Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Gurugram office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Administration Good to have skills : Incident Management, System Monitoring Tools & Techniques, SplunkMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be actively involved in ensuring the security of the organization's digital assets and infrastructure. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Implement security measures to protect computer systems, networks, and data.- Conduct regular security assessments to identify vulnerabilities and risks.- Develop and implement security policies, protocols, and procedures.- Monitor security incidents and respond in a timely manner.- Provide guidance and support to junior security team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Administration.- Good To Have Skills: Experience with Incident Management, System Monitoring Tools & Techniques.- Strong understanding of security principles and best practices.- Knowledge of network security protocols and technologies.- Experience in implementing and managing security solutions.- Familiarity with regulatory compliance requirements. Additional Information:- The candidate should have a minimum of 3 years of experience in Splunk Administration.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Engineering Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your role involves ensuring the security of critical assets and data. Roles & Responsibilities:Work as part of Security Engineering handling tunings, customer requests, escalations, reporting, trainings, etc.Administration of the Accenture proprietary SIEM (Log Collection Platform) to gather security logs from customer environment.Life cycle management of the SIEM (Onboarding, Break-fix, Patching, Live update )Adhering to SOPs and notify customers on log flow/log format issuesDocument best practices and writing KB articlesIdentify opportunities for process improvements Professional & Technical Skills: Experience in SOC OperationsKnowledge on networking, Linux and security concepts Experience in configuring/managing security controls such as Firewall, DS/IPS,EDR,UTM,ProxyKnowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Knowledge in device onboarding and integrationPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamworkFollowing certifications is added advantage:Network+,Linux+, Security and CCNAPrior experience in information security or SOC operations Additional Information:Work as part of a global technical services team that works 24/7 on rotational shiftBachelors degree in computer science, The candidate should have minimum 2 years of experience This position is based at our Chennai office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : SAP Security Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Lead, you will lead the effort to design, build, and configure applications, acting as the primary point of contact. Your typical day will involve collaborating with various teams to ensure that application requirements are met, overseeing the development process, and providing guidance to team members. You will also engage in problem-solving activities, ensuring that the applications are aligned with business objectives and user needs, while maintaining a focus on quality and efficiency throughout the project lifecycle. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate knowledge sharing and training sessions to enhance team capabilities.- Monitor project progress and implement necessary adjustments to meet deadlines. Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Security.- Good To Have Skills: Experience with identity and access management solutions.- Strong understanding of application security best practices.- Experience in configuring and managing user roles and authorizations.- Familiarity with compliance standards related to data security. Additional Information:- The candidate should have minimum 7.5 years of experience in SAP Security.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Primary Skills: Targeted pen testing/security analysis of ECU features at all levels e.g., secure boot, secure OS/TEE, secure protocol implementation, key management systems, debug access activation methods, paid feature activation, system architecture, etc. Good Knowledge of modern automotive embedded systems, secure boot in all facets, baseband (LTE/GSM), Android/Linux/Autosar, CAN/Ethernet. Liaising with ECU SW developers to explain security issues and provide feedback on proposed solutions. Supporting the security test developers by providing input to new features and regression test development. Good Knowledge of Reverse engineering, fuzzing (custom fuzzer development), PoC exploit development, source code review, hardware tampering, design reviews. Must have: Very good knowledge of cyber security, embedded systems and cryptography, which you are passionate about developing on a daily basis. Relevant professional experience with pen testing and/or offensive security and reverse engineering. Very strong (embedded) Linux knowledge. Fluency in written and spoken English. Nice to have: A relevant tertiary qualification with a security component. Knowledge of common automotive protocols. Experience with automotive bus and protocol analysis tools. Any relevant technical certifications - e.g., OSCP

Must-Have Skills Solid Python development experience including object-oriented programming, designing reusable modules, working with testing frameworks like pytest (incl. fixtures), and building command-line tools for automation or system tasks. Hands-on experience working with Linux systems beyond basic usage — such as writing shell scripts, analyzing system logs, configuring services, or troubleshooting runtime issues. Familiarity with CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Ability to write clean, testable, and maintainable code. A curiosity-driven mindset and interest in how complex systems work under the hood. Nice to Have (or Eager to Learn) Strong motivation to grow into platform security topics such as secure boot, disk encryption, access control, and sandboxing in Linux/Android environments. Interest in system-level software design — including how operating systems enforce isolation, security boundaries, and platform resilience. Curiosity about attack surface reduction, ethical hacking, or platform hardening — even without prior experience. Keywords Python Developer Clean Code pytest CI/CD (GitLab, Jenkins, GitHub Actions) Linux System Automation Android Platform Development

