BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Job Title: Lead Application Security/ Sr. Lead Application Security Experience Required: 4-8 years. Job Summary: Seeking for a highly skilled and experienced Application Security Specialist who will play a crucial role in ensuring the security and resilience of our organisations systems, networks, and infrastructure. He will be collaborating closely with development and operations teams to integrate security practices throughout the software development lifecycle. The role will involve identifying vulnerabilities, defining and implementing secure coding practices, conducting security assessments, performing day to day WAF & BOT operations and ensuring compliance with industry standards and regulations. Required Skills: The candidate should have minimum experience of 5 years in vulnerability assessment & penetration testing (VAPT) and WAF solutions. Mandatory: Proven experience in application security, with a focus on web and mobile applications. Proficiency in wide range of security tools and frameworks, such as Metasploit, Burp Suite, Nmap, Wireshark, Kali Linux, PowerShell Empire, Cobalt Strike, and others. Awareness of current cyber threats, attack trends, and threat actor tactics, techniques, and procedures. Familiarity with industry standards (e.g., OWASP Top 10, CWE) and regulatory requirements (e.g., GDPR, PCI-DSS). Experience in managing and optimizing WAF and BOT management systems. (e.g. Akamai, Cloudflare, Imperva etc.) Excellent communication and collaboration skills. Good to have: Experience with cloud security, container security and DevSecOps practices is desirable. Evaluate and implement WAF & BOT management solutions to detect, mitigate, and respond to bot activities. Experience in scripting and automation for WAF & BOT rule deployment and management (e.g., Python, PowerShell). Certification: Mandatory: Certifications such as Certified Red Team Operator (CRT), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Penetration Tester (GPEN) are highly desirable. Good to have: Certifications such as CREST Practitioner Security Analyst (CPSA), Certified Expert Penetration Tester (CEPT) etc. Qualifications: 1. Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). 2. Strong understanding of networking protocols, operating systems, and security technologies. 3. Excellent analytical and problem-solving skills. 4. Proficient in at least one scripting language. Responsibilities: 1. Define and implement secure coding standards and practices. 2. Conduct security assessments, code reviews, and penetration testing. 3. Collaborate with development and operations teams to integrate security into the SDLC. 4. Identify and prioritize application security risks and vulnerabilities. 5. Design and implement security controls and solutions to mitigate risks. 6. Stay updated with emerging threats and industry best practices. 7. Drive compliance with relevant security standards and regulations. 8. Respond to and mitigate security incidents under WAF & BOT operations. 9. Contribute to security awareness and training programs.

Implement security-as-code principles and automate security controls in CI/CD pipelines. Conduct secure code reviews and assist developers in adopting secure coding practices. Deploy and manage security tools such as SAST, DAST, SCA, IAST, and container security solutions.

We are looking for a strategic and technically capable Cyber Defense Vulnerability Manager to lead vulnerability management initiatives within our Cyber Defense Operations (CDO) function. Responsible for the vulnerability remediation strategy, aligning with Arms global security standards and running the operational execution of the vulnerability management lifecycle. Responsibilities: Develop and lead strategic vulnerability management and Attack surface management initiatives across teams and geographies. Drive remediation accountability and ensure alignment with business risk profiles. Coordinate integration of threat intelligence and vulnerability scanning and Penetration Testing tools (eg, Tenable, Qualys) with ServiceNow workflows. Define Key Performance Indicators and metrics to govern remediation efficiency and SLA compliance. Collaborate with global teams, including Product Security, Red Team, Threat Intelligence, and Engineering. Provide leadership and mentoring to vulnerability analysts. Champion process automation and tooling enhancements. Drive operational transformation to mature existing processes, procedures and tooling. Lead the response efforts for major vulnerabilities in conjunction with security partners across the business. Act as a senior technical authority, as we'll as an escalation point for advanced response coordination. Scope and perform security reviews of platforms, web applications, mobile applications, and private and public cloud environments. Identify architectural deficiencies and implement vulnerability mitigation strategies to address. Required Skills and Experience: Demonstrable experience leading a vulnerability and Attack Surface management function in a global or enterprise-scale environment. Expertise in platforms like ServiceNow Vulnerability Management, Tenable, and third-party integrations. Sufficient understanding of web technologies to handle Web vulnerabilities. Solid understanding of security governance, frameworks (ISO 27001, NIST), and risk assessment practices. Demonstrated leadership in running multi-functional teams and stakeholder alignment. Ability to articulate security risk and remediation impact to executive audiences. Exposure to Networking, automation, scripting, and API integrations. Specialist technical knowledge spanning security and IT domains to enable a comprehensive response to vulnerabilities of the highest complexity, as we'll as cross organisational incident management. Detailed cyber security threat landscape knowledge and experience in bringing it to bear in response to a vulnerability. Nice To Have Skills and Experience: bachelors or masters in Cybersecurity, IT, or related field! Certifications such as CISSP, CISM, GIAC (GCCC, GCPM), or PMP. Understanding of Agile or DevSecOps practices

