1691 Owasp Jobs - Page 50

The Sr. QA Analyst will provide deep level analysis for client investigations utilizing customer provided data sources, audit, and monitoring tools at both the government and enterprise level. The Sr. Threat Analyst will work closely with our Technology Engineers, Architects, and Threat Analysts to service customers. How You’ll Make An Impact High level professional writing experience regarding documenting and reporting on potential security incidents identified in customer environments to include timeline of events. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and train clients regarding mitigation of identified threats. Provide ongoing recommendations to peers and customers on tuning and best practices. Actively research current threats and attack vectors being exploited in the wild Actively work with analysts and perform investigations on escalations. Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach. Provide gap analysis for clients to better their security posture. Maintain and develop SOPs for threat analyst team. Develop and maintain Playbooks and runbooks. Work with internal teams to increase efficiency and effectiveness of security analysis provided by the threat analysis team. Training of new analysts on security and tools Create and maintain Content Catalog based on security essentials and the evolving threat landscape. Provide quality assurance (QA) review of security alerts handled by Team members. Conduct regular security audits to ensure compliance with industry standards and regulations. Evaluate security controls, policies, and procedures. Identify vulnerabilities and enhance remediation actions. What We’re Looking For Five years of full-time professional experience in the Information Security field Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation. Excellent time management, reporting, and communication skills including customer interactions and executive presentations. Data analysis using SIEM, Database tools, and Excel. Experience troubleshooting security devices and SIEM. Ability to create and maintain content within SIEM environments and make recommendations to clients to better their visibility. IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, McAfee/Nitro, ArcSight, Splunk) a plus. Experience with audit tools, MS office, Power BI Knowledge of security information and event management (SIEM) systems. Understanding of cloud security and virtualization. Direct (E.g., SQL Injection) versus indirect (E.g., cross-site scripting) attacks Experience with the following attacks: Web Based Attacks and the OWASP Top 10, Network Based DoS, Brute force, HTTP Based DoS, Denial of Service, Network Based / System Based Attacks. Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including Active Directory, Windows security architecture and terminology, Privilege escalation techniques, Common mitigation controls and system hardening. Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos, or Trend Micro Ability to identify common false positives and make suggestions on tuning. Understanding of root causes of malware and proactive mitigation Propagation of malware in enterprise environments Familiarity with web-based exploit kits and the methods employed by web-based exploit kits. Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware.” Experience and understanding of malware protection tools (FireEye) and controls in an enterprise environment. Covert channels, egress, and data exfiltration techniques Familiarity with vulnerability scoring systems such as CVSS. Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks This team provides 24/7 support. This role requires shift flexibility, including the ability to rotate between days, mids, and nights. What You Can Expect From Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups. Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time. Show more Show less

Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision. Job Description Your Career Prisma Access™ combines the Internet connectivity/security you need - and delivers it everywhere you need it. Using cutting-edge public and private cloud technologies, it extends the next-generation security protection to all cloud services and to its customers regardless of whether they are on-premise, on remote networks or mobile users. We are seeking an experienced Software Engineer to design, develop and deliver next-generation technologies within our Prisma Access team. We want passionate engineers who love to code and build great products. Engineers who bring new ideas in all facets of software development. We are looking for leaders who take ownership of their areas of focus and who are driven to solve problems at every level. Collaboration and teamwork are at the foundation of our culture and we need engineers who can communicate at a high level and work well with others towards achieving a common goal. Your Impact ​Design and implement new features and integrations for virtualization features across diverse cloud environments and deployments.E ngage in all phases of the product development cycle from concept definition, design, through implementation, and testing.D evelop comprehensive functional specifications, evaluate task requirements and timelines, and contribute to design, development, debugging, and support processes.H ands-on experience with virtualization technologies, various hypervisors, system software, and networking.C ustomer First Mindset is required and a very good team player. Be a cultural champion and role model for others showcasing the org valuesW ork with different development and quality assurance groups to achieve the best qualityW ork with DevOps and technical support teams to troubleshoot and fix customer reported issuesQ ualificationsY our ExperienceB achelors/Masters in Computer Science or a related field required1 2+ years of experience in Software Development.P roficiency in one or more programming languages including Go, C, C++, Python.A strong grasp of various Layer 7 protocols including TCP/IP stack and SSL/TLS.K nowledge of protocols like OAuth, SAML, and basic authentication methods.A good understanding of the Geneve encapsulation protocol (RFC 8926), its header format, and its purpose in network virtualization.F amiliarity with concepts like overlay networks, virtual extensible LANs (VXLAN), Network Virtualization using Generic Routing Encapsulation (NVGRE) is a plus.U nderstanding how encapsulation and tunneling work in general.S kill in diagnosing application-level network issues using tools like tcpdump, Wireshark, and application-specific debugging tools is a plus.A wareness of application-layer vulnerabilities (e.g., OWASP Top 10) and best practices for secure development.S trong knowledge in network security fields like stateful firewall, packet processing, and network ACL.S olid understanding of operating system networking concepts (e.g., network interfaces, routing tables).E xperience with socket programming and network libraries.E xperience with virtualization platforms (e.g., VMware, OpenStack, Kubernetes) is a plus.E xperience with deployment on cloud environments (OCI/AWS/GCP)F amiliarity with cloud service architectures, including compute and networking.E xperiencing building highly available, scalable, and performant systemsS trong grasp on microservices and designing complex products via distributed systemsE xperience in mentoring and guiding junior team members in high performing teams.P rior experience in the Cyber Security domain is preferred.A dditional InformationT he Team As part of the browser technologies team, you will be responsible for building products that protect data, workloads, and infrastructure for some of the largest enterprise customers in the world. We help the customers in their transitional journey to the cloud by ensuring they have the best in class protection. The cloud market has been growing at a rapid rate for the last few years. As more and more enterprises use the public cloud, there is an insatiable demand for securing workloads in the public cloud.O ur Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.W e are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.P alo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.A ll your information will be kept confidential according to EEO guidelines. I s role eligible for Immigration Sponsorship? No. P lease note that we will not sponsor applicants for work visas for this position. C ovid-19 Vaccination Information for Palo Alto Networks JobsV accine requirements and disclosure obligations vary by country.Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if:The job requires accessing a company worksiteThe job requires in-person customer contact and the customer has implemented such requirementsYou choose to access a Palo Alto Networks worksiteIf you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter. Show more Show less

