct security assessments on web, API and mobile applications to identify vulnerabilities and weaknesses, leveraging both manual and automated testing techniques. Collaborate with cross-functional development teams to embed security best practices throughout the software development lifecycle (SDLC), promoting a security-first culture. Assist in the triaging of security issues arising from bug bounty programs and third-party assessments, ensuring effective communication and resolution. Be responsible for identification of vulnerabilities and threats across the perimeter of the applications. Be part of the automation initiatives both in attack and DevSecOps areas. Align and exceed SLA expectations and commitments in all activities that are part of this role. Participate in threat hunting activities and contribute to the ongoing enhancement of our vulnerability management processes. Utilize basic tools and frameworks, including SAST (Static Application Security Testing) and WAF (Web Application Firewall), to fortify our applications against potential threats. Engage in continuous learning and training, keeping up with security trends, technologies, and industry best practices to advance your skills and knowledge. Leverage AI tools and technologies to enhance the effectiveness and efficiency of security testing and threat detection processes. Qualifications 1-3 years of experience in Vulnerability Management, Pentesting, threat hunting and performing scans on applications and cloud Bachelor's degree in computer science or related field A foundational understanding of application security concepts, including common vulnerabilities and secure coding practices (e.g., OWASP Top Ten). Demonstrated expertise in pentesting web, API and/or mobile applications for top vulnerability classes and hunting holes in applications and mobile. Minimum knowledge of cloud platforms such as AWS and GCP is required. Good To Have Skills Strong analytical and problem-solving skills with attention to detail. Excellent communication abilities and willingness to collaborate with development teams and other stakeholders. Familiarity with programming languages (e.g., Python, Java, or JavaScript) and a desire to learn how to apply coding skills in a security context. Experience with security tools (such as SAST tools or vulnerability scanners) is a plus but not mandatory. A proactive attitude, coupled with a desire to learn and adapt to new technologies and security trends, including AI applications in security testing. Relevant certifications such as CEH, OSCP, or eJPT are considered advantageous. At Gainsight, we value collaboration, innovation, and a proactive approach to security. If you're ready to make a meaningful impact in the world of application security while working in an exciting and fast-paced environment, we can't wait to hear from you! Why You’ll Love It Here Your job shouldn’t stand in the way of your happiness—it should be a path to achieve it. At Gainsight, we’re passionate about achieving our goals—at the office and everywhere—and we work every day to create an environment that nurtures our best selves. Gainsters love working here for several reasons. Here are a few: Our Core Values: We are guided by our values on our mission to be living proof you can win in business while being human-first. Learn more here. Our CEO: With a 99% approval rating on Glassdoor, Nick Mehta is one of the most beloved CEOs in Silicon Valley. Our Growth Opportunities: From mentoring to career development opportunities, we’re passionate about helping our Gainsters learn, grow and thrive. Our Teammate Resource Groups: A huge source of pride for Gainsight, these groups are on a mission to put our values into action and make Gainsight a great place to work for all. Our Wellness Priorities: Quarterly Recharge Days that re-energize us. Our Parody Videos: No explanation needed. Just watch them here! Job Description Summary By joining the Gainsight team, you’ll have a unique opportunity to make your mark at a truly human-first company and have loads of fun doing it. Come join us! Show more Show less

Job description Role- DevOps Lead Experience- 8-12 years Location: Pan India(Hybrid) Act under guidance of DevOps; leading more than 1 Agile team. Outcomes: Interprets the DevOps Tool/feature/component design to develop/support the same in accordance with specifications Adapts existing DevOps solutions and creates relevant DevOps solutions for new contexts Codes debugs tests and documents and communicates DevOps development stages/status of DevOps develop/support issues Selects appropriate technical options for development such as reusing improving or reconfiguration of existing components Optimises efficiency cost and quality of DevOps process tools and technology development Validates results with user representatives; integrates and commissions the overall solution Helps Engineers troubleshoot issues that are novel/complex and are not covered by SOPs Design install and troubleshoot CI/CD pipelines and software Able to automate infrastructure provisioning on cloud/in-premises with the guidance of architects Provides guidance to DevOps Engineers so that they can support existing components Good understanding of Agile methodologies and is able to work with diverse teams Knowledge of more than 1 DevOps toolstack (AWS Azure GCP