We are looking for a Cyber Defense Vulnerability Incident Response Senior Analyst to join our growing Cyber Defense Operations (CDO) Centre. This role provides an outstanding opportunity to lead the response to critical vulnerabilities while also contributing to security incident handling and response. The ideal candidate will have a solid background in vulnerability management, with additional expertise in incident response. This is a great opportunity for someone who wants to deepen their understanding of the overlap between vulnerability management (VM) and incident response (IR). We are at an exciting moment in our transformation! Arm has a bold vision to develop technology that invisibly enables opportunity for a globally connected population. To achieve this, Arm is growing rapidly and developing new products. With new business capabilities, Arm is encountering new security challenges that require a thoughtful, adaptable approach to strengthen its cyber defences and detect respond strategy. Responsibilities: Vulnerability Management (Main Focus) Lead operational vulnerability management activities across infrastructure, applications, cloud, and third-party platforms. Validate findings and prioritize remediation based on business risk and threat intelligence. Collaborate with global IT, Engineering, and Security teams to drive vulnerability remediation efforts. Optimize and manage ServiceNow Vulnerability Management workflows. Act as technical lead in remediation planning, providing guidance and support to stakeholders. Collaborate with Red Team, Threat Intelligence, and Product Security to identify high-risk vulnerabilities. Lead Major vulnerability Incident response efforts in accordance with the response plan and policies. Incident Response (Secondary Focus) Support team in incident triage and response efforts as needed, particularly those involving vulnerability exploitation. Assist in forensic investigations and log analysis for potential Security Incidents. Contribute to the development of playbooks for vulnerability incident response. Deliver training and mentorship to junior analysts. Required Skills Experience: Demonstrable experience in vulnerability management, including implementation of scanning tools like Tenable, Qualys, or similar platforms. Hands-on experience with ServiceNow Vulnerability Management workflows and integrations. Experience with remediation coordination, risk-based prioritization, and vulnerability lifecycle management. Exposure to incident handling, including forensic and malware analysis basics. Solid understanding of cloud and container security vulnerabilities (AWS, Azure, GCP). Sufficient understanding of web technologies to manage Web vulnerabilities. Ability to articulate risk and technical topics clearly to non-technical stakeholders. Scripting and automation skills (eg, Python, PowerShell) to streamline workflows. Deep understanding of the cyber threat landscape and emerging exploitation trends. Nice-to-Have Skills Certifications: BSc or higher in Cybersecurity, Computer Science, or related field! Professional certifications: GIAC (GCIH, GCFA, GPEN), OSCP, or CISSP. Exposure to penetration testing or Red Teaming methodologies. Understanding of ITIL processes and project management principles