What You'll Do You will build a security management system for our customers using current technologies. Technologies like AngularJS, JavaScript, HTML 5, Protractor, Jasmine, Gulp, npm, Webpack, Node, CSS pre-processors LESS/SAAS & python are what we use to build the software. You can be the one making and/or contributing to technology choices as well. You will be working with your team to deliver innovative security software solutions for our Customers & you’d actively learn. You will be part of a strong collaborative Agile/Scrum team. Individuality in a team environment reflects the culture you will need to support. Helping our customers protect what's important from cyber threats. Challenged in working to tackle some tough engineering problems using some of the latest tools, technologies, and approaches. You will look to apply lean start-up principles to validate the growth and value potential in all that we do. Who You'll Work With You will work on strong multi-functional teams that own their outcomes. We believe in building strong teams and look for people that feel the same. You and your teammates believe in healthy discussions about ideas and how to deliver quality solutions to our customers. You will be part of a small team that engages in unfiltered conflict around ideas. You will be part of an established but fast-growing organization that continues to thrive in the security industry. You will follow our solutions with your team to our customers and will work with the people and departments on the way to ensure success. You and your team will hold one another accountable for delivery. We are not satisfied until the customer's problem is solved. The team will focus on the achievement of collective results. The team is willing to experiment and adapt. Who You Are A disciplined, practitioner of sound software engineering practices. Your passion is crafting delightful user experiences, specializing in the front-end. You enjoy taking designs and breathing life into them. You enjoy working with your colleagues in connecting the front-end to RESTful services on the back-end. You love writing tests and any other automation hacks to improve efficiency and quality. You possess excellent verbal communication skills and are willing to pitch in and help the team to succeed. You have good technical and analytical skills. JavaScript. AngularJS, HTML5, CSS, consuming RESTful services. You enjoy staying on top of fast-moving trends in web development. You have solid understanding of ssh, tcp/ip, smtp, http or strong desire to learn it. You possess an inner level of confidence that allows you to lead some days and follow others based on what is needed for the desired outcomes. You are an active learner on a journey to tackle problems for our customers. You collaborate with other engineers and people in the organization to improve our solution delivery. You believe in Lean/Agile principles and actively work to incorporate them in the organization. You have multiple skills in your toolbox and have the ability to pick the right tool for the right job. You care about your craft and strive towards producing high-quality code. At least 1-3 years of professional development experience Significant cross-browser experience with web development, JavaScript, frameworks A solid understanding of core JavaScript Familiarity with accessibility, and internationalization/localization, security (e.g. OWASP) concerns An understanding of application performance tuning and resource usage Knowledge of ssh, tcp/ip, smtp preferred Hands-on on python is a phenomenal plus Why Cisco #WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all. We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box! But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.) Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take the difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward. So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world-changing? Be you, with us! Show more Show less

 Work closely with the IT and project teams in getting a thorough understanding on the requirement, review from the security standpoint and recommend relevant solutions.  Responsible for effective coordination and prompt & proactive communication with the relevant teams involved in the requirements.  Leads the design and development of security architectures for different types of cloud and cloud/hybrid systems.  Knowledge of industry recognized Enterprise Architecture principles and frameworks such as ToGAF, COBIT, etc.  Knowledge of various cloud environments, cloud security stack and cloud deployment models.  Evaluate the security offerings related to cloud security and recommend appropriate controls.  Knowledge on different CSP platforms like AWS, Azure, GCP and other related cloud services/provider.  Understanding of security solutions in cloud environments across various security domains like Identity & Access Management, Security Monitoring, data protection (encryption, tokenization).  Knowledge on Networks: LAN, WAN, SDN, NFV, Network Capacity Planning, Routing, Proxy Servers, wired and wireless Infrastructure, Network Infrastructure Services (DNS, DHCP, CA, Directory Services), Load Balancing, VPN technologies, SSL certificates and Firewalls.  Knowledge on BYOD concepts, including EMM, MAM and MDM related solutions and polices.  Preferred to have Cyber Security certifications such as SANS, OWASP, CCSK (Cloud Security Alliance), CISSP or any other standard institutes or certification bodies.  Network Certifications such as CCNA/CCNP. Show more Show less

About The Team/Role At WEX, we simplify the business of running a business. Our WEX Health & Benefits solutions reduce complexity and help manage costs of benefits administration for our clients and partners. We are looking for passionate technologists, collaborators, and problem solvers to join our Health & Benefits Technology team as we build the next generation of employer benefits solutions and services. As a Software Engineering Director on the WEX Health & Benefits Technology team, you will lead a team that partners closely with Product Managers and customers to learn about the challenges employers face while navigating the competitive employee benefits landscape. You will become a domain expert, designing solutions that solve problems in ways our customers love and work for our business. You will lead teams who build the highest quality software in the latest technologies and test driven development practices. How you’ll make an impact Lead, mentor, and manage your team through the successful delivery of valuable customer software. Stay current with emerging technologies and industry trends to drive innovation and strengthen TDD and BDD processes. Collaborate closely with Product Management by providing technical guidance on software design. Guide your team on best practices, coding standards, and design principles. Conduct performance reviews, set goals, and support professional development for team members. Measure, inspect, and drive decisions using data. Design, test, code, and instrument new solutions. Support live applications, promote proactive monitoring, rapid incident response and troubleshooting, and continuous improvement. Analyze existing systems and processes to identify bottlenecks and opportunities for improvements. Understand how your domain fits into and contributes to the overall company and drive any needed changes to increase productivity. Partner with cross functional teams to influence priority, expectations, and timelines within