opensource) Measures of Outcomes: Quality of Deliverables Error rate/completion rate at various stages of SDLC/PDLC # of components/reused # of domain/technology certification/ product certification obtained SLA/KPI for onboarding projects or applications Stakeholder Management Percentage achievement of specification/completeness/on-time delivery Outputs Expected: Automated components : Deliver components that automates parts to install components/configure of software/tools in on premises and on cloud Deliver components that automates parts of the build/deploy for applications Configured components: Configure tools and automation framework into the overall DevOps design Scripts: Develop/Support scripts (like Powershell/Shell/Python scripts) that automate installation/configuration/build/deployment tasks Training/SOPs : Create Training plans/SOPs to help DevOps Engineers with DevOps activities and to in onboarding users Measure Process Efficiency/Effectiveness: Deployment frequency innovation and technology changes. Operations: Change lead time/volume Failed deployments Defect volume and escape rate Meantime to detection and recovery Skill Examples: Experience in design installation and configuration to to troubleshoot CI/CD pipelines and software using Jenkins/Bamboo/Ansible/Puppet /Chef/PowerShell /Docker/Kubernetes Experience in Integrating with code quality/test analysis tools like Sonarqube/Cobertura/Clover Experience in Integrating build/deploy pipelines with test automation tools like Selenium/Junit/NUnit Experience in Scripting skills (Python Linux/Shell Perl Groovy PowerShell) Experience in Infrastructure automation skill (ansible/puppet/Chef/Poweshell) Experience in repository Management/Migration Automation – GIT BitBucket GitHub Clearcase Experience in build automation scripts – Maven Ant Experience in Artefact repository management – Nexus/Artifactory Experience in Dashboard Management & Automation- ELK/Splunk Experience in configuration of cloud infrastructure (AWS Azure Google) Experience in Migration of applications from on-premises to cloud infrastructures Experience in Working on Azure DevOps ARM (Azure Resource Manager) & DSC (Desired State Configuration) & Strong debugging skill in C# C Sharp and Dotnet Setting and Managing Jira projects and Git/Bitbucket repositories Skilled in containerization tools like Docker & Kubernetes Knowledge Examples: Knowledge of Installation/Config/Build/Deploy processes and tools Knowledge of IAAS - Cloud providers (AWS Azure Google etc.) and their tool sets Knowledge of the application development lifecycle Knowledge of Quality Assurance processes Knowledge of Quality Automation processes and tools Knowledge of multiple tool stacks not just one Knowledge of Build and release Branching/Merging Knowledge about containerization Knowledge of Agile methodologies Knowledge of software security compliance (GDPR/OWASP) and tools (Blackduck/ veracode/ checkmarxs) Additional Comments: 8 to 12 years of experience candidate who has strong knowledge on below skills: • Terraform • Using terraform Modules • Deploying AWS Infrastructure (Setting up IAC), especially following services • EKS, ECS, AWS API Gateway, ALB, NLB, Route 53, s3 etc • Experience around Build and Deploy setting up CICD Pipelines • Artifactory • Branching strategy • Harness (Optional) Skills Iac,Jenkins,Aws Cloud Mandatory Skills - DevOps, AWS, IAC, Terraform, Kubernetes, Jenkins, CI/CD, Docker. Technical Lead having experience in leading and Hands-on experience of AWS cloud and DevOps. Develop and manage the project, communication. Strong problem-solving skills and the ability to think critically under pressure. Excellent communication and collaboration skills, with the ability to work effectively across teams. Ability to mentor and coach junior team members, fostering growth and continuous learning. Detail-oriented with a strong sense of ownership and accountability Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security Strategy, Risk, Compliance and Resilience – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (Strategy, Risk, Compliance and Resilience) – Technology Consulting – Senior As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. The opportunity We’re looking for Senior Security Consultant with expertise in cyber / information security, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Engage in Cyber Strategy & Governance, Cyber Risk & Compliance, Cyber Resilience, Cyber Transformation and Co-Sourcing, Application & Network Security engagements Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress. Execute the engagement requirements, along with review of work by junior team members. Help prepare reports and schedules that will be delivered to clients and other parties. Develop and maintain productive working relationships with client personnel. Build strong internal relationships within EY Consulting Services and with other services across the organization Contribute to people related initiatives including recruiting and retaining Cyber Transformation professionals Maintain an educational program to continually develop personal skills of staff Understand and follow workplace policies and procedures Building a quality culture at GDS Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members Manage the performance management for the direct reportees, as