Happiest Minds Technologies is a Mindful IT Company that focuses on enabling digital transformation for enterprises and technology providers by leveraging disruptive technologies. With a 'Born Digital . Born Agile' approach, we offer digital solutions, infrastructure, product engineering, and security services across various industry sectors. Headquartered in Bangalore, India, Happiest Minds has a global presence in the U.S., UK, Canada, Australia, and the Middle East. Interested professionals can reach out to me ankita.patari@happiestminds.com Experience Details : 7 to 10 Years Location : Bangalore,Pune,Noida,Bhubneswar,Madurai,Coimabatore S kills: Burp suite, Vulnerability Assessment, Static/dynamic testing of mobile applications Job Description: Good written and verbal communication skills Hands on experience in Application security testing: Manual code walkthroughs, using Burp tool, NMap, Radioshark, Checkmarx etc., - Experience in both DAST and SAST - Preparation of detailed testing reports with vulnerabilities with CVSS scoring and remediations - Guiding developers in fixing the vulnerabilities - Knowledge of writing the test cases aligning with OWAP / NIST standards - Knowledge of External PT - Team management - Client management - Tracking and reporting of vulnerabilities - Understanding of Cybersecurity domain Thanks And Regards, Ankita Ghosh

We are looking for a skilled Cyber Testing Senior Associate 1 to join our team in Bengaluru. The ideal candidate will have between 5 and 10 years of experience in cyber testing, with expertise in manual and automated testing. Roles and Responsibility Perform security assessments, including static and dynamic application security testing. Conduct manual penetration testing on web applications, network devices, and other systems. Collaborate with clients in a fast-paced environment across various technology stacks and services. Develop, enhance, and interpret security standards and guidance. Demonstrate and promote security best practices, including secure development and cloud security. Assist with the development of remediation recommendations for identified findings. Identify and clearly articulate (written and verbal) findings to senior management and clients. Help identify improvement opportunities for assigned clients. Stay up-to-date with the latest security trends, technologies, and best practices. Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes. Supervise and provide engagement management for other staff working on assigned engagements. Job Requirements Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent work experience. Expertise in web security, with extensive knowledge of vulnerabilities and the ability to identify and exploit them effectively. Minimum 5 years of experience in code review, application security testing, or web application development. Excellent written and verbal communication skills. Strong scripting skills, such as Python, Ruby, or Perl. Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices. Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices. Technical background in application development, networking/system administration, security testing, or related fields. Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques. Preferred but not required: one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist. Additional Info The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned with client requirements and deliverables.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment ..Interested candidate can share resume to ankita.patari@happiestminds.com Work Location: Belapur, Navi Mumbai Experience: 11-15 Years General Shift who can join with 30 days notice period Skills: Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10,OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Job Description: Project Management - Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Thanks And Regards, Ankita Ghosh ankita.patari@happiestminds.com

We are looking for a skilled Application Penetration Tester with expertise in both manual and automated testing to join our Security and Privacy Risk Consulting group. The ideal candidate will have 5-10 years of experience, a strong understanding of various testing methodologies and tools, as well as a passion for uncovering vulnerabilities and identifying potential security risks. Roles and Responsibility Perform security assessments, including static and dynamic application security testing. Conduct manual penetration testing on web applications, network devices, and other systems. Collaborate with clients in a fast-paced environment across many technology stacks and services. Develop, enhance, and interpret security standards and guidance. Demonstrate and promote security best practices, including secure development and cloud security. Assist with the development of remediation recommendations for identified findings. Identify and clearly articulate (written and verbal) findings to senior management and clients. Help identify improvement opportunities for assigned clients. Stay up-to-date with the latest security trends, technologies, and best practices. Work effectively within a team, fostering collaboration and open communication to deliver successful outcomes. Supervise and provide engagement management for other staff working on assigned engagements. Job Requirements B.Tech in Computer Science, Engineering, or related field, or equivalent work experience. Expertise in web security, with extensive knowledge of vulnerabilities and the ability to identify and exploit them effectively. Minimum 5 years of experience in code review, application security testing, or web application development. Excellent written and verbal communication skills. Strong scripting skills (e.g., Python, Ruby, Perl). Experience with cloud platforms such as AWS and knowledge of cloud security best practices. Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to company policies and best practices. Technical background in application development, networking/system administration, security testing, or related fields. Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques. Preferred but not required: one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist.