your domain. Lead the engineering teams in fully automating continuous code integration and code deployment process on Azure. Long term Focus on instrumentation and team efficiency and performance measurables. Drive the long term vision and the strategy to achieve the vision for the technology organization. Interact and communicate effectively with peer groups, non-technical organizations, and middle management. Drive collaboration across technology teams to foster innovation and follow guidelines around re-usability of frameworks and governance of architecture patterns. Partner with the 3rd party vendors and service providers to ensure best in class service model. Drive innovation in the organization with transformative technologies like Generative AI and use of Agentic AI frameworks like Autogen or Langchain. Drive the design and architecture of the systems and applications to be always available, performant and highly secure. Experience you’ll bring Bachelor's degree in Computer Science, Software Engineering, or related field; OR demonstrable equivalent experience. At least 12 years of experience in software engineering. At least 7 years of management or supervisory experience. Excellent leadership ability to motivate teams and drive results. Strategic thinking that aligns with business objectives and drives innovation. Strong problem-solving skills, excellent communication and collaboration skills. Passionate about keeping up with modern technologies and design. Strong understanding of software security principles and OWASP guidelines. Technology Must-Haves C#, Python (if applicable) Docker Modern RDBMS (i.e. MS SQL, Postgres, MySQL) ASP.NET RESTful API design Kafka / event-driven design Modern Web UI Frameworks and Libraries (i.e. Angular, React) Kubernetes NoSQL databases Designing and developing Cloud-Native applications and services Generative AI and Agentic AI models and frameworks Helm/ArgoCD Terraform GitHub Actions GraphQL Show more Show less

About The Team/Role As a Software Engineer on the WEX Benefits Technology team, you will work in a team that partners closely with Product Managers and customers to learn about the challenges employers face while navigating the competitive employee benefits landscape. You will design solutions that solve problems in ways our customers love and work for our business. You will build the highest quality software in the latest technologies and test driven development practices. How You’ll Make An Impact Support applications both during and outside business hours. Resolve issues and Service Requests quickly and efficiently. Support production deployments, which occur on evenings and weekends. Contribute to post-deployment application validation. Quickly troubleshoot, evaluate, and resolve any issues that arise. Participate in and lead team conversations, meetings and feature discussions. Design application architecture. Others use your designs as examples to use from. Develop solutions that can be performant, scalable, consistent, and supportable that can be accomplished within the available scope, time and budget. Perform design and code reviews within the team and across other teams to ensure implementations adhere to goals, industry standards and best practices. Deliver software that meets requirements by applying knowledge of the product area to provide the best long-term solutions. Ensure code is testable at all levels (unit, integration, and end-to-end). Increase unit test coverage. Review requirements to provide meaningful, timely and critical feedback to improve them. Ensure requirements are feasible, implementation is efficient, and the design is aligned with the technical direction of WEX. Estimate and prioritize project requests. Assist with internal partner initiatives and projects. Work with Architects, Software Engineers, Quality Assurance Engineers and Business Analysts to collaborate on design and delivery decisions. Identify and document performance improvements and technical debt. Reduce the risk of security threats to WEX Health through a strong understanding of security best practices and close collaboration with Security Architects. Identify new threats and vulnerabilities and work with Architects to evolve mitigation strategies. Efficiently and effectively implement solutions in all environments, resulting in an increased level of throughput. Others use your code as an example to learn from. Demonstrate expert level understanding of your team’s product domain and understands multiple product domains outside of your current team. Act as an internal and external subject matter expert on WEX systems. Able to describe application behavior and technology outside of the Development department in both a technical and business communication style. Help others complete tasks to accomplish goals. Step into other roles to ensure project deadlines are met. Mentor and onboard new Software Engineers ensuring they have the proper tools and knowledge to become productive quickly. Participate in the interview process and provide valuable hiring recommendations. Provide technical and domain guidance to internal and external team members. Lead multiple features or components through the full software deployment lifecycle, including integration, customer feedback, release, and support phases. Recommend ways to distribute work across your team to increase development efficiency. Perform effectively in a cross-functional team environment to ensure successful execution and delivery of project commitments Demonstrate expertise in a domain as evidenced by others seeking your peer reviews, advice, and problem solving. Coordinate work efforts and communicate priorities across teams to ensure successful execution and delivery of commitments. These teams may include Business Analysts, Quality Assurance Engineers, Architects, Product Owners, Support, Management, Configuration Management, Database Administrators, etc. Facilitate team meetings as needed, including scrum master ceremonies, if applicable to the team. Measure, inspect, and drive decisions using data. Collaborate with stakeholders to learn about our customers biggest challenges. Measure, inspect, and drive decisions using data. Design, test, code, and instrument new solutions. Strengthen and drive our engineering process with TDD and BDD, Microservice and Vertical Slice Architectures. Support live applications, promote proactive monitoring, rapid incident response, and continuous improvement. Analyze existing systems and processes to identify bottlenecks and opportunities for improvements. Mentor and learn from your peers, foster continuous learning within your team and organization. Advise Senior Leadership team on highly complex situations that impact our organization and then lead teams through the initiative, driving excellent quality results and achieving defined OKRs across the organization. Provide strategic thought leadership on business initiatives using deep technical and business industry expertise. Experience You’ll Bring Bachelor's degree in Computer Science, Software Engineering, or related field; OR demonstrable equivalent experience. A minimum of 15 years of experience in software engineering. Strong problem-solving and analytical skills Excellent communication and collaboration skills. Passionate about keeping up with modern technologies and design. Strong proficiency in Angular and/or React Experience building and consuming REST APIs Proven track record of writing comprehensive unit tests and test suites Strong understanding of software security principles and OWASP guidelines Proficiency with Git version control and CI/CD pipelines Experience with Agile development methodologies Excellent communication and collaboration abilities Track record of delivering complex projects on schedule Experience in writing performant stored procedures and functions. Bachelor's degree in Computer Science, Software Engineering, or related field; OR demonstrable equivalent experience. A minimum of 15 years of experience in software engineering. Strong problem-solving and analytical skills Excellent communication and collaboration skills. Passionate about keeping up with modern technologies and design. Strong proficiency in Angular and/or React. Experience building and consuming REST APIs. Proven track record of writing comprehensive unit tests and test suites. Strong understanding of software security principles and OWASP guidelines. Proficiency with Git version control and CI/CD pipelines. Experience with Agile development methodologies. Excellent communication and collaboration abilities. Track record of delivering complex projects on schedule. Experience in writing performant stored procedures and functions. Technology Must-Haves C#, Python (if applicable) Docker Modern RDBMS (i.e. MS SQL, Postgres, MySQL) ASP.NET RESTful API design Kafka / event-driven design Modern Web UI Frameworks and Libraries (i.e. Angular, React) Kubernetes NoSQL databases Helm/ArgoCD Terraform GitHub Actions GraphQL Generative AI and Agentic AI models and frameworks Azure or AWS or experience in developing Cloud-Native applications and services Show more Show less