Job Title :Senior Information Security Analyst Vulnerability Management Reporting To Manager Work Location Bangalore We are looking for a motivated Information Security Analyst to run Information Security processes . The main focus area will be Vulnerability Management . You will be responsible for: - Analysing vulnerabilities, - Providing necessary information and guidance to IT Technology Owners, - Monitoring remediation actions. You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e.g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Vulnerability Management processes. You will participate in assessing and evaluating vulnerabilities. You will have the opportunity to work with vulnerability assessment technologies from industry leaders. Your task will be to get understanding of the issue, inform respective IT Technology Owner and provide guidance on recommended action and monitor the execution. In the constantly changing world of emerging vulnerabilities and bit IT landscape of Eurofins you will have numerous opportunities to learn new aspects of vulnerabilities and get better, in-depth understanding of their underlying details. Your role is strategic for the organization running the vulnerability management process is key to secure the Company, build strong layer of defence and improve Companys external posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Experience: If you have: - Previous experience in IT Security or Vulnerability Management with having experience (at least 5 years) Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Senior Information Security Analyst, you can utilize your technical skills: understanding of various IT technologies (IT infrastructure and application level), IT general knowledge, principles of software development and understanding of web technologies, utilizing CVEs, collecting and processing information from vulnerability databases, working with leading industry products and services (e.g. Qualys, Nessus, Security Scorecard, BitSight, ServiceNow etc. ), assessing and evaluating cloud-based solutions and cloud services. As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are orientation on details, team collaboration, problem solving. Qualifications Educational background in IT or Information Security. Any related IT Security certification would be an added advantage.

OPERATIONAL TITLE (ENGLISH)Senior Consultant - Security Policy and Architecture REPORTING LOCATION Bangalore, IN WORKING LOCATIONBangalore, IN SUMMARY OF POSITION AND OBJECTIVES The Information Security Consultant/Architect plays a pivotal role in safeguarding the technological infrastructure andassets of Eurofins through meticulous evaluation, integration, and enhancement of security measures, evaluation of intricate IT technologies to ensure alignment with stringent security standards before their approval by the Technology Council, and contribution to the formulation and refinement of security policies, ensuring their relevance and effectiveness in the dynamic landscape of cybersecurity. POSITION & OBJECTIVES : GSC Security Policy and Architecture Advisory is part of GSC Security Support Office pilar, combining the Security Policy and Architecture Advisory, Regional Security Support and Security Certifications Support crews. As part of his significant role in safeguarding the IT infrastructure and assets, Information Security Consultant: evaluates complex IT technologies from security standpoint before they are approved by the Technology Council; contributes to newly created and updated security policies; provides consultancy to other IT and business crews regarding the policies and security recommendations; contributes to technical integration scenarios, ensuring security in ongoing and planned projects; engages into strategic initiatives aimed at enhancing Eurofins overall security posture, ensuring resilience against evolving threats and vulnerabilities (Information Security Architect); provides internal consultancies for other crew members (Information Security Architect); QUALIFICATIONS AND EXPERIENCE REQUIRED: Experience: 7-10+ years of experience in information security, preferably in the security architecture area; experience in one or more areas such as: managing complex IT environment utilizing directory services; designing/managing/protecting complex network environments; design and/or management of cloud-based services; identifying the requirements, architecting, deploying, and managing security tools , such as vulnerability management, identity management, PKI, log management, MFA, penetration tests, automate code analysis, antimalware solutions; acting as security SME (Key Word) in IT projects; delivering security policies, standards and guidelines. As we are working in an international environment, Information Security Consultants English needs to be excellent. He/She needs to be an effective communicator (both to technical and non-technical professionals), convincing that his/her concepts are relevant and important for the whole organization. Role requires also skills such as orientation on details, team working, problem solving and independence. Additionally, following trainings or certificates are appreciated: CISPP (*Added Advantage) CCSP (*Added Advantage) CEH AZ-500, AZ-xxx, SC-xxx AWS Security CompTIA Security+ Others, related to security, public cloud, networking, IT infra Qualifications Bachelors degree in computer science, security and similar is appreciated. Knowledge, Skills and Abilities:

Job Title Information Security Consultant Cloud Security Reporting to Manager Reporting Location Bangalore We are looking for a motivated Cloud Security Consultant to join our team, focusing on Cloud-Native Application Protection Platform (CNAPP) technologies . The main focus area will be Cloud Secure Posture . The ideal candidate will possess deep expertise in scaled virtual systems and security technologies and be capable of maintaining and enhancing our application security posture through proactive operational management, effective communication, and continuous learning. You will be responsible for: Operational IntegrityMaintain the operational integrity of CNAPP and related tool sets and process, ensuring configurations are up to date and optimized, and escalating issues appropriately., Risk and Threat AnalysisProvide thorough analysis of risks and threats, suggesting and implementing potential remediations- Providing necessary information and guidance to IT Technology Owners,- Monitoring remediation actions. Business UnderstandingGather and incorporate an understanding of business-relevant factors impacted by security toolsets. Security AdvocacyPromote security awareness among relevant stakeholders and best practices throughout the organization.You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e.g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Cloud-Native Application Protection Platform. You will be responsible for maintaining and elevating the security across our cloud environments. The main goal of this role is to reduce risk while allowing the business to operate quickly, safely, and efficiently. If you are motivated and passionate about cloud security architecture and operations, this could be the ideal role for you. Your role is strategic for the organization running the CNAPP is key to secure the Company, build strong layer of defense and improve Companys security posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Qualifications If you have: - Educational background in IT or Information Security and, - 4+ years of experience with public cloud providers (Azure, AWS, GCP) involving cloud security architecture. - Experience in Kubernetes - Previous experience in Security (at least 7+ years) we are looking for you! Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Cloud Security Consultant, you can utilize your technical skills: Understanding of various Cloud Service Providers (CSP); Assessing and evaluating cloud-policies; Utilizing CVEs, collecting and processing information from vulnerability databases; Experience using CI/CD pipelines for change management and automated security testing; Working with leading industry products and services (e.g. Wiz, ServiceNow); Added advantage if candidate has CISSP/CCSP/Any cloud security or architecture certification; As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are orientation on details, team collaboration, problem solving. Additional Information What we can offer: Very attractive, multicultural and friendly work environment in fast-growing international company (more than 50000 employees now); Possibility to grow and make the next step in your professional career and self-development; Long-term relationshipand competitive salary package;

-Develop a deep technical understanding of IBM Public Cloud offerings and infrastructure -Plan and perform red team exercises against various cloud offerings -Plan and perform full stack security tests against various system(s) and application(s) independently as well as within a team -Engage in security monitoring and visibility improvement activities across the IBM Public Cloud organization -Thoroughly document techniques, tactics, and proof of concepts used during security testing and red team exercises -Communicate with various business and technology leaders to interpret identified vulnerabilities and assist in the development and planning for risk mitigation plans -Research and continuously improve skills in attacker tools, methods, and techniques -Lead by example for the greater red team in professionalism, communication, and technical expertise Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 3+ years of demonstrating experience in planning and executing penetration tests/red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies Demonstrates strong understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications. Demonstrates strong ability to communicate highly technical aspects to Executives and IT staffs, respectively Demonstrates ability by creating custom tools for penetration testing and contributing to opensource technologies Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.) Possess one or more of the following credentialsOSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, CRTP, Crest Penetration Certification. Familiarity with serverless services, containerization and other cloud technologies Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK 3+ years of demonstrating experience in system or application administration role(s) Preferred technical and professional experience 5+ years of demonstrating experience in planning and executing penetration tests/red team exercises against web applications, containers, APIs, network devices, databases, operating systems, and various cloud technologies Understanding of offensive cybersecurity operations and defensive integrations, including enumeration and exploitation of various cloud-based technologies and development of secure applications. Ability to communicate highly technical aspects to Executives and IT staff, respectively Demonstrates ability by creating custom tools for penetration testing and contributing to opensource technologies Expertise in developing exploits and customized attack tooling and approaches Demonstratedsecurity research leading to bug bounty and CVE awards Deep understanding of serverless services, containerization and other cloud technologies Demonstrates strong experience with various scripting languages (Python, Ruby, Bash, etc.) CGood to have one of these certsCRTP, CEH, OSCP, OSCE, OSWE, GWAPT, GPEN, GXPN, CRTP, Crest Penetration Certification. Familiarity with serverless services, containerization and other cloud technologies Strong familiarity with OWASP Top Ten, NIST, and MITRE ATT&CK 5+ years of demonstrating experience in system or application administration role(s)

We are seeking a highly experienced and skilled Senior Cybersecurity Professional to join our team. The candidate should have a deep understanding protecting an organization's data and systems from cyber threats by identifying vulnerabilities, responding to breaches, and implementing security measures. Primary Skills Leadership and Strategy: Develop and implement comprehensive cybersecurity strategies and policies. Lead and mentor a team of cybersecurity professionals. Stay updated with the latest cybersecurity trends and technologies. Identify and prioritize critical business functions in collaboration with organizational stakeholders Risk Management: Conduct risk assessments and vulnerability analyses. Develop and implement risk mitigation plans. Ensure compliance with industry standards and regulations. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Incident Response: Lead incident response efforts and manage security breaches. Develop and maintain incident response plans and procedures. Conduct post-incident analysis and reporting. Security Operations: Oversee the implementation and management of security tools and technologies. Coordinate with IT teams to ensure secure system configurations. Secondary Skills Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Proven experience in cybersecurity leadership roles. Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills.