As an Associate Developer at IBM, you'll work with clients to co-create solutions to major real-world challenges by using best practice technologies, tools, techniques, and products to translate system requirements into the design and development of customized systems. In your role, you will be responsible for: Your primary responsibilities include: Working on the end-to-end feature development and solving challenges faced in the implementation. Collaborate with key stakeholders, internal and external, to understand the problems, issues with the product and features and solve the issues as per SLAs defined. Being eager to learn new technologies and implementing the same in feature development Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Hands on extensive experience on RPG language on AS/400 System I and have worked on Production system and Application Development. 3+ years of relevant experience working on mainframes. Should have technical expertise/hands on - Assembler, COBOL, JCL, CICS, VSAM, Inter-test, Fault Analyser, File-Manager, Control-M/Any other Scheduler etc. Should have expertise working on JIRA/Confluence/SharePoint/Any Change management tool (Remedy/Myservice/Service now etc.) Message Types and Transaction flows Preferred technical and professional experience Processing between Acquirers, Issuer & Acquiring gateways etc. Interact with different stake holders, gather and articulate the Requirements. Good communications skills to deal with the clients directly and set up calls to bring the Business and Delivery inline

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Not Applicable Specialism Risk Management Level Associate Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . Summary Indepth knowledge and handson experience in VAPT , including Web Application Vulnerability Assessment Penetration Testing, Mobile Application Vulnerability Assessment Penetration Testing , API and Network Penetration Testing, Cloud Security, Network Security, SOC Monitoring and Incident management. Vulnerability Assessment and Penetration Testing (VA/PT) Conduct VAPT Program Management including Remediation and Closure Management Conduct secure configuration review Conduct/ Manage Secure Code review Conduct/ Manage API secure testing Conduct/ Manage VA/PT for new web/ app development Conduct/ Manage Application Security Conduct/ Manage Red Teaming Conduct/ Manage DevSec/DevSecOps Conduct/ Manage Patch Management Mandatory skill sets VAPT Indepth knowledge of security issues, exploitation techniques and remediation measures. Handson Experience in Vulnerability Assessments Penetration Testing (Automated + Manual) on business critical assets ( IP,Web,Mobile,API and AWS) Handson experience with wellknown security tools BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc Understanding of web application security vulnerabilities (OWASP Top 10), including XSS, SQL injection, CSRF, and others. Strong knowledge of network security concepts, firewalls, VPNs, IDS/IPS, and TCP/IP protocols. Familiarity with mobile security vulnerabilities in iOS and Android platforms, including reverse engineering, mobile app testing, and OWASP Mobile Security Project. Strong written and verbal communication skills for delivering clear, concise security reports and presenting findings to stakeholders. Preferred skill sets Strong organizational, teamwork, multitasking time management skills. Outstanding communication abilities. Ability to effectively communicate the required recommendations. Years of experience required 4+ Years Education qualification Minimum Qualification BE/ BTech Education Degrees/Field of Study required Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred Required Skills Burp Suite, Nessus Vulnerability Scanner, Structured Query Language (SQL) Optional Skills Teamwork No

Required skillset: Ability to handle security testing projects: Customer Interactions, Team monitoring. Able to derive security requirements Threat Model, TARA, SCA, SAST Able to drive the security standards in the applications like OWASP, SANS, CVSS, CWE, STRIDE, DREAD Good Technical Presentation skills, Team collaboration skills, training and mentoring must be preferred. Expertise in Tools like : Appscan, Fortify, Burpsuite, Kali Linux, Postman Expertise in REST API Penetration testing Handson experience in Embedded Device Security Testing with expertise in Secure Boot, Firmware Analysis, CAN/UDS/USB/JTAG interface security testing Expertise in implementing and executing the Cyber Security Solutions and Penetration Testing for Network and Embedded devices. Hands-on Experience in AWS/Azure Good Technical Presentation skills and Team collaboration skills must be preferred. Security Certifications like CEH, ECSA or equivalent. Role & responsibilities Preferred candidate profile