About The Team/Role As a Software Engineer on the WEX Benefits Technology team, you will work in a team that partners closely with Product Managers and customers to learn about the challenges employers face while navigating the competitive employee benefits landscape. You will design solutions that solve problems in ways our customers love and work for our business. You will build the highest quality software in the latest technologies and test driven development practices. How You’ll Make An Impact Support applications both during and outside business hours. Resolve issues and Service Requests quickly and efficiently. Support production deployments, which occur on evenings and weekends. Contribute to post-deployment application validation. Quickly troubleshoot, evaluate, and resolve any issues that arise. Participate in and lead team conversations, meetings and feature discussions. Design application architecture. Others use your designs as examples to use from. Develop solutions that can be performant, scalable, consistent, and supportable that can be accomplished within the available scope, time and budget. Perform design and code reviews within the team and across other teams to ensure implementations adhere to goals, industry standards and best practices. Deliver software that meets requirements by applying knowledge of the product area to provide the best long-term solutions. Ensure code is testable at all levels (unit, integration, and end-to-end). Increase unit test coverage. Review requirements to provide meaningful, timely and critical feedback to improve them. Ensure requirements are feasible, implementation is efficient, and the design is aligned with the technical direction of WEX. Estimate and prioritize project requests. Assist with internal partner initiatives and projects. Work with Architects, Software Engineers, Quality Assurance Engineers and Business Analysts to collaborate on design and delivery decisions. Identify and document performance improvements and technical debt. Reduce the risk of security threats to WEX Health through a strong understanding of security best practices and close collaboration with Security Architects. Identify new threats and vulnerabilities and work with Architects to evolve mitigation strategies. Efficiently and effectively implement solutions in all environments, resulting in an increased level of throughput. Others use your code as an example to learn from. Demonstrate expert level understanding of your team’s product domain and understands multiple product domains outside of your current team. Act as an internal and external subject matter expert on WEX systems. Able to describe application behavior and technology outside of the Development department in both a technical and business communication style. Help others complete tasks to accomplish goals. Step into other roles to ensure project deadlines are met. Mentor and onboard new Software Engineers ensuring they have the proper tools and knowledge to become productive quickly. Participate in the interview process and provide valuable hiring recommendations. Provide technical and domain guidance to internal and external team members. Lead multiple features or components through the full software deployment lifecycle, including integration, customer feedback, release, and support phases. Recommend ways to distribute work across your team to increase development efficiency. Perform effectively in a cross-functional team environment to ensure successful execution and delivery of project commitments Demonstrate expertise in a domain as evidenced by others seeking your peer reviews, advice, and problem solving. Coordinate work efforts and communicate priorities across teams to ensure successful execution and delivery of commitments. These teams may include Business Analysts, Quality Assurance Engineers, Architects, Product Owners, Support, Management, Configuration Management, Database Administrators, etc. Facilitate team meetings as needed, including scrum master ceremonies, if applicable to the team. Measure, inspect, and drive decisions using data. Collaborate with stakeholders to learn about our customers biggest challenges. Measure, inspect, and drive decisions using data. Design, test, code, and instrument new solutions. Strengthen and drive our engineering process with TDD and BDD, Microservice and Vertical Slice Architectures. Support live applications, promote proactive monitoring, rapid incident response, and continuous improvement. Analyze existing systems and processes to identify bottlenecks and opportunities for improvements. Mentor and learn from your peers, foster continuous learning within your team and organization. Advise Senior Leadership team on highly complex situations that impact our organization and then lead teams through the initiative, driving excellent quality results and achieving defined OKRs across the organization. Provide strategic thought leadership on business initiatives using deep technical and business industry expertise. Experience You’ll Bring Bachelor's degree in Computer Science, Software Engineering, or related field; OR demonstrable equivalent experience. A minimum of 15 years of experience in software engineering. Strong problem-solving and analytical skills Excellent communication and collaboration skills. Passionate about keeping up with modern technologies and design. Strong proficiency in Angular and/or React Experience building and consuming REST APIs Proven track record of writing comprehensive unit tests and test suites Strong understanding of software security principles and OWASP guidelines Proficiency with Git version control and CI/CD pipelines Experience with Agile development methodologies Excellent communication and collaboration abilities Track record of delivering complex projects on schedule Experience in writing performant stored procedures and functions. Bachelor's degree in Computer Science, Software Engineering, or related field; OR demonstrable equivalent experience. A minimum of 15 years of experience in software engineering. Strong problem-solving and analytical skills Excellent communication and collaboration skills. Passionate about keeping up with modern technologies and design. Strong proficiency in Angular and/or React. Experience building and consuming REST APIs. Proven track record of writing comprehensive unit tests and test suites. Strong understanding of software security principles and OWASP guidelines. Proficiency with Git version control and CI/CD pipelines. Experience with Agile development methodologies. Excellent communication and collaboration abilities. Track record of delivering complex projects on schedule. Experience in writing performant stored procedures and functions. Technology Must-Haves C#, Python (if applicable) Docker Modern RDBMS (i.e. MS SQL, Postgres, MySQL) ASP.NET RESTful API design Kafka / event-driven design Modern Web UI Frameworks and Libraries (i.e. Angular, React) Kubernetes NoSQL databases Helm/ArgoCD Terraform GitHub Actions GraphQL Generative AI and Agentic AI models and frameworks Azure or AWS or experience in developing Cloud-Native applications and services Show more Show less