Security Testing (Penetration testing, DAST Testing, SAST Testing, OWASP top 10) Education Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 8 years of relevant experience. Your future duties and responsibilities: 8+ years of penetration testing experience, preferably in highly regulated industries and for global clients Proficiency with scripting and programming languages, mainly Python Perform Penetration Testing for networks (internal & external), applications, APIs & cloud assessments Vulnerability identification and analysis Collaborate with team members and stakeholders to define project scopes, review test results, and determine remediation steps Advanced problem-solving skills Any security certifications are a plus Strong written and verbal communication skills Ability to work autonomously with little directional oversight Ability to lead a project and multiple testers Commitment to quality and on-schedule delivery; and a proven ability to establish and meet milestones and deadlines Customer-focused mentality to understand and appropriately respond to customers business needs Draft reports and communicate complex security concepts and test findings to clients and stakeholders Make expert recommendations to help clients improve their information security program Work on researching & developing utilities, toolkits, processes, tactics, and techniques Required qualifications to be successful in this role: Must to have skills-Penetration testing, DAST Testing, SAST Testing, OWASP top 10 Good to have skills- Python Skills: Java Python Vulnerability Assessment(IAVA) Vulnerability Testing (IAVT)

Department: Information Technology Location: Ahmedabad Experience: 10+ Years Education: Bachelors/Master’s in Computer Science, Cybersecurity, or related field Certifications Preferred: CISSP, CISM, CEH, or equivalent Job Summary: We are looking for a seasoned professional to lead application security initiatives across the software development lifecycle. This role combines expertise in secure coding, threat modeling, incident response, and SOC collaboration to ensure the integrity, confidentiality, and availability of enterprise applications. The candidate will work closely with development, DevOps, and IT security teams to build and maintain a secure application environment. Key Responsibilities: Application Development & Security Lead secure design and review processes throughout the SDLC. Guide development teams on secure coding standards and best practices. Conduct threat modeling, vulnerability assessments, and penetration testing. Integrate security into CI/CD pipelines for secure deployment. Application Security Management Define and enforce security policies, standards, and procedures. Stay current on emerging threats, vulnerabilities, and compliance trends. Implement tools such as WAFs, SIEM, IDS/IPS within application ecosystems. Oversee application vulnerability management and incident response. SOC Operations & Incident Response Collaborate with SOC to improve threat detection and response for application-layer risks. Support SOC operations with security insights from the application stack. Analyze and report incidents, with plans to mitigate future risk. Collaboration & Stakeholder Management Work with cross-functional teams to solve security challenges while supporting business goals. Provide leadership on security strategy during digital transformation initiatives. Coordinate with external vendors for security reviews and audits. Training & Awareness Conduct training sessions for developers and IT staff on secure development practices. Champion a culture of security-first development across all technical teams. Required Skills: Deep understanding of SOC processes and incident response methodologies. Practical experience with SIEM, IDS/IPS, WAFs, and vulnerability management tools. Ability to translate technical risks into business risks and drive resolution. Preferred Skills: Familiarity with OWASP, NIST, ISO 27001, or related security frameworks. Understanding of cloud security for Azure, AWS, or GCP. Industry certifications such as CISSP, CISM, CEH, or equivalent.

Position- System security Analyst Location- Mohali Key Responsibilities: • Conduct Vulnerability Assessment and Penetration Testing (VAPT). • Perform Application Security (AppSec) reviews. • Conduct Source Code Reviews to identify and remediate security flaws. Preferred Certifications: • CEH (Certified Ethical Hacker) • OSCP (Offensive Security Certified Professional) Hands-on Experience With: • VAPT Tools: Burp Suite, Nessus, Metasploit • AppSec Tools: Acunetix, Checkmarx • Source Code Analysis Tools: Fortify, Veracode • Familiarity with scripting (Python, Bash) and DevSecOps principles is a plus.