per the organization policies. Foster teamwork and lead by example; training and mentoring of project resources Participating in the organization-wide people initiatives Skills And Attributes For Success Hands-on experience of more than 5 years with key components of cybersecurity including (but not limited to): Vendor/3rd Party Risk Management & Assessment Cyber Strategy & Governance, Cyber Transformation, Cyber Dashboarding Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53 Business Continuity & Disaster Recovery Must have experience in working in client facing roles, interacting with the third parties, assessing different kinds of environments (IT and non-IT) and ability to apply cyber security concepts in all these sectors. Experienced in creation and review of security policy/procedures, and in performing risk assessments. Good to have experience in assessing ITGC requirements across various industries including both Cybersecurity and resilience requirements. Should have a good understanding of VAPT process, common application security vulnerabilities, exploitation techniques and remediation measures. Basic understanding of Network Security and network architecture diagram reviews, access and perimeter control, vulnerability management and intrusion detection, firewall rule-based reviews. Good understanding of logging and monitoring tools (SIEM). Knowledge in any one of the SIEM tools is a plus. To qualify for the role, you must have: BE - B. Tech / MCA / M. Tech/ MBA with background in computer science and programming. More than 5 Years of relevant experience. Strong Excel and PowerPoint skills. Should be proficient in leading medium to large engagements and coach junior staff. Ideally, you’ll also have CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer. Project management skills. What We Look For A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

What will you be responsible for? • Planning, developing, and implementing custom applications while providing application support and managing projects. • Collaborating across various platforms, frameworks, and front-end technologies. • Developing applications and websites, integrating code with additional systems, and resolving code errors. • Researching and evaluating new technologies and solutions to enhance application performance and functionality. Who are we looking for? 4 - 6 years experience with: • Over 4 years of web development experience, including 4+ years of expert proficiency in Drupal services such as working with core services, extending or overriding services, creating new services, and managing services at the codebase level. • Design, develop, test, and deliver technology solutions by translating requirements into functional, user-friendly websites for internal and external customers. • Understand and adhere to the Software Development Life Cycle (SDLC), ensuring timely completion and production readiness of all projects. • Create and deliver design specifications and test plans for development projects. • Analyze, troubleshoot, debug, and resolve website and system issues efficiently. • Participate actively in team meetings, coaching sessions, and problem-solving discussions, contributing to peer code reviews. • Interact effectively with business stakeholders to gather requirements and ensure alignment with business needs. • Enforce and contribute to best practices that improve efficiency and reduce technical debt across our websites and systems. • Establish and follow technical standards for application development, providing proper documentation. • Demonstrate a strong understanding of security principles as they relate to web applications. • Provide coaching, mentoring, and training to less experienced team members. • Collaborate with various internal departments and external organizations, including vendors, to implement and integrate applications while resolving production issues. • Exhibit advanced functional knowledge of assigned applications and take on administration and support responsibilities. • Complete tasks proactively, seeking high-quality outcomes, and promptly responding to assignments and deadlines. • Prepare and provide status and progress reports for all assigned work activities. Technical Requirements: • 4+ years of experience in Web Development. • 4+ years of experience with Drupal, including: • Proficiency with Drupal services: o Working with core services o Extending and overriding services o Creating new services o Managing and adding services at the codebase level • Proficiency in Drupal configuration management and entity management: o Configuration updates o Database updates o Managing configurations for multiple environments • Proficiency with Drupal modules : o Creating new modules o Understanding Drupal hooks and hook hierarchy o Theming through custom modules o Creating and adding libraries • Understanding of Drupal theming: o Knowledge of theme namespacing o Proficiency in code-based theming concepts (e.g., preprocess hooks) • Composer project management expertise: o Understanding how the lockfile and versioning work (important for security scans) o Ability to find, create, and apply patches to core and contributed modules o Proficiency in HTML, CSS, and JavaScript. o Strong PHP skills, including object-oriented programming. o Experience working with APIs.