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Software Engineer - File Transfer Services Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview The File Transfer Services team is looking for a Senior Software Engineer to drive our customer connectivity strategy forward by consistently innovating and problem-solving. The ideal candidate is passionate about the customer experience, highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In This Key Position, You Will: Design and develop high-performing Java and running on Linux. Ability to work on COBOL and mainframe (z/OS) technologies is a plus. Participate in team prioritization discussions with product/business stakeholders. Automate build, operation, and run aspects of software. Ensure scalability, security, and reliability of applications on Linux-based and mainframe-based infrastructures. Translate complex technical solutions into business impacts for non-technical audiences. Lead mainframe modernization efforts, bridging legacy COBOL, JCL, DB2 systems with Linux and Java applications. Perform demos/acceptance discussions in interaction with product owners. Conduct design reviews, code reviews, and uphold coding standards. Work closely with DevOps to automate deployments, and with BizOps to troubleshoot and resolve application, performance, and reliability issues. Stay up to date with emerging technologies. All About You The ideal candidate for this position should possess: 5+ years of software development experience in Java/Linux with strong shell scripting and Linux command line skills. Expereince working on Mainframe technologies is a plus. 2+ years of experience with file transfer applications like Connect Direct, and file transfer protocols like SFTP, FTPS, etc.. 2+ years of experience writing, optimizing, and automating tasks using Linux shell scripting. Hands-on experience with IBM mainframe technologies, including COBOL, JCL, DB2, VSAM, CICS, and z/OS. Expert in SQL queries and relational databases (DB2, Oracle, PostgreSQL) Familiar with secure coding standards (e.g., OWASP, CWE, SEI CERT) and vulnerability management. Awareness of security standards and RFC’s such as X.509 Certificates, SSH Keys, PGP encryption. Has skills to orchestrate release workflows and pipelines and apply standardized pipelines via APIs to achieve CI and CD objectives using industry standard tools (e.g., Jenkins, XL Release, others). Understands how to build robust tests to minimize defect leakage by performing regression, performance, deployment verification, and release testing. Good knowledge of Scaled Agile Framework (SAFe). Corporate Security Responsibility Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security. All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And Therefore, It Is Expected That The Successful Candidate For This Position Must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. Corporate Security Responsibility All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. R-241641 Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description: Senior Manager TPRM Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You’ll work in high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation. Create innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Demonstrate strong project management skills Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Review status updates and prepare management presentations/audit committee presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Your people responsibilities: Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Drive performance management for self and team. Driving the quality culture agenda at GDS Manage the performance management for the direct reportees, as per the organization policies Training and mentoring of project resources Participating in the organization-wide people initiatives Mandatory skills: Strong knowledge of information security concepts, risk and controls concepts Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Strong knowledge of OS (Windows / Linux) security, Database security Sound familiarity with OWASP and Secure SDLC standards / frameworks Strong knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.) Strong knowledge of Security architecture design and review Sound experience in LAN/WAN architectures and reviews Good knowledge on Privacy, Governance and reporting Sound knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.) Knowledge of incident management, disaster recovery and business continuity management Knowledge of Cryptography Knowledge of physical and environmental security Knowledge of Asset Security and Identity and Access Management CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer BE/BTech/MCA with a sound industry experience of 10 to 12 Yrs Preferred skills: Deep domain experience in a specific sector Prior Client facing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

We are excited to welcome experienced professionals returning to work after a career break . To be eligible for this role, you should have taken a career break of 6 months to 1 year and possess relevant experience prior to the break. As an Azure .NET Developer (Full Stack), you will be integral in designing, developing, and maintaining our web applications using .NET C# and ReactJS. You will collaborate closely with cross-functional teams, ensuring seamless integration of front-end and back-end components to deliver exceptional user experiences. We value your strong foundation in software development, attention to detail, and passion for emerging technologies. Responsibilities: Collaborate with product managers, UI/UX designers, and fellow developers to design and implement robust software solutions. Participate in daily standups, sprint planning, and retrospective meetings during the project implementation phase. Develop responsive and user-friendly front-end interfaces using ReactJS, ensuring optimal performance across various devices and browsers. Design and implement RESTful APIs and back-end services using .NET/.NET Core in C# to support front-end functionalities. Participate in code reviews, providing constructive feedback to maintain code quality and best practices. Identify and address technical debt, performance bottlenecks, and other development challenges. Work with databases and data models to ensure efficient data storage, retrieval, and manipulation. Stay up to date with industry trends and emerging technologies, proposing relevant improvements to the development process. Job Requirements Skills: Proven experience (minimum 5+ years) as a Full Stack Developer with hands-on expertise in .NET/.NET Core in C# and ReactJS. Familiarity with the .NET and .NET Core frameworks and design/architectural patterns (e.g., Microservices, MVC, Entity Framework). Strong understanding of web development fundamentals, including HTML, CSS, and JavaScript. Experience with front-end state management libraries (e.g., Redux) and front-end build tools (Webpack, Babel, etc.). Proficiency in designing and consuming RESTful APIs. Solid knowledge of database systems, SQL, and data modeling. Proven experience in creating quality SQL stored procedures and scripts. Familiarity with version control systems (e.g., Git) and agile development methodologies. Excellent understanding of OWASP standards. Strong problem-solving skills and the ability to work effectively in a collaborative team environment. Excellent communication skills, both written and verbal. Experience using IDE tools like Visual Studio. Experience configuring AWS services such as Lambda, API Gateway, Elastic Beanstalk, SES, SNS, etc. Experience configuring AWS containerization services such as EKS, etc. Experience configuring AWS data storage services MariaDB, MongoDB, etc. Education and Certification: Bachelor's or associate degree in an IT-related discipline. AWS Certified Developer – Associate certification is required. What We Expect: Report to the development team lead. Work within an agile team to develop and test applications. Design, develop, and unit test applications in accordance with established standards. Assist developers in analyzing and resolving technical issues. Assist in preparing manuals, specifications, and other technical documentation. Package and support deployment releases. Develop, refine, and tune integrations between applications. Company description SOAR - SoftwareOne Academy Returnship Programme - Ready to soar in your career once more? Apply now and be part of SoftwareOne - Are you ready to rejoin the workforce and take your career to new heights? We're excited to offer you an opportunity as an Azure .NET Developer (Full Stack) through our returnship Program at SoftwareOne. This paid program is designed for talented professionals who've had a career break of at least 6 months of career break and are eager to make a comeback. Show more Show less