Technical Skills, Experince & Qualification Required :- Manual Pentesting of web application, infrastructure, mobile app Extensive knowledge in the areas of information system security Coding ability (at the very least Python) Recognized credential on a hacking platform: training (HTB, root-me, etc.) or bug bounty (synack, hackerone, etc.) Experience in relevant tools : Burp Suite or equivalent, network discovery, vulnerability scanner, OSINT, exploitation and post-exploitation on web app, OS, infra and mobile application, payload customization, virtualization. Deep knowledge in manual web application penetration testing and payload customization Expertise in at least one programming language Experience in working on Linux and Windows environment Cloud environment testing (AWS, Azure) Certifications Required : Offensive security : OSWE, OSCE, OSCP, OSWP, OSEE certification EC-Council certification (APT, LPT, not CEH) Government sponsored certification : CREST, PASSI PCI DSS certification ISO 27001 certification SANS or equivalent certification Immediate Joiners will be preferred

Sapiens is on the lookout for a Security Auditor to become a key player in our Bangalore team. If you're a seasoned Security Audit pro and ready to take your career to new heights with an established, globally successful company, this role could be the perfect fit. Working Model: Our flexible work arrangement combines both remote and in-office work, optimizing flexibility and productivity. This position will be part of Sapiens Life & Pension division, for more information about it, click here: Summary Sapiens is seeking a skilled and experienced System Security Auditor to join our team in supporting projects and development teams with compliance auditing, knowledge transfer and training of Cybersecurity processes, compliance, and best practices as part of our Secure Software Development Framework (SSDF). Responsibilities Audit all project's compliance with SSDF procedures and work on mitigation and correction. Assist and train Delivery and Project teams in comprehending and adhering to the Secure development process. Participate in the Security Champions initiative forum and aid the CISO team in creating training materials and reviewing existing cybersecurity best practices. Support the regular security compliance external audits (SOC, ISO, etc.) for the division. Assess projects' readiness for internal and external Penetration Testing. Facilitate and manage discussions with internal teams as well as clients on cybersecurity risks, issues, and mitigations. Qualifications Demonstrated ability to assess security controls based on cybersecurity principles and tenets (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). In-depth knowledge of Personal Identifiable Information (PII) data security standards and cybersecurity and privacy principles. Expertise in security system design tools, methods, and techniques. Knowledge of systems security testing and evaluation methodologies. Proficient in recognizing risks and vulnerabilities in security systems (e.g., vulnerability and compliance scanning, design analysis, and control review). Deep understanding of the security aspects of a Cloud PaaS/SaaS deployment and Integration. Excellent verbal communication, facilitation, and documentation skills. Openness to learning new skills, problem-solving abilities, and a keen eye for detail. A university-level degree in a relevant field, with formal cybersecurity certification being strongly preferred. Experience Requirements (Must Have) 3 years of experience in auditing and facilitating cybersecurity audits in software development and/or cloud-based hosting environments. Hands-on experience with Cybersecurity testing, Penetration testing mitigation, and security risk analysis. Expertise in using third-party software vulnerability tools, managing CVEs and CWEs based on the CVSS scoring. Experience with implementing security scanning and testing as part of CI/CD. Experience with integrating SIEM principles into secure logging systems and observability. Preferred Prior experience working as a CISO or a part of CISO team. Background in software development, DevOps, or systems administration. Experience working for or with Financial Services companies.

OrangeMantra is looking for Technical Lead - PHP Fullstack to join our dynamic team and embark on a rewarding career journey Lead development of fullstack web applications using PHP Manage frontend/backend design, code review, and deployment Mentor junior developers and ensure code quality Coordinate with QA and DevOps for continuous delivery

Senior Cybersecurity Supervisor The Senior Cybersecurity Supervisor will be responsible for delivering services to assess and evaluate the security posture of a variety of Honeywell Products and partner technologies. This role will be responsible for security services delivery, which may include use of application / network / firmware / hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle. You will provide leadership for a team of Product Security Assurance Engineers. This position will also work with other business stakeholders to ensure testing techniques are developed in accordance with asset risk and business functionality and will play a key role in ensuring appropriate remediation activities are completed as planned. RESPONSIBILITIES Leadership role with Product Security Assurance Team Direct staff and team leaders Provide mentorship, expertise and direction to junior security assurance and product team members Interview and hire qualified candidates Conduct meaningful performance reviews Champion strategic Product Security initiatives Create development plans Track skillsets and approve training requests Proactively anticipate escalations and track issues/conduct root cause analysis assessments Lead initiatives to engineer better solutions Ensure accountability for the development, maintenance and improvement of Security Testing across all SBGs Assist in the development of modular, repeatable, effective Security Testing processes Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools. Continuously monitors levels of service and interprets and prioritizes threats based on test results Provide briefings to Product Security leadership and other executive leaders Work with cross functional teams to develop remediation suggestions YOU MUST HAVE Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience 5+ years demonstrated experience in penetration testing WE VALUE 2+ years demonstrated experience leading a team of 3 or more individual contributors Experience in security testing within the appropriate domain Experience leading security test programs at a Fortune 100 corporation Relevant Security certifications Public speaking at Technical Conferences 2+ years of application development Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques. Understanding of application protocols, development, and common attack vectors. Published vulnerability research Good cybersecurity capabilities and strong software engineering skills Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Demonstrated project management skills. Effective oral and written communication skills Excellent interpersonal skills

Innovate to solve the worlds most important challenges The future is what you make it. When you join Honeywell, you become a member of our global team of thinkers, innovators, dreamers, and doers who make the things that make the future. That means changing the way we fly, fueling jets in an eco-friendly way, keeping buildings smart and safe and even making it possible to breathe on Mars. Working at Honeywell isn t just about developing cool things. That s why all our employees enjoy access to dynamic career opportunities across different fields and industries. Are you ready to help us make the future? The Honeywell Global Security (HGS) business believes in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. In the role of Sr Advanced Cyber Security Architect, you will join a growing central Product Security organization providing expertise in secure software, requirements, and architecture throughout all phases of the product lifecycle. The role will report to the Director of Cyber Security and will drive security baselines, processes, solutions, and risk reduction across a growing line of core product. This role will have the unique distinction of being a part of a highly cross functional security team, creating new strategies, policies and processes, and centrally touching every end of Honeywell s offerings, product lifecycle, and business lifecycle. This role will additionally interact regularly with Suppliers and industry partners, to keep up with an ever-evolving threat landscape. Key Responsibilities: Lead efforts with the development teams to manage product risk and apply the appropriate security controls Provide product security related coaching and security expertise for all software and firmware development teams Drive best in class security requirements into product and service offerings Lead and coordinate cross-functional activities for Supplier Cyber Assessments Lead new project deployments and initiatives that add value to SDL processes and procedures Lead efforts of mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice As a member of the architecture leadership team, you will understand and influence the development of services and offerings by ensuring security by design of the cloud, as well as on-premises solutions. Ensure data security requirements are understood and implemented in accordance with applicable country laws and regulations Partner with development teams and Suppliers across business and product lines to drive security requirements, practices, and complete thorough security reviews of products Drive secure engagement and architecture including threat modeling, vulnerability and risk assessment, analysis of findings from penetration tests, and tools (e.g., SAST, SCA, Container vulnerability scans) Drive incident response investigation, ensure coordination for remediation plan and execution Mentor and coach engineering and security architects in secure SDLC practices, train and engage security advocates Represent Honeywell in consortia, contributing to creation and refinement of tomorrow s industry standards and best practices You must have: 6+ years of experience in security engineering Secure software development lifecycle (SSDLC) experience Understanding of security by design principles We value: Experience with Cloud Provider (e.g., Azure, AWS, GCP) security architecture and controls Experience with Threat Modeling Experience with security tools (e.g., SAST, SCA, vulnerability scanning, penetration testing) Understanding of Agile software development practices Experience with SaaS, cloud, IOT, and OT security and controls Understanding of DevOps (CI/CD) Sound understanding of Cryptography, encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management Up to date knowledge of current and emerging security threats and techniques for exploiting security weaknesses Certifications in security demonstrating deep practical knowledge such as CSSLP, CCSP, or CISSP Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among partners Experience working with external partners Experience with definition, creation, integration, and monitoring of metrics Passion for achieving results and continual self-improvement Master s Degree

Cyber Security Engineer II Honeywell Building Technologies is a global leader for products and technologies that are installed in over 10 million buildings in more than 75 countries. Honeywell software and products address key energy challenges, keep people and places safe, enhance the building occupant experience, and improve critical infrastructure. The business also takes a secure-by-design approach to its product development and ensures that its products are optimized for the people who use them - the building owner, operator, occupant, and installer. The Cyber Security Engineer II reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Products and partner technologies. This role will be responsible for security services delivery, which may include use of application / network / firmware / hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle. Responsibilities Individual Contributor with Product Security Assurance Team, with minor team leadership accountabilities Provide mentorship, expertise and direction to junior team members Assist with onboarding internal team training Champion strategic Product Security initiatives Oversee and ensure client deliverables are on time, requirements are met Proactively anticipate escalations Lead initiatives to engineer better solutions Develop methodologies, determine scoping requirements Deliver Security Testing across all of Honeywell Assist in the development of modular, repeatable, effective Security Testing processes Partner with Tools a nd Technology Team to select, implement, develop, and automate testing with appropriate tools. Work with cross functional teams to develop remediation suggestions Report observations using our standardized reporting structure The engineer may frequently lift and/or move up to 25 pounds Basic Qualifications Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience Total Experience - Minimum 5 years 3+ years demonstrated experience in penetration testing 1+ years project management skills Preferred Qualifications Experience in pentesting - Web, Mobile App, Thick Client, API, Web services, Hardware, Cloud, Containers Exposure to IoT pentesting Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Relevant Security certifications Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline

Cyber Security Engineer As an Cyber Security Engineer II here at Honeywell, you will be accountable for ensuring the security of our products and services. You will work closely with our team to implement and maintain security measures to protect our customers from cyber threats. You will report directly to our Security Engineering Manager and you ll work out of our Orion Campus, Bangalore location on a hybrid work schedule. In this role, you will impact the security of all of our products and services, ensuring the self-assured integrity and availability of our customers products, data, and information. You will work with cross-functional teams to develop and implement security solutions, conduct vulnerability assessments, and respond to security incidents. At Honeywell, our people play a critical role in developing and assisting our employees to help them perform at their best and drive change across the company. Help to build a strong, diverse team by recruiting talent, identifying, and developing successors, driving retention and engagement, and fostering an inclusive culture. KEY RESPONSIBILITIES Develop and implement security measures to protect systems and networks Conduct vulnerability assessments and penetration testing Monitor and respond to security incidents Work with cross-functional teams to ensure security requirements are met Stay up-to-date with the latest cybersecurity trends and technologies YOU MUST HAVE 3+ years of experience in cybersecurity or a related field Bachelors degree or equivalent experience in Software Engineering, Computer Science, or related discipline Familiarity with the following tools with direct experience in several of them: o Java / Groovy o Python o JIRA ScriptRunner o Jenkins o Ansible / Boto3 o DevSecOps o Security Requirements o Threat Modeling o Penetration Testing Tools o Public Key Infrastructure o Embedded Device Software Engineering o Hardware Engineering WE VALUE Strong knowledge of python-based development Experience designing and deploying global technology services Deep understanding of tool automation and integration Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Excellent communication and leadership skills Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders Technical leadership experience in the software security field Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP Understanding of Agile software development practices ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world s most critical demands around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company dedicated to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. THE BUSINESS UNIT The Corporate Strategic Business Group (CORP SBG) at Honeywell is a division focused on corporate-level functions and initiatives that facilitate the overall operations and strategy of the company. It is accountable for overseeing areas such as finance, legal, human resources, communications, and corporate governance, working closely with other business units and SBGs to ensure alignment and coordination across the organization. The CORP SBG plays a crucial role in the overall strategic direction and management of Honeywells corporate functions and operations, assisting the companys business objectives. Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, care or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

Cyber Security Engineer II The Cyber Security Engineer II reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Products and partner technologies. This role will be responsible for security services delivery, which may include use of application / network / Mobile / Cloud / Container security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle. Responsibilities Individual Contributor with Product Security Assurance Team, with minor team leadership accountabilities Provide mentorship, expertise and direction to junior team members Assist with onboarding internal team training Champion strategic Product Security initiatives Oversee and ensure client deliverables are on time, requirements are met Proactively anticipate escalations Lead initiatives to engineer better solutions Develop methodologies, determine scoping requirements Deliver Security Testing across all of HCE Assist in the development of modular, repeatable, effective Security Testing processes Partner with Tools a nd Technology Team to select, implement, develop, and automate testing with appropriate tools. Work with cross functional teams to develop remediation suggestions Report observations using our standardized reporting structure Basic Qualifications Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience Total Experience - Minimum 2 years 2+ years demonstrated experience in penetration testing 1+ years project management skills Preferred Qualifications Experience in pentesting - Web, Network, Mobile App, Thick Client, API, Web services, Cloud, Containers Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Experience with pentest tools and frameworks such as: Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit, Nessus, Nmap, MObSF, Genymotion, Frida, APK Tool Scripting experience in Python, Powershell and Bash preferred. Experience working with other languages such as C, C++, Java, .NET or javascript. Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Demonstrated project management skills. Relevant Security certifications: CEH, OSCP, GPEN Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline

Advanced Cyber Security Engineer As an Advanced Cyber Security Engineer II here at Honeywell, you will be accountable for ensuring the security of our products and services. You will work closely with our team to implement and maintain security measures to protect our customers from cyber threats. You will report directly to our Security Engineering Manager and you ll work out of our Orion Campus, Bangalore location on a hybrid work schedule. In this role, you will impact the security of all of our products and services, ensuring the self-assured integrity and availability of our customers products, data, and information. You will work with cross-functional teams to develop and implement security solutions, conduct vulnerability assessments, and respond to security incidents. At Honeywell, our people play a critical role in developing and assisting our employees to help them perform at their best and drive change across the company. Help to build a strong, diverse team by recruiting talent, identifying, and developing successors, driving retention and engagement, and fostering an inclusive culture. KEY RESPONSIBILITIES Develop and implement security measures to protect systems and networks Conduct vulnerability assessments and penetration testing Monitor and respond to security incidents Work with cross-functional teams to ensure security requirements are met Stay up-to-date with the latest cybersecurity trends and technologies COMPENSATION The annual base salary for this position is . Please note that this salary information serves as a general guideline. Honeywell considers various factors when extending an offer, including but not limited to the scope and responsibilities of the position, the candidates work experience, education and training, key skills, as well as market and business considerations. BENEFITS OF WORKING FOR HONEYWELL Benefits - Medical, Vision, Dental, Mental Health Paid Vacation 401k Plan/Retirement Benefits (as per regional policy) Career Growth Professional Development YOU MUST HAVE 3+ years of experience in cybersecurity or a related field Bachelors degree or equivalent experience in Software Engineering, Computer Science, or related discipline Familiarity with the following tools with direct experience in several of them: Java / Groovy Python JIRA ScriptRunner Jenkins Ansible / Boto3 DevSecOps Security Requirements Threat Modeling Penetration Testing Tools Public Key Infrastructure Embedded Device Software Engineering Hardware Engineering WE VALUE Strong knowledge of python-based development Experience designing and deploying global technology services Deep understanding of tool automation and integration Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Excellent communication and leadership skills Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders Technical leadership experience in the software security field Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP Understanding of Agile software development practices ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world s most critical demands around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company dedicated to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. THE BUSINESS UNIT The Corporate Strategic Business Group (CORP SBG) at Honeywell is a division focused on corporate-level functions and initiatives that facilitate the overall operations and strategy of the company. It is accountable for overseeing areas such as finance, legal, human resources, communications, and corporate governance, working closely with other business units and SBGs to ensure alignment and coordination across the organization. The CORP SBG plays a crucial role in the overall strategic direction and management of Honeywells corporate functions and operations, assisting the companys business objectives. Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, care or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

WHO WE ARE: WHO YOU ARE You re a highly organized and proactive technical project manager (TPM) or technical program manager (TPgM) with a strong understanding of cybersecurity. You don t just track progress - you help shape it. You ve worked in complex environments, and you know how to bring clarity to chaos. You re comfortable driving multiple initiatives, projects and programs at once, keeping stakeholders aligned, and pushing security programs forward without losing sight of the details. You re comfortable working with software engineers, security engineers, and senior stakeholders, and you ve got a knack for solving problems that don t have a clear blueprint. You understand how to bridge technical risk and business impact through strategic security program management and clear communication. You re not afraid of scale, and you see security as a key enabler of trust and innovation - not just a checkbox. WHAT YOU LL DO Own the delivery of security initiatives from kickoff through completion - including planning, execution, and tracking Manage several programs simultaneously, working with stakeholders to ensure alignment on goals, priorities, and plans Develop metrics and status reports that clearly communicate progress, blockers, and risks to leadership and others Manage and coordinate initiatives like vulnerability management, penetration testing, security champions etc. Support audit readiness and ensure that findings are remediated on time and tracked through resolution Contribute to strategic planning for broader security programs, where applicable Ensure alignment of security initiatives with regulatory and compliance requirements (e.g., SOC 1, SOC 2, NIST) Assist in budget planning and resource forecasting for security initiatives Be a humble member of our team WHAT YOU LL NEED: 6+ years of experience in project and/or program management, ideally with a focus in Information Security or IT Project Management Professional (PMP), Program Management Professional (PgMP) or other similar certifications Understanding of to security concepts like vulnerability management, penetration testing, and risk management Experience with agile development or methodology, DevOps, CI/CD and secure development lifecycle practices Ability to clearly translate technical details to non-technical stakeholders Strong organizational habits and attention to detail Ability to manage competing priorities and timelines without dropping the ball Comfortable working independently, but collaborative when it counts Strong risk management mindset with experience facilitating risk assessments and mitigation strategies Familiar with tracking and reporting tools like JIRA

Volvo India is looking for Senior IT Security Officer to join our dynamic team and embark on a rewarding career journey. Ensure the security, safety and well-being of all personnel, visitors and the premises Provide excellent customer service Adhere to all company service and operating standards Remain in compliance with local, state and federal regulations Immediately respond to emergencies to provide necessary assistance to employees and customers Protect the companys assets relative to theft, assault, fire and other safety issues Follow procedures for various initiatives, including fire prevention, property patrol, traffic control and accident investigations