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Manage SaaS application configuration settings, integrations Build compliance requirements and SaaS Application security baselines. Perform continuous monitoring of applications identifying security vulnerabilities and address through remediation efforts Preferred technical and professional experience Validate and maintain incident response plans and processes to address potential threats Determine risks and remediation options with implemented SaaS applications Evaluate new applications to ensure implementation can meet security baselines

Job Track Description Requires formal education and relevant expertise in a professional, sales, or technical area. Performs technical-based activities. Contributes to and manages projects. Uses deductive reasoning to solve problems and make recommendations. Interfaces with and influences key stakeholders. Leverages previous knowledge and expertise to achieve results. Ability to complete work self-guided. College or university degree required. General Profile Requires knowledge and experience in field. Uses best practices and knowledge of business to improve products or services. Solves complex problems and takes a new perspective on existing procedures. Self-starter, requiring minimal guidance. Acts as a resource for colleagues with less experience. Functional Knowledge Requires conceptual expertise of theories, practices, and procedures. Business Expertise Has knowledge of best practices and team integration. Aware of the competition and what differentiates them. Impact Impacts a range of customer, operational, project or service activities. Works within broad guidelines and policies. Leadership Acts as a resource for colleagues with less experience. May guide small projects with manageable risks and resource requirements. Problem Solving Solves complex problems. Takes a new perspective on existing solutions. Exercises judgment based on the review of multiple information sources. reviewing many sources of information. Skills Clearly articulates difficult or sensitive information. Works to build consensus within a team. Responsibility Statements Supports the development of strategies for new client offerings. Ensures the effective use and application of resources. Assesses customer requirements and assists with the development of solutions. Reviews service and operating procedures to ensure compliance with industry standards and regulations. Works closely with the solutions team and sales, practice, and delivery leaders to develop the solution strategy and approach. Developing proficiency in market trends, best practices, and innovation. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has advanced, specialized expertise within a range of analytical or operational processes. Completes assignments and facilitates the work of others. May coordinate assignments beyond work area. Proposes improvements to processes and methods. Acts as a lead, coordinating the work of others, but is not a supervisor. Works autonomously within established procedures. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Acts as a technical expert in some areas. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided. Suggests enhancements to work procedures and practices to improve efficiency. Leadership Serves as a team lead. May allocate work to team members. Provides subject matter guidance to junior team members. Problem Solving Provides solutions to atypical problems with little or no precedent. Interpersonal Skills Exchanges information and ideas effectively. Uses tact and diplomacy when dealing with others. Responsibility Statements Supports emergency procurement processes as needed by the client. Monitors open requisitions, expedite, and closeout before turnaround. Works with stakeholders to ensure proper recommendation and documentation is received for the procurement process. Assists Team Leaders in extracting data for dashboard on process and reconciliation metrics. Provides supporting records and documentation to assist with audits. Ensures that adequate and updated process documentation and desktop procedures exist and are utilized. Contributes towards quality efforts and guides the quality verifiers team. Participates in first-level tasks and quality check tasks. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomo us Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,638,100 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

This Profile includes below roles and responsibilities: - Perform Application Security Testing - Perform Network Penetration Testing - Perform Vulnerability Assessment of Servers - Verify Scan results through manual testing - Co-ordinate with the clients for Project related queries - Undertake meeting with the client teams for discussing security issues and recommendations - Create detailed security reports - Keep track of project progress & send regular updates - Research on security tools - Create Security Knowledge base for the team - Participate in quality initiatives. Qualification: BE/Bsc IT/MTech/ME Experience- 2-3years Location: Pune-On Site Required Knowledge Areas: Web Application Security – OWASP Top 10 Mobile Application Security – Mobile OWASP Top 10 NMAP/Port Scanning Vulnerability Scanning & Verification Web Traffic Interception (For Web/Mobile apps) SSL Security Tools Experience: Working knowledge of following tools is needed: Web Proxy Editors Network Sniffers Nessus Scanner Reverse Engineering Tools Mobile Application security tools – Either Android/IOS Any one Web Application Security Scanner Certification Requirement: The candidate must possess any one of the following certifications: CEH/ ECSA/ OSCP Other Skills: The candidate should be good in: Documentation Communication Skills Interested candidate can share their resume on hr@synradar.com Immediate joiners are preferred Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Requirements Should have at least 5 years of professional experience in application security or a related field. Proven expertise in web and mobile security architecture, frameworks, and testing methodologies (e.g., OWASP Top 10). Extensive hands-on experience with implementing and scaling DevSecOps practices across CI/CD pipelines. Proficient in at least one programming and one scripting language, with the ability to review and guide secure coding practices. Experience working with bug bounty programs or vulnerability disclosure platforms is a strong plus. Ability to lead security reviews, influence engineering teams, and mentor junior security professionals is highly valued.