Job Description Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Vulnerability Assessments – Senior Consultant Specialist In this role, you will: Leading the review of all newly discovered vulnerabilities, to assess if the provided risk score is correctly reflecting the risk to HSBC. Monitoring external threat feeds to identify any newly reported external risks. Managing the review of assigned tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation. Ensuring all patterns identified for remediation and/ or false positive identification, are clearly documented within the central tools and applied across the HSBC identified threat estate. Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating. Leading and managing thematic reviews in order to drive and maintain systematic uplifts and enhancements to CSAT and wider inter-operational units that help protect the bank. Maintain operational documentation on what reports are available and how to access and utilise existing filters. Conduct holistic reviews of the overall baseline security posture. Clear accountability and ownership of the Vulnerability Assessment and Response key control indicators and key risk indicators. Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers. Supporting the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs. Supporting Imminent threat review sessions, and deputising for the chair when required. Engaging with the Global Head of Vulnerability Management, and relevant team members to review and gain approval for submissions and ensure information requests are aligned with the group risk appetite providing the expected responses. Adhoc tasks as required, including support to CSAT operational activities, handling escalations and requests from any team or angle. Requirements To be successful in this role, you should meet the following requirements: The ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle. The ability to use multiple toolsets to convey information, obtain data, and make it meaningful to future plans. Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments. The ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC. Multiple functions will come together to ensure the safety of the bank and the ability to continue business under any circumstances. Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders. Understanding and experience in the practical application and execution of: Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), OWASP top10 and SANS top25 vulnerabilities and their mitigations Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms). Vulnerability assessments, scoring and ratings and how they are applied. Patch Management. Business and architectural design, including controls analysis, process flows and data flows. Cyber security principles, global financial services business models, regional compliance regulations and laws. Cryptography, SSL/TLS, Encryption. MS Excel to interrogate large data sets. SharePoint, Microsoft Teams and Confluence. Excellent organisational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines. Instinctive and creative, with an ability to create and contribute to bespoke solutions. Flexible approach to shifting or competing priorities. Process orientated, outstanding organizational skills. Proven track record on delivering activities on time to a high standard. High level of integrity and strong ethical values. Pro-active, independent, collaborative team player with a positive attitude. Strong interpersonal skills with the ability to create and maintain relationships - Internal relationships extend to peers across other functions within IT and externally to HSBC global businesses, which include external relationships with vendors, typically audit, legal, and technology where the need arises. Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation. Minimum of 8+ years’ experience in working in IT Security or similar role. Ability to work remotely. You’ll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by – HSBC Software Development India Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Purpose This role will focus on assessing the effectiveness of our cybersecurity programs and governance frameworks, with a particular emphasis on Application Security, ISO 27001 compliance, and a strong understanding of key cybersecurity frameworks. The ideal candidate will have a comprehensive understanding of both technical security measures and governance practices, enabling them to perform critical risk assessments, ensure regulatory compliance, and enhance our organization’s security posture. Job Context & Major Challenges Aditya Birla Fashion and Retail Ltd. (ABFRL) emerged after the consolidation of the branded apparel businesses of Aditya Birla Group, comprising ABNL's Madura Fashion division and ABNL's subsidiaries Pantaloons Fashion and Retail (PFRL) and Madura Fashion & Lifestyle (MFL), in May 2015. Post- consolidation, PFRL was renamed Aditya Birla Fashion and Retail Ltd. Aditya Birla Fashion and Retail Limited (ABFRL) is India’s first pure-play fashion powerhouse with an elegant bouquet of leading fashion brands and retail formats. The Company has a network of 4,190 stores across approximately 37,352 multi-brand outlets with 9,466 points of sales in department stores across India (as on 30 Jun 2024). ABFRL’s Madura Fashion & Lifestyle Brands are home to some of India’s most loved brands—Louis Philippe,Van Heusen, Allen Solly, Peter England, Reebok, Forever 21, Simon Carter, and American Eagle—that cater to India’s premium consumers. With their signature styles, high quality products and differentiated in-store experience, these brands have garnered immense customer loyalty and recall. As a playground for fashion, Pantaloons offers a wide variety of styles across categories and occasions. The brand speaks to the ever-evolving millennial customer of today who is confident and expressive. Be it through the physical retail experience or online, the Pantaloons experience is exciting, friendly, and uplifting. With a vibrant, expressive, and fun-loving approach to style, the brand seeks to enable the customer to be their fashionable best. ABFRL cater to the contemporary customer who is aware of international trends. Our international business includes, ‘The Collective’ – India’s largest international multi-brand retailer, select brands such as Ralph Lauren, Hackett London, Ted Baker and Fred Perry. Van Heusen Innerwear, Athleisure and Active wear is establishing itself as India’s most innovative and fashion forward brands launched in the 2016, aiming to redefine the category codes in the mid premium segment. In addition, to cater to the needs of digitally native consumers, ABFRL is building a portfolio of Digital-first brands under its technology led ‘House of D2C Brands’ venture TMRW. The Company’s foray into the branded ethnic wear business includes brands such as Sabyasachi, ‘S&N’ by Shantnu & Nikhil, Tasva, House of Masaba, Jaypore, and Marigold Lane. The Company has strategic partnerships with Designers ‘Sabyasachi’, ‘Shantanu & Nikhil’, ‘Tarun Tahiliani’ and ‘Masaba Gupta’. Each represents a harmonious blend of traditional elegance and contemporary style, reflecting India’s rich heritage and craftsmanship. This division is committed to delivering exceptional quality and unique designs, meeting the aspirations of ethnic wear connoisseurs Job Context In-depth knowledge of ISO 27001 standards, with hands-on experience in ISMS implementation and audits. Familiarity with other cybersecurity frameworks such as NIST CSF, CIS, SOC 2, and GDPR compliance. Experience in application security, including secure coding practices, code reviews, and penetration testing for web and mobile applications. Strong