Required Skills Technology | Incident Response Design SME | Level 4 Support Technology | Certified Ethical Hacking Design SME | Level 4 Support Technology | Penetration Testing and Adversarial Thinking | Level 4 Support Technology | Security Assessment and Scenario Planning | Level 4 Support Technology | Security Assessment and Scenario Planning | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Offensive Security Certified Expert/Certified Red Team Professional/Certified Purple Team Leader/GDSA/MITRE ATT&CK Defender/GIAC CIH/GIAC CFA / CISSP / CISM / CISA / CEH / CTIA / GMON Delivery Skills required are: - Advanced Technical Skills: - Expertise in conducting and managing penetration tests, red team exercises, and simulated attacks. Deep understanding of network security protocols, architecture, and defense mechanisms. Ability to automate security operations tasks using scripting languages (e.g., Python, PowerShell). Analytical and Problem-Solving Skills: - Capability to collect, analyze, and apply threat intelligence to enhance security measures. Integration of threat intelligence feeds and indicators of compromise (IOCs) into security operations. Skills in conducting comprehensive risk assessments and developing mitigation strategies. Communication and Leadership Skills: - Effective communication of technical security findings and recommendations to non-technical stakeholders. Clear and concise reporting on security incidents, vulnerabilities, and remediation efforts. Ability to lead and mentor a team of security professionals, including red and purple team members. Continuous Learning and Adaptability: - Continuous learning and staying abreast of emerging cybersecurity threats, trends, and technologies. Participation in industry conferences, training programs, and certifications to enhance skills and knowledge. Ability to adapt to evolving threats and changes in the cybersecurity landscape. Value Proposition: - Understand the existing environment and propose any opportunity of improvement. Look at nagging issues in the environment and come out with Get Around solutions by working with vendors and industry experts

We are seeking a Security Specialist to join our team. The role involves identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of our vulnerability management practice. you'll work with a diverse and skilled team to ensure the security of our information assets. What you will do: Align with units and stakeholders on PT test requirements and schedules. Conduct manual penetration testing with hands-on experience. Create scripts for payloads and simulate security breaches. Perform web, API, mobile, and infrastructure pen testing. Set up test labs for zero-day attacks and plan penetration methods. Execute periodic testing based on threat intelligence and data review. Report findings and suggest risk mitigation strategies. Present conclusions to stakeholders. Manage PT tools, licenses, and infrastructure. Drive automation and innovation for improved efficiency and quality. Document designs and configurations. Resolve reported vulnerabilities and propose solutions for gaps. Analyze critical exploits and mentor security engineers. Provide after-hours support for IT security incidents. The skills you bring: bachelors Degree in Computer Science or related field. 8-10 years of experience. Strong knowledge of security controls (eg, access control, encryption, and application security). Proficiency with PT tools like Kali Linux, Metasploit, and Burp Suite. Deep understanding of security issues in enterprise, network, API, and mobile systems. Familiarity with enterprise computing, distributed applications, and TCP/IP network security. Experience in writing technical reports and summaries. Ability to provide after-hours support and work under pressure. Effective in both team and independent work settings. Participate in on-call rotation for critical incidents. Strong collaboration and knowledge-sharing skills. Results-driven with excellent communication skills; fluency in English is essential. Preferred certifications: OSCP, OSWP, OSEP, OWSA, OWSE.

Designation: Senior Lead Engineer - Product Cyber Security Years of experience: 8 12 Years Location Hyderabad On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment

We re on a mission to change the future of clinical research. At Perceptive, we help the biopharmaceutical industry bring medical treatments to the market, faster. Our mission is to change the world but to do this, we need people like you. Apart from job satisfaction, we can offer you: HEALTH: - Medical plan for you and your dependents. - Personal Accident Insurance - Life Insurance - Critical illness cover WEALTH: - Salary structure and Flexi basket - Provident fund of 12% - Gratuity scheme YOURSELF: Internal growth and development programs trainings Key Responsibilities Security Engineering Implementation Deploy, configure, and maintain security technologies, including firewalls, IDS/IPS, endpoint security, and XDR solutions. Work closely with IT and DevOps teams to integrate security into system and application architectures. Threat Detection Incident Response Monitor security alerts and investigate incidents to identify root causes and remediation actions. Support security operations teams in responding to threats and improving detection and response capabilities. Endpoint, Cloud, and Network Security Implement and manage security controls for endpoints, cloud environments, and networks. Work on securing hybrid cloud infrastructures and enforcing Zero Trust principles Vulnerability Patch Management Conduct security assessments and penetration tests to identify vulnerabilities. Work with IT teams to prioritize and apply security patches and remediations. Compliance Risk Management Assist in maintaining compliance with industry regulations (ISO 27001, GDPR, HIPAA). Participate in security audits, risk assessments, and policy development to strengthen the organization s security framework. Security Awareness Collaboration Work closely with internal teams to provide security guidance and training. Contribute to security awareness programs to enhance the organizations security culture. Functional Competencies (Technical knowledge/Skills) Strong knowledge of security frameworks (NIST, ISO 27001, CIS Controls). Hands-on experience with security tools such as firewalls, IDS/IPS, EDR, and XDR solutions. Understanding of cloud security in AWS, Azure, or GCP. Experience with vulnerability management and penetration testing. Knowledge of IAM, PAM, and Zero Trust security principles. Strong analytical skills and problem-solving capabilities. Effective communication skills to work with technical and non-technical teams. Experience, Education, and Certifications 9+ years of experience in cybersecurity, with hands-on expertise in security engineering. Bachelors degree in Computer Science, Cybersecurity, or a related field. Relevant certifications such as CISSP, CEH, OSCP, or equivalent are preferred. Experience in security operations, incident response, and vulnerability management. Strong understanding of regulatory and compliance requirements in cybersecurity. Come as you are. Were proud to be a Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We re on a mission to change the future of clinical research. At Perceptive, we help the biopharmaceutical industry bring medical treatments to the market, faster. Our mission is to change the world but to do this, we need people like you. Apart from job satisfaction, we can offer you: HEALTH: - Medical plan for you and your dependents. - Personal Accident Insurance - Life Insurance - Critical illness cover WEALTH: - Salary structure and Flexi basket - Provident fund of 12% - Gratuity scheme YOURSELF: Internal growth and development programs trainings Key Responsibilities Information Security Operations Incident Response Monitor information security alerts and logs using XDR and other security tools. Investigate potential information security incidents, escalate critical issues, and support information security incident response processes. Endpoint, Cloud, and Network Security Assist in managing security controls for endpoints, cloud services, and network environments. Support security hardening initiatives to reduce risks. Email Security Gateway Anti-Phishing Manage and optimize email security solutions to prevent phishing, malware, and spam attacks. Work on email filtering policies, domain security (DMARC, DKIM, SPF), and respond to email-based threats. Vulnerability Patch Management Perform routine security assessments to identify vulnerabilities and misconfigurations. Work with IT teams to prioritize and implement security patches and updates. Threat Intelligence Risk Mitigation Analyze emerging threats and recommend proactive security measures. Assist in conducting risk assessments and security reviews of new technologies and processes. Compliance Security Governance Assist in maintaining security policies and ensuring compliance with contractual regulatory requirements (ISO 27001, GDPR, HIPAA, etc.). Support audits and security assessments. Security Awareness Training Promote cybersecurity awareness by assisting with security training sessions and phishing simulations. Support internal teams with security best practices. Functional Competencies (Technical knowledge/Skills) Strong understanding of cybersecurity frameworks (ISO 27001, NIST, CIS Controls). Experience with XDR, firewalls, endpoint security, and cloud security solutions. Familiarity with Email Security Gateways (Proofpoint, Mimecast, etc.) and anti-phishing technologies. Basic knowledge of penetration testing and vulnerability scanning tools. Hands-on experience with IAM and access control mechanisms. Understanding of regulatory and compliance requirements in cybersecurity. Strong analytical skills with attention to detail. Good communication and collaboration skills to work across teams. Behaviour Competencies Mandatory Success Factors: Accountability Adaptability Customer Focus Optional Success Factors: Willingness to Learn Time Management Analytical Thinking Results Orientation Experience, Education, and Certifications 5+ years of experience in cybersecurity operations or security administration. Bachelor s degree in Cybersecurity, Information Technology, or a related field. Certifications such as CompTIA Security+, CEH, or equivalent preferred. Experience working with email security solutions and incident response processes. Knowledge of cloud security in AWS, Azure, or GCP is an advantage. Come as you are. Were proud to be a Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Web and Network PT Consultant Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. Perform social engineering assessment to assess the security awareness and physical security controls of the organization. Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs,internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO OSWA, are strongly preferred.