Job Description WHAT YOU’LL DO We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organization's systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements. Who You’ll Work With Attack Surface Reduction team helps and contribute to improve the security posture of H&M by operating within an Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&M's systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents. Key Responsibilities: Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on H&M's systems, networks, and applications. Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner. Experience in designing, implementing, and managing vulnerability management processes and workflows. Facilitate and manage penetration testing engagements with third-party vendors. Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface. Develop and maintain security policies and procedures for our organization's systems, applications, and networks. Monitor our organization's systems, applications, and networks for unauthorized access, suspicious activity, and other security threats. Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques. Who You Are We are looking for people with… Bachelor's degree in computer science, information security, or a related field. 6-10 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.). Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Excellent analytical, problem-solving, and communication skills. Relevant certifications, such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus. WHY YOU’LL LOVE WORKING HERE At H&M, we are proud to be a vibrant and welcoming company. We offer our employees attractive benefits with extensive development opportunities around the globe. We offer all our employees at H&M attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program – HIP. You can read more about our H&M Incentive Program here. In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment types and countries. JOIN US Our uniqueness comes from a combination of many things – our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it’s our people who make us who we are. Take the next step in your career together with us. The journey starts here. We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application. Additional Information This is a full-time position, starting in June 2025 . Apply by sending in your CV in English as soon as possible, but no later than the 30th of May 2025 . Due to data policies, we only accept applications through the SmartRecruiters or career page Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Join our high-performing Cybersecurity team as a Cybersecurity Incident Response Analyst / SOC Specialist and take on a critical role in defending our enterprise from sophisticated and evolving cyber threats. This is an exciting opportunity for experienced professionals with 5+ years of hands-on experience in Security Operations Center (SOC) environments, incident response, and threat detection to make a meaningful impact in a fast-paced and highly secure infrastructure. You will be working alongside skilled cybersecurity experts, using advanced tools and frameworks to safeguard our global operations and ensure business continuity. Key Responsibilities:- Monitor, analyze, and respond to security events using SIEM tools including Blusapphire, IBM QRadar, Securonix, and Splunk . Perform Tier 1 & Tier 2 SOC operations , including event triage, threat detection, and initial incident response. Integrate and administer SIEM platforms and develop effective use-cases, alerts, dashboards , and reports. Conduct in-depth forensic analysis and investigations using tools like EnCase, FTK, Sleuthkit, and SANS SIFT . Collaborate with global teams to ensure timely and effective incident detection, response, and resolution. Support crisis response and participate in scenario planning and deception environment development (e.g., honeypots, honeytokens). Analyze advanced attacker TTPs and contribute to the improvement of defensive controls and strategies. Maintain documentation, reporting, and communication in a clear, concise, and actionable format. Mandatory Technical Skills:- SIEM Expertise: Blusapphire, IBM QRadar, Securonix, Splunk SIEM Administration and SOC Integration SOC L1/L2 Monitoring and SOC Operations Knowledge of IDS/IPS, malware analysis, firewalls, proxies Strong grasp of network protocols (TCP, UDP, DNS, DHCP, etc.) Familiarity with Windows/Linux infrastructure , cloud platforms (AWS, Azure, GCP) Incident response and investigation tooling (e.g., Kali Linux, IDA Pro) Scripting or programming skills (Python, Bash, etc.) preferred Qualifications & Industry Experience:- 5+ years of experience in cyber incident response and/or digital forensics Experience in large enterprise or regulated sectors (e.g., finance) Industry certifications preferred: CEH, GCIH, GCIA, GCFA, GNFA, SANS, EnCE, CRISC Deep understanding of security frameworks: OWASP, ISO27001, NIST, PCI DSS, CIS Strong communication skills – able to explain complex issues clearly across technical and business audiences Self-driven, ethical, with a high sense of urgency and decision-making ability Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Title: Ethical Hacker (Cyber security Specialist) Location: Delhi Job Type: Full time Experience Level: Senior-Level Industry: Information Technology / Cyber security Department: IT / Security About the Role: We are seeking a highly skilled and ethical cyber security professional to join our team as an Ethical Hacker . This role is critical in protecting our organization’s digital infrastructure by identifying vulnerabilities, simulating cyber-attacks, and ensuring we stay one step ahead of malicious threats. If you’re passionate about cyber security, proactive defense, and enjoy solving complex challenges, we want to hear from you. Key Responsibilities: Perform penetration testing on network, web applications, and other systems. Identify, document, and report security vulnerabilities with detailed analysis. Simulate attacks to test the resilience of infrastructure and applications. Collaborate with the IT and development teams to implement security improvements. Stay updated on the latest cyber threats, trends, and technologies. Conduct vulnerability assessments and provide actionable remediation guidance. Maintain confidentiality, integrity, and ethical standards in all assessments. Required Qualifications: Proven experience as an Ethical Hacker, Penetration Tester, or similar role. Strong understanding of network protocols, firewalls, IDS/IPS systems, and operating systems. Familiarity with tools like Metasploit, Burp Suite, Nmap, Nessus, Wire shark, etc. Knowledge of OWASP Top 10 and secure coding practices. Certifications such as CEH (Certified Ethical Hacker), OSCP, or similar are highly desirable. Bachelor’s degree in Computer Science, Information Security, or a related field (preferred). Preferred Skills: Scripting and programming knowledge (Python, Bash, PowerShell, etc.). Cloud security experience (AWS, Azure, Google Cloud). Incident response and forensic analysis skills. Ability to communicate technical information to non-technical stakeholders. Job Types: Full-time, Permanent Pay: Up to ₹50,000.00 per month Schedule: Day shift Morning shift Night shift Rotational shift Work Location: In person

About Smart Working At Smart Working, we believe your job should not only look right on paper but also feel right every day. This isn’t just another remote role — it’s belonging remotely, and that’s a big difference. From day one, you're part of a genuine community where you’re supported and valued. We’re proud to be one of the highest-rated companies on Glassdoor India. With one vision in mind — “Geographical limitations should not dictate access to talent” — Smart Working helps great people build long-term, full-time remote careers with exceptional UK teams. We’ve created a culture where you're backed from day one and given the space to grow — personally and professionally. About the Role We’re hiring a Senior PHP/Symfony Developer for a company specializing in mission-critical aviation systems and advanced fuel management solutions. In this role, you will focus on developing and maintaining backend systems using PHP, Symfony, and PHPUnit, ensuring optimal performance across digital platforms. You will work on implementing robust, secure backend architectures that align with business requirements while maintaining reliability, maintainability, and code quality within an Agile environment. This is a permanent, full-time, remote role —perfect for a technically driven developer who thrives in a hands-on environment, building mission-critical backend systems that support global aviation operations. What You’ll Be Doing Build & Run Our Products— Collaborate across teams to align business, technical, and testing goals Estimate and plan tasks collaboratively to ensure delivery confidence Review specs, design solutions, and deliver high-impact features Monitor, deploy, and troubleshoot features in staging and production Own incidents during on-call rotations, ensuring rapid resolution Ensure High Quality & Continuously Improve— Uphold and enforce coding and testing standards Break down complex work into manageable tasks for better delivery Conduct code reviews, ensure test coverage, and maintain strong documentation Stay up to date on tools, libraries, and secure coding practices (OWASP) Provide Technical Excellence & Leadership— Break down epics, design scalable APIs and systems Mentor peers on TDD, BDD, DDD, and best practices Identify risks, drive automation, and recommend process improvements Champion clean, modular, and maintainable architecture Must-Have Skills PHP (5+ years) Symfony (at least 1 year of experience with one hands-on project) PHPUnit (for testing) (1.5+ years) Nice-to-Have Skills MongoDB (2+ years ) Docker Kubernetes JavaScript JQuery React API NodeJS Typescript What Sets You Apart Backend Expertise in PHP, Symfony, and PHPUnit, delivering scalable, high-quality solutions Efficient Problem-Solving, breaking down complexity for timely, reliable delivery Proactive Mindset, driving improvements through thoughtful, hands-on solutions Team Player & Mentor, sharing knowledge and upholding best practices Operational Readiness, responding swiftly during on-call rotations Quality-Focused, with clean code, thorough reviews, and strong documentation Adaptable & Growth-Oriented, staying current with tools and driving innovation Why Smart Workers Love It Here Fixed Shifts — 12:00 PM – 9:30 PM IST (Summer) | 1:00 PM – 10:30 PM IST (Winter) No Weekend Work — Real work-life balance, not just words Day 1 Benefits — Laptop and full medical insurance provided Support That Matters — Mentorship, community, and forums where ideas are shared True Belonging — A long-term home where your contributions are valued At Smart Working, you’ll never be just another remote hire. Be a Smart Worker — valued, empowered, and part of a culture that celebrates integrity, excellence, and ambition. If you’re ready to make a meaningful impact in aviation technology while working with a team that values excellence and integrity, we’d love to hear from you. 🧡 Show more Show less