understanding of security tools, vulnerability assessment, risk management, and threat modeling methodologies. Knowledge of cloud security best practices (AWS, Azure, GCP) and secure cloud application deployments. Strong analytical and problem-solving skills, with the ability to communicate complex technical issues clearly to non-technical stakeholders. Professional certifications such as CISSP, CISA, ISO 27001 Lead Implementer/Lead Auditor, Certified Ethical Hacker (CEH), or similar are preferred Key Result Areas KRA (Accountabilities) (Max 1325 Characters) Supporting Actions (Max 1325 Characters) KRA1 Training & Awareness o Conduct security awareness training for internal teams on application security, data protection, and regulatory compliance. Promote cybersecurity awareness across the organization and collaborate with key stakeholders to ensure adherence to security policies. KRA2 Application Security o Work closely with development teams to ensure security best practices are integrated into the software development lifecycle (SDLC), with an emphasis on application security (e.g., secure coding practices, code reviews, security testing). Perform security reviews of applications, identifying and mitigating security vulnerabilities such as OWASP Top 10 risks. Collaborate with the application development team to provide guidance on secure software design and implementation. Evaluate third-party application security risks and collaborate with vendors on mitigating identified vulnerabilities. KRA3 Governance & Compliance o Lead the development, implementation, and maintenance of ISO 27001-based Information Security Management System (ISMS) to ensure compliance with industry standards and regulatory requirements. Coordinate and assist in ISO 27001 audits, prepare documentation, and ensure continual improvement of the ISMS. Oversee compliance with various cybersecurity frameworks (e.g., NIST, CIS, SOC 2, etc.) to align with best practices and industry standards. Create and maintain policies, procedures, and documentation related to cybersecurity governance and compliance. Support the creation of audit reports, risk assessments, and mitigation strategies. KRA4 Cybersecurity Assessment & Risk Management o Perform cybersecurity assessments, focusing on identifying risks, vulnerabilities, and gaps in the security posture, especially in applications. Develop and execute comprehensive security assessments, including penetration testing, vulnerability assessments, and threat modelling o Conduct regular risk assessments to evaluate the effectiveness of cybersecurity controls and compliance with internal and external standards. Analyze and assess risks in applications, including web, mobile, and cloud-based applications Show more Show less

Requisition Number: 100676 Cloud Infrastructure Engineer II Location- Bangalore, it's 5 days work from office. Shifts- 24*7 rotational Insight at a Glance 14,000+ engaged teammates globally with operations in 25 countries across the globe. Received 35+ industry and partner awards in the past year $9.2 billion in revenue #20 on Fortune’s World's Best Workplaces™ list #14 on Forbes World's Best Employers in IT – 2023 #23 on Forbes Best Employers for Women in IT- 2023 $1.4M+ total charitable contributions in 2023 by Insight globally Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organizations through complex digital decisions. About The Role We are looking for a Cloud and On-Prem Security Engineer with expertise in managing vulnerabilities, hardening servers, and ensuring the security of both cloud and on-premises environments. The ideal candidate should have hands-on experience with Orca Security for cloud security and Qualys for on-prem vulnerability management. Additionally, they should be proficient in patching using Puppet (Cloud) and SCCM/MECM (On-Prem), as well as server hardening across Windows and Linux environments. As a Cloud Infra Engineer II, you will get to: Vulnerability Management: Experience in managing and remediate vulnerabilities in Azure Cloud using Orca Security. Perform on-prem vulnerability assessments and patching using Qualys. Server Hardening & Security Compliance: Implement security best practices for Windows Server 20 (various versions) and Linux (CentOS, RedHat, Ubuntu). Ensure compliance with security standards and policies for both cloud and on-prem servers. Patch Management: Conduct monthly patching of Windows and Linux servers using: Puppet for cloud-based patching. SCCM/MECM for on-prem patching. Cloud & On-Prem Infrastructure Security: Secure and manage Azure cloud resources. Experience in managing on-prem virtualization using Hypervisor and Failover Clustering. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. As a Cloud Infra Engineer III, you are positioned for swift advancement within our organization through a structured career path. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. We are looking for a Cloud Infra Engineer II with: 4+ years of experience in cloud and on-prem security. Strong understanding of server security hardening and vulnerability remediation. Experience with compliance frameworks such as ISO 27001, NIST, CIS benchmarks, PCI-DSS, and OWASP security principles, ensuring adherence to industry security standards and best practices. Bachelor’s degree in computer science, Information Technology, or a related field. Exp on Security Tools & Platforms: Cloud Security: Orca Security On-Prem Security: Qualys Patch Management: Puppet (Cloud), SCCM/MECM (On-Prem) Operating Systems: Exp on Windows Server 2016, 2019, 2022 or Linux (CentOS, RedHat, Ubuntu) Infrastructure & Cloud Expertise: Azure Cloud Security & Administration , On-Prem Hypervisor & Failover Cluster Management (good to have) What you can expect - We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another location, even an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance The position described above provides a summary of some the job duties required and what it would be like to work at Insight. For a comprehensive list of physical demands and work environment for this position, click here. Internal Teammate Application Guidelines Meet the minimum qualifications and requirements of the position; Have completed twelve (12) months service in their current position; Not be under a disciplinary evaluation or suspension period; Have satisfactory performance in their current position; Have their current manager/supervisor recommendation Do you know someone who would make a great Insight teammate? Referrals are the best way to build quality teams – and a great way for you to earn a little extra cash. Insight to find out how you can refer someone to this job at Insight. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Show more Show less

About The Position Snowbit is a cybersecurity technology innovator with a vision to empower organizations across the globe to quickly, efficiently, and cost-effectively ready themselves to address omnipresent cyber risk. Built off years of Israeli cybersecurity experience, Snowbit is looking to offer the broadest managed detection and response offering available today. Snowbit is part of the Coralogix group, with Coralogix rebuilding the path to observability by offloading the burden of indexing and providing deep insights, at an infinite scale, for less than half the cost. Responsibilities Develop and implement automated security solutions, focusing on security operations, incident response, and vulnerability management. Write scripts and automation tools to streamline routine security tasks, reducing manual intervention and improving efficiency. Collaborate with security analysts, engineers, and other teams to identify and automate security tasks and processes. Use programming languages like Python, and other relevant scripting languages to automate security tools, workflows, and processes. Continuously assess and improve the effectiveness and scalability of security automation scripts and tools. Stay up-to-date with the latest cybersecurity trends, tools, and best practices to integrate automation solutions effectively. Develop and maintain integrations with existing security platforms, such as SIEM, vulnerability scanners, and incident response