Splunk SME/Administrator responsible for supporting Design, Development & implementation of Splunk products to bring agility in operations. What Part Will You Play? Implemente and administer Splunk, Splunk Enterprise Security in both on-prem and cloud Develop content including dashboards, alerts, reports etc. Monitor and maintain Splunk performance, availability, and capacity with present and future infrastructure User management, Index Management, configuration files, Forwarder management, Data inputs, Event Parsing, Manipulating raw data Build, customize, and deploy Splunk apps Work on different types of knowledge objects - Fields, Field extractions, Field aliases, Calculated fields, Lookups, Event types, Tags, Reports, Alerts, Macros, Data models Strong knowledge on Search Processing Language (SPL) Good knowledge of Splunk ES (Enterprise Security) is must Troubleshoot technical issues to establish the root cause of problems and form a solution or workaround across a range of environments Knowledge on Splunk SOAR and UBA is a plus What Are We Looking For in This Role? Minimum Qualifications Bachelors Degree Relevant Experience or Degree in: Bachelors degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field. Typically Minimum 4 Years Relevant Exp in Splunk administration Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Even Management systems, Penetration Testing, Web Application assessment, Secure Coding practices. Preferred Qualifications Splunk certifications Any security certification Typically Minimum 4 Years Relevant Exp Knowledge of industry standard security compliance programs PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.) What Are Our Desired Skills and Capabilities? Skills / Knowledge - Developing professional expertise, applies company policies and procedures to resolve a variety of issues. Job Complexity - Works on problems of moderate scope where analysis of situations or data requires a review of a variety of factors. Exercises judgment within defined procedures and practices to determine appropriate action. Builds productive internal/external working relationships. Supervision - Normally receives general instructions on routine work, detailed instructions on new projects or assignments. Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Join our Team Grow with us About this opportunity: We are seeking a Security Specialist to join our team. The role involves identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of our vulnerability management practice. Youll work with a diverse and skilled team to ensure the security of our information assets. What you will do: Align with units and stakeholders on PT test requirements and schedules. Conduct manual penetration testing with hands-on experience. Create scripts for payloads and simulate security breaches. Perform web, API, mobile, and infrastructure pen testing. Set up test labs for zero-day attacks and plan penetration methods. Execute periodic testing based on threat intelligence and data review. Report findings and suggest risk mitigation strategies. Present conclusions to stakeholders. Manage PT tools, licenses, and infrastructure. Drive automation and innovation for improved efficiency and quality. Document designs and configurations. Resolve reported vulnerabilities and propose solutions for gaps. Analyze critical exploits and mentor security engineers. Provide after-hours support for IT security incidents. The skills you bring: Bachelor s Degree in Computer Science or related field. 8-10 years of experience. Strong knowledge of security controls (e.g., access control, encryption, and application security). Proficiency with PT tools like Kali Linux, Metasploit, and Burp Suite. Deep understanding of security issues in enterprise, network, API, and mobile systems. Familiarity with enterprise computing, distributed applications, and TCP/IP network security. Experience in writing technical reports and summaries. Ability to provide after-hours support and work under pressure. Effective in both team and independent work settings. Participate in on-call rotation for critical incidents. Strong collaboration and knowledge-sharing skills. Results-driven with excellent communication skills; fluency in English is essential. Preferred certifications: OSCP, OSWP, OSEP, OWSA, OWSE. Why join Ericsson? What happens once you apply? Primary country and city: India (IN) || Gurgaon, Noida, Bangalore, Kolkata, Pune Req ID: 767059

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Cisco Firewalls and VPN. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA’s (90-95%), response time and resolution time TAT Mandatory Skills: Fortinet Firewall. Experience3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Assessment Penetrationtest. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA’s (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience3-5 Years.