tools. Troubleshoot and resolve issues with automated processes, providing technical support as needed. Document processes, automation workflows, and system configurations to ensure transparency and ease of understanding for other team members. Participate in security incidents and contribute to root cause analysis for security issues that may arise. Requirements Strong experience in security automation, with a deep understanding of cybersecurity principles and methodologies. Proficient in Python and other scripting languages (e.g., Bash, PowerShell, etc.) for automation and tool development. Experience with security tools and technologies such as SIEMs, vulnerability scanners, IDS/IPS, firewalls, and endpoint security. Familiarity with APIs and integrations between various security tools and platforms. Hands-on experience with cloud security, including automation of cloud-native security controls (AWS, Azure, GCP). Understanding of common security vulnerabilities and risks (OWASP Top 10, CVEs, etc.). Knowledge of secure coding practices and familiarity with automation frameworks (e.g., Ansible, Terraform, etc.). Excellent troubleshooting and problem-solving skills, with a keen eye for detail. Strong communication skills and the ability to work effectively with cross-functional teams. Ability to work in a fast-paced, collaborative environment. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 5-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 7-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Application Security, Burp Suite, Network Security, Python (Programming Language), SOC Operations Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage {+ 13 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job description: Senior Manager TPRM Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal. You’ll work in high-performing teams that deliver exceptional client service, enabling organisations to grow, innovate, protect and optimise their business performance – playing your part in building a better working world. We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation. Create innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership. Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products. Demonstrate strong project management skills Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Review status updates and prepare management presentations/audit committee presentations etc. Actively contribute to improving operational efficiency on projects & internal initiatives. Your people responsibilities: Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation. Drive performance management for self and team. Driving the quality culture agenda at GDS Manage the performance management for the direct reportees, as per the organization policies Training and mentoring of project resources Participating in the organization-wide people initiatives Mandatory skills: Strong knowledge of information security concepts, risk and controls concepts Strong knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Strong knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Strong knowledge of OS (Windows / Linux) security, Database security Sound familiarity with OWASP and Secure SDLC standards / frameworks Strong knowledge of IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.) Strong knowledge of Security architecture design and review Sound experience in LAN/WAN architectures and reviews Good knowledge on Privacy, Governance and reporting Sound knowledge of anti-virus solutions (e.g. Symantec, McAfee, etc.) Knowledge of incident management, disaster recovery and business continuity management Knowledge of Cryptography Knowledge of physical and environmental security Knowledge of Asset Security and Identity and Access Management CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer BE/BTech/MCA with a sound industry experience of 10 to 12 Yrs Preferred skills: Deep domain experience in a specific sector Prior Client facing experience EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary The SOC Analyst –L3 will be part of existing Ares Global SOC team and will be responsible for day-to-day security operations by responding to and investigating security events of interest and recommending or taking corrective action by working with IT and non-IT team members. They will also respond to security incident and investigation requests in line with established Security Incident Response processes and procedures, within defined service level targets. This position requires shift work in a 24*7*365 environment. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities Key Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory Skill Sets CEH, ECSA, LPT (any one) Preferred Skill Sets OSCP, OSWE Years Of Experience Required 2-10 Years Education Qualification B.Tech ee in Information Technology, Cybersecurity, Computer Science Professional Certifications like CEH, CCSE, CCNA, Security+, etc., will be plus SIEM certifications Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering, Master of Business Administration Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Microsoft Defender, Palo Alto Cortex XSOAR, Splunk Optional Skills SoCs Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Position Summary We are seeking an experienced and people-focused Team Lead to lead our growing team of Triage Intake Analysts in our Pune hub. This is a hands-on leadership role responsible for developing, mentoring, and managing a team that serves as the frontline for vulnerability report intake and validation. You’ll work cross-functionally with security experts, technical leaders, and operations teams to ensure HackerOne continues to deliver fast, accurate, and efficient triage services to our customers and hacker community. This role will based out of our Pune office 4-5 days a week. Our triage intake team works varying shifts to provide coverage to our customers. What You Will Do Team Management: Lead, coach, and support a team of Triage Intake Analysts, helping them succeed in their roles through regular feedback, career development, and performance management. Operational Oversight: Ensure daily intake and validation processes are handled accurately, efficiently, and in alignment with SLAs and program requirements. Quality Assurance: Monitor report quality, validation accuracy, and procedural compliance across the team; identify trends and areas for improvement. Scheduling & Shift Coverage: Manage and coordinate with the team across shifts spanning multiple time zones to provide continuous intake coverage. Stakeholder Collaboration: Work closely with the broader Triage, Customer Success, and Program Operations teams to ensure seamless coordination of vulnerability reports and escalate blockers when needed. Process Improvement: Identify and implement improvements to intake workflows, documentation, and tooling to drive consistency and efficiency. Metrics & Reporting: Track key metrics related to intake volume, quality, efficiency, and team performance. Report progress and insights to senior leadership. On-Site Leadership: Act as the key on-ground presence in Pune, fostering a culture of accountability and professional conduct in the office. Minimum Qualifications 2+ years of experience in people management, preferably in a security-related domain. Good understanding of the bug bounty landscape and vulnerability disclosure ecosystem. Background in web application security, bug bounty, or vulnerability triage is strongly preferred. Strong understanding of common web vulnerabilities (OWASP Top 10) and basic security tools (e.g., Burp Suite). Demonstrated ability to manage distributed or shift-based teams. Excellent verbal and written communication skills, with a strong ability to influence and lead through empathy. Strong organizational and decision-making skills, with experience managing KPIs and operational metrics. Comfortable working in a fast-paced, feedback-driven environment. Must be able to work from the HackerOne office in Pune 4-5 days per week. Compensation Bands: 2,656,000 INR - 3,320,000 INR Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend Eligibility may differ by country We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails