Position Summary The Head of Application Security (AppSec) & Vulnerability Management will be responsible for conducting security assessments and penetration testing of IT, cloud, and OT infrastructure, performing application security assessments for hosted applications, and providing DevSecOps support for new applications throughout their lifecycle. This role involves identifying potential vulnerabilities, suggesting mitigation strategies, and assisting customers and partners in implementing these strategies. Additionally, the role includes project management, service delivery, quality assurance, customer management, and maintaining relationships with vendors and technology partners. Key General Responsibilities: Lead and drive the AppSec and Vulnerability Management functions, ensuring effective service delivery through project acquisition, execution, and operational support. Demonstrate strong leadership skills by managing departmental and functional teams, including hiring, developing, and growing team competency. Provide expert technical guidance to delivery teams, partners, and customers, ensuring the successful implementation of security solutions. Be results-oriented with the ability to think strategically and align efforts with customer needs, working backward from those needs to achieve goals. Oversee project management, service management, and quality assurance processes to ensure successful delivery and client satisfaction. Exhibit strong communication skills, with a proven ability to work cross-functionally, deliver results, and demonstrate ownership in various projects. Manage all aspects of people development, including hiring, talent development, performance management, succession planning, and team engagement. Possess excellent interpersonal skills, with the ability to influence and engage stakeholders at all levels within the organization and with external customers, partners, and vendors. Support sales strategies to meet revenue targets by providing pre-sales support and delivering appropriate security solutions. Identify and cultivate new opportunities with existing customers, ensuring high levels of customer satisfaction and retention. Key Technical Responsibilities: As a technical leader, drive the future strategy for threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps, and application security. Conduct both manual and automated internal and external vulnerability assessments across IT, cloud, and OT environments. Perform security control and vulnerability assessments specifically within OT environments. Execute Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, Android applications, and APIs. Perform Gray Box and/or penetration testing on web, API, and mobile devices (Android). Complete project tasks with high quality and within deadlines. Analyze findings, draw comprehensive conclusions, and provide detailed recommendations and mitigation plans. Clearly communicate technical impacts and business risks to non-technical audiences after project completion. Provide expert advice on selecting and implementing appropriate security assessment and testing software and tools. Implement and manage DevSecOps practices using the Software Assurance Maturity Model (SAMM) to evaluate and enhance the security of software development processes. Adhere to security standards and frameworks, implementing best practices and methodologies. Work closely with product development teams to ensure adherence to secure coding practices. Educate customers, technical teams, and application developers about emerging threats, vulnerabilities, and application security, promoting a Security Champion program to raise awareness. Qualifications Education: oBachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. A master's degree or relevant certifications (e.g., CISSP, CEH, OSCP) are preferred. Experience: oOver 10 years of experience in leading and managing threat and vulnerability functions, projects, and customer engagements. o6-8 years of direct, hands-on experience in cybersecurity, including familiarity with security standards and best practices, vulnerability assessments, web application testing, network and mobile application assessments, and penetration testing. o1-2 years of experience in enterprise security management, including security product/solution integration and security operations, with a solid understanding of network and system security concepts, standards, and best practices. oProven track record in building, leading, and managing security teams, with experience in cybersecurity practices, application security (AppSec), threat intelligence, vulnerability management, penetration testing, and infrastructure security assessment. oDemonstrated excellence in project management, service management, and customer relations. oExceptional written, presentation, and verbal communication skills, essential for effective team coordination, partner support, and service discussions. oStrong analytical abilities with a creative approach to solving complex technical problems. oCapable of working effectively with clients, management, staff, vendors, and consultants, and interacting and collaborating with senior management, including IT, Network, Security, and C-level executives. oAbility to remain calm and patient in high-pressure situations within a dynamic environment. Skills and Competencies oStrong background in network and infrastructure vulnerability assessment and penetration testing. oComprehensive understanding of security vulnerabilities, including OWASP Top 10, enterprise security architecture, relevant standards, best practices, and frameworks. oExtensive experience in securing web applications, APIs, Android mobile apps, and cloud environments (AWS/Azure). oProficient in software penetration testing, architectural risk assessment, threat modeling, static code analysis, and secure code review for web applications, APIs, and Android mobile applications. oStrong expertise in assessing web applications for security vulnerabilities using tools such as Burp Suite, OWASP ZAP, or similar. oSkilled in evaluating the security of Android mobile applications, including reverse engineering and code analysis. oIn-depth knowledge of cloud security best practices, with hands-on experience in AWS and Azure cloud platforms, including configuring security controls and monitoring for cloud-based threats. oExpertise in evaluating API security, focusing on authentication, authorization, and data protection. oExperience in web and mobile app security assessment according to OWASP standards. oProficient in analyzing vulnerabilities in various applications using both manual and automated tools. oFamiliarity with security practices in DevOps and CI/CD pipelines. oExperience with Windows and Linux operating systems, with a good understanding of operating system internals and mobile OS (Android), especially in the context of app development. oFamiliarity with common compliance requirements such as GDPR, PCI-DSS, and ISO 27001. oExperience with OWASP Mobile Security Testing Guide and associated checklists. oAbility to configure and utilize automated scanners for tasks such as login sequence, policy customization, and scan throttling, while effectively analyzing and managing false positives. oSkilled in identifying vulnerabilities not detected by automated scanners through manual testing, including authentication, session management, CSRF, and business logic testing. oUnderstanding of application workflows to identify entry points and potential vulnerabilities. oHands-on experience with popular security tools, including NMAP, Nessus, Burp Suite, Netsparker, Metasploit, and OWASP ZAP. oFamiliarity with Agile processes and development tools such as Jira, Confluence, Bitbucket, Git, Maven, and Jenkins. Why Tribastion? Strategic Leadership: Play a pivotal role in shaping Tribastions growth strategy in one of the most competitive markets in the world. Career Advancement: Opportunities for professional growth within a dynamic and rapidly expanding organization. Innovative Environment: Contribute to a company that prioritizes excellence, innovation, and leadership in the cybersecurity industry.

Job Title : Security Engineer - Contractual Role Experience Required : 2-4 years. Job Summary : Seeking for a highly skilled and motivated Web Application Firewall (WAF) and Bot Operations Security Engineer who will play a crucial role in ensuring the security and resilience of our organisations systems, networks, and infrastructure. He will be responsible for deploying, configuring, and managing Web Application Firewalls (WAFs) and bot mitigation solutions to protect our web applications from various cyber threats and malicious activities. This role involves a deep understanding of web application security, bot management, and hands-on experience with WAF technologies and bot mitigation tools. Required Skills: The candidate should have minimum experience of 3 years in Vulnerability management to carry out WAF & BOT solutions. Mandatory : 3+ years of experience in web application security, including hands-on experience with WAF technologies and bot mitigation tools (e.g., Akamai, Cloudflare, Imperva, AWS WAF, Azure Application Gateway, F5 BIG-IP). Strong understanding of web application vulnerabilities, attack vectors, and mitigation techniques. Experience with security monitoring and incident response. Good to have: Proficiency in scripting languages (e.g., Python, Bash) for automation and custom rule creation. Knowledge of web technologies, including HTTP/HTTPS, HTML, JavaScript, and APIs. Familiarity with security frameworks and standards (e.g., OWASP, CIS). Certification: Mandatory : Relevant security certifications such as CISSP, CISM, CEH, or other industry-recognized credentials. Good to have: Certifications such as CREST Practitioner Security Analyst (CPSA), Certified Expert Penetration Tester (CEPT) etc. Qualifications : 1. Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). 2. Strong understanding of networking protocols, operating systems, and security technologies. 3. Excellent analytical and problem-solving skills. 4. Proficient in at least one scripting language. Responsibilities : WAF Management: Deploy, configure, and maintain Web Application Firewalls to protect web applications from threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities. Develop and implement custom WAF rules and policies to address specific security requirements and threat landscapes. Monitor WAF performance and fine-tune rules to minimize false positives and negatives. Bot Mitigation: Implement and manage bot detection and mitigation solutions (including advanced BOTs) to safeguard against automated attacks and scraping activities. Analyze bot traffic patterns and behaviour to fine-tune detection and mitigation strategies. Stay updated on emerging bot threats and mitigation techniques, and proactively adjust strategies to counteract new attack vectors. Incident Response: Investigate and respond to security incidents, attack scenarios related to web applications and bot activities. Perform root cause analysis for security events and provide recommendations for improvements to prevent recurrence. Must be willing to be available during off-hours and weekends for incident response and attack scenarios as needed. Collaboration and Communication: Work closely with application developers, system administrators, and other stakeholders to address security concerns and ensure secure application deployment. Provide security guidance and best practices to teams across the organization to enhance overall security posture.

We are hiring for Security Engineer- Navi Mumbai Location (Belapur) for one of our project. Interested candidate can share resume to ankita.patari@happiestminds.com Experience: 2 to 5 Years Location: Navi Mumbai Location (Belapur) Office Timings: Monday to Friday (First Saturday and Third Saturday working) Looking for max 15 Days Joiners only Immediate Joiners please mentioned in Subject Line(Immediate Joiner_AppSec) General Shift Exp Range-2 to 4 Years Primary Skills : SAST, Penetration testing , Vulnerability Assessment Responsibility: Static Code analysis, Static/dynamic testing of mobile applications,Vulnerability Assessment,Penetration Testing Thanks And Regards, Ankita P Ghosh ankita.patari@happiestminds.com

Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/ MCA Good experience doing the security/penetration Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/MCA Good experience doing the security/ penetration testing for enterprise products Basic understanding in domain pf BPM, ECM and CCM products will be an additional advantage. Strong experience in using the DAST tools like Burp professional, Kali Linux, or any other industry recognized tools Experience in using SAST tools like Veracode, SonarQube, JFrog or CheckMarx would be the added advantage Strong understanding of protocols, SSL, transport layers, encryption and cryptography. Strong experience in manual penetration testing using different hacking techniques, Well versed in security standards like PCI-DSS, OWASP, HIPAA etc. Good Experience in Linux and SQL. API penetration testing. Knowledge of XSS, SQL Injection and multiple type of security payloads. Knowledge of cloud computing AWS, Azure and Openshift Certifications like CISSP, CEH, or GSEC are preferred. Ability to work as a team player in a target driven work environment meeting deadline. Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols Interest in all aspects of security research and development Key Skills: Ethical Hacking, Kali Linux, Penetration testing, Security testing.

Vulnerability Analyst I Overview The Vulnerability Management team is a dedicated collection of self-organizing, interdependent, co-located individuals representing different functional roles with all the necessary skills to conduct security testing of Mastercard applications and networks. Team members are network and application security and penetration testing professionals with various levels of expertise and experience in security testing of web application, mobile applications, APIs, Cloud hosted application, Containers and on-prem data centers. The Vulnerability Analyst I is a hands-on professional in application security testing and delivers on individual assignments as well as work within a multi-location team environment. Role Ensuring that all web and mobile applications security tests are conducted within the framework set at Mastercard. Ensure that all test cases and tools are used appropriately for testing of various application types. Ensuring that all help and guidance is provided to development teams on the vulnerabilities identified in their applications while performing of security testing. Identify improvement areas in the security testing domain and implement learnings for the Globally located team. Coordinate with application development teams on their demands for security testing and provide a seamless experience with testing and reporting of penetration tests. Ready to work with a global team spread across time-zones and geographies. All About You A record of successful delivery of application security testing projects as an individual and team leader. Excellent communicator and collaborator Problem solver and solution-seeking approach Ability to build rapport and relationships Understands the full scope of S-SDLC Preferably a certified OSCP or SANS GMOB, ESCA or equivalent certification is a must. Experience in Cloud based application testing or Bug Bounty programs will be an added benefit.

Responsibilities: Support the deployment of robust application security testing tooling in support of the application lifecycle of PTC products. Maintain and improve the application security testing suite to reduce vulnerabilities introduced into the PTC production environment. Support the expanding bug bounty and application penetration testing efforts across PTC. Participate in activities to support the integration of security controls throughout the SDLC. Assist in the process of reviewing designs of new applications and products. Participate in the security testing efforts against our applications, including code reviews, black/white box testing of applications, and maintaining a continuous testing methodology. The qualifications below are ideal, but not all are required. We encourage candidates to apply if they satisfy some, but not all, qualifications. 3-5 years of experience in information security or equivalent experience 2-3 years of experience in hands-on application and product security disciplines or equivalent experience Experience with cloud technologies (i.e., AWS, Azure, Salesforce) Experience working with Salesforce Lighting, Salesforce Customer 360, or Salesforce field service products. Experience with threat modeling, systems analysis, and security design reviews Familiarity with SAST, DAST, SCA, and penetration testing methodologies Good written and verbal communication skills Understanding of application and product architectures, scripting-based programming languages, web application stacks, and general approaches to implementation of an SDLC Ability to prioritize security efforts to mitigate the appropriate risks Ability to identify, analyze, and explain the present or future needs for proposed security initiatives to team leads Ability to influence with empathy and compassion Bonus: Experience with CI/CD practices and platform tools (Jenkins, Travis, GitHub, etc.) Bonus: Background with containers and orchestration technologies (Docker, Kubernetes, Helm) Ideal candidates will thrive in our culture if they have a passion for: Building quality products with a mindset on safety and security Operating in a fast-moving and high-growth environment Working as a team player with an entrepreneurial work ethic Security, learning, and continuous improvement

locationsGURGAON, INDINDIA VIRTUAL, IND time typeFull time posted onPosted 4 Days Ago time left to applyEnd DateMay 23, 2025 (10 days left to apply) job requisition idR1146865 . Key Responsibilities Security Administration Design, Engineer and manage security solutions. Configure, monitor, and troubleshoot systems to ensure optimal performance and security. Plan and execute upgrades, patches, and other maintenance activities for security tooling. Collaborate with the cybersecurity team to ensure robust security measures and compliance with industry standards. Technical Support and Troubleshooting: Provide advanced technical support for AWS cloud networking issues. Mentor and guide junior engineers and IT support staff. Documentation and Reporting Create and maintain comprehensive documentation of configurations, procedures, and processes. Generate regular reports on system performance, security incidents, and maintenance activities. Qualifications Education : Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field; or equivalent work experience. Experience : At least 3 years of hands-on experience in Cyber Security. Technical Skills: Strong understanding of network protocols and services (TCP/IP, DNS, VPN, etc.).Knowledge of scripting languages (PowerShell, Python) for automation. Key Competencies Problem-Solving Skills: Strong analytical and troubleshooting abilities to diagnose and resolve complex technical issues. Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Project Management Ability to manage multiple projects and priorities in a fast-paced environment. Offers of employment are conditional upon passage of screening criteria applicable to the job.

Experience: 4 to 7.5 years Location: Bangalore / Pune Job Type: Full-Time Key Responsibilities Conduct manual security code reviews on applications developed in Java and C# to identify and remediate security issues. Perform dynamic and static application security testing (DAST/SAST) using tools such as: AppScan Netsparker Acunetix Checkmarx Veracode Burp Suite OWASP ZAP Utilize Kali Linux and other penetration testing toolsets for application assessments. Collaborate with development and QA teams to provide guidance on secure coding practices and remediation strategies. Document security findings and provide detailed, actionable recommendations. Stay up to date on current and emerging security threats, vulnerabilities, and industry best practices. Required Skills 4 to 7.5 years of relevant experience in application security . Strong experience in manual code review , particularly in Java and C# . Proficient in using a wide range of application security tools (DAST, SAST, IAST). Knowledge of common vulnerabilities (e.g., OWASP Top 10) and secure coding principles. Experience working with DevSecOps or integrating security into the SDLC is a plus. Excellent communication and analytical skills. Preferred Certifications (optional but beneficial) OSCP , CEH , CISSP , GIAC GWAPT/GWEB , or similar certifications.

Senior Manager, Penetration Testing & Red Teaming What you will do Let’s do this. Let’s change the world. In this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. As a senior-level position, this role involves not only hands-on penetration testing but also overseeing teams, setting testing strategies, and working closely with other security and engineering teams to implement long-term security improvements. The ideal candidate has in-depth knowledge of cybersecurity practices, experience in complex security assessment practices and strong leadership skills. Roles & Responsibilities: Develop and implement the penetration testing strategy in alignment with Amgen’s security framework. Champion a proactive security culture, integrating offensive security principles into Amgen’s broader risk management program. Lead, mentor, and develop a team of penetration testers, fostering a culture of innovation and continuous learning. Provide coaching and training to enhance the team’s technical and strategic capabilities. Build and maintain a high-performance security team, ensuring strong succession planning and career development opportunities. Oversee complex penetration testing engagements, ensuring high-quality execution and impactful reporting. Establish standard methodologies and frameworks for offensive security testing, risk assessment, and mitigation strategies. Ensure penetration testing methodologies align with industry standards (e.g., PTES, OWASP, MITRE ATT&CK). Serve as a trusted advisor to security, engineering, and executive leadership teams on cybersecurity risks and offensive security findings. Advocate for secure development practices and influence secure-by-design principles across engineering teams. Communicate technical security risks in business terms to executive collaborators and senior leadership. Define and enforce security testing policies, methodologies, and compliance requirements. Drive initiatives to enhance security automation and continuous testing frameworks. Ensure penetration testing efforts contribute to regulatory compliance (e.g., ISO 27001, NIST). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 8 to 10 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Bachelor’s degree and 10 to 14 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Diploma and 14 to 18 years of experience in Computer Science, Cybersecurity or Information Systems related field Must-Have Skills: Proven experience in leading and managing high-performing security teams. Strong ability to influence senior collaborators and drive security adoption across an organization. Ability to translate technical security risks into business-aligned security strategies. Experience building and managing enterprise-wide penetration testing programs. Demonstrated ability to foster a culture of innovation, learning, and collaboration within security teams. Technical & Security Skills Deep knowledge of penetration testing frameworks and methodologies (e.g., OWASP, NIST, MITRE ATT&CK, PTES). Strong understanding of web application, cloud, and infrastructure security vulnerabilities. Experience with security tools such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux. Familiarity with secure coding principles, threat modeling, and adversary simulation. Professional Certifications (please mention if the certification is preferred or mandatory for the role): PreferredOSCP, OSWE, OSWA, eWPTX, GWAPT, GXPN PreferredCISSP Preferred Qualifications: Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

IS Specialist OT Security What you will do Let’s do this. Let’s change the world. In this vital role you will [responsible for developing and implementing security strategies that protect industrial control systems (ICS), SCADA networks, and other manufacturing infrastructure components. This role ensures the integrity, availability, and confidentiality of OT environments by integrating security monitoring, risk management, and compliance efforts into industrial operations. The OT Security Engineer works closely with Security Operations, Engineering and Infrastructure, and Operations to safeguard systems against cyber threats. Key responsibilities include implementing security best practices for OT, managing vulnerabilities, and collaborating with stakeholders to enhance the security posture of OT environments. . Roles & Responsibilities: Define, lead, and implement security strategies for OT environments, focusing on Industrial Control Systems (ICS) and SCADA. Implement and manage OT-specific security monitoring tools, ensuring real-time detection and response to cyber threats. Collaborate with engineering and operational teams to integrate security measures into OT network architectures. Assess and mitigate vulnerabilities in OT environments, ensuring compliance with industry standards (e.g., NIST 800-82, IEC 62443). Support security incident response efforts, including forensic analysis and remediation of threats in industrial environments. Coordinate with vendors, partners, and government agencies to address OT cybersecurity challenges. Develop security policies, procedures, and guidelines tailored to OT environments. Provide training and awareness programs to operational teams regarding OT cybersecurity best practices. Maintain relationships with vendors and strategic partners to enhance security capabilities. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Master’s degree with 4- 6years of experience in Information Systems or related field OR Bachelor’s degree with 6- 8years of experience Information Systems or related field OR Diploma with 10– 12years of experience in Information Systems or related field Preferred Qualifications: Must-Have Skills: Solid understanding of ICS, SCADA, and OT security principles Experience with network segmentation, firewalls, and intrusion detection systems in OT environments Knowledge of industrial protocols (e.g., Modbus, DNP3, BACnet, OPC, CIP) and their security implications Understanding of risk management frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP) Experience with security monitoring and detection in OT environments Good-to-Have Skills: Experience with security assessments and penetration testing for OT networks Proficiency in security tools (e.g., Nozomi Networks, Dragos, Claroty, Armis) Knowledge of cloud security and how it integrates with OT environments Scripting and automation skills (e.g., Python, PowerShell) Familiarity with compliance and regulatory requirements for critical infrastructure Professional Certifications (please mention if the certification is preferred or required for the role): GICSP (Global Industrial Cyber Security Professional) – Preferred CISSP (Certified Information Systems Security Professional) – Preferred ISA/IEC 62443 Cybersecurity Certificate – Preferred CompTIA Security+ – Preferred Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Infrastructure Penetration Testing Good to have skills : Automated Testing, Agile Testing, Test Automation Strategy Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer, you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Your typical day will involve performing continuous testing for security, API, and regression suites, creating automation strategies, and supporting data and environment configurations. You will also participate in code reviews and monitor defects to support continuous improvement activities for the end-to-end testing process, ensuring that the highest standards of quality are maintained throughout the project lifecycle. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Collaborate with cross-functional teams to ensure seamless integration of testing processes. Develop and maintain automated testing scripts to enhance testing efficiency. Design, develop, and maintain automated test scripts for Terraform and Sentinel policies Implement and manage test automation frameworks for DevSecOps toolchain orchestration Collaborate with development, operations, and security teams to ensure comprehensive test coverage and adherence to best practices Perform continuous integration and continuous deployment (CI/CD) pipeline testing to ensure seamless integration of security measures Identify, document, and track defects, and work with developers to resolve issues Conduct performance and security testing to validate the robustness and resilience of infrastructure as code (IaC) implementations Professional & Technical Skills: Must To Have Skills: Proficiency in Infrastructure Penetration Testing. Good To Have Skills: Experience with Automated Testing, Agile Testing, Test Automation Strategy. Strong understanding of security testing methodologies and tools. Experience in creating and executing test plans and test cases. Familiarity with continuous integration and continuous deployment practices. Proven experience (min. 3 years) in test automation, particularly with Terraform and Sentinel or similar role Strong expertise in DevSecOps and infrastructure as code (IaC) principles Experience with CI/CD tools such as GitHub, GitHub Actions, Jenkins, and JFrog Platform Solid understanding of cloud platforms, specifically Google Cloud Platform (GCP) and Microsoft Azure Knowledge of containerization technologies (Docker, Kubernetes) and orchestration. Experience with security testing tools and methodologies Certifications in Terraform or other relevant technologies Proficiency with scripting languages (e.g., Python, JavaScript, Ruby). Additional Information: The candidate should have minimum 3 years of experience in Infrastructure Penetration Testing. This position is based at our Hyderabad office. A 15 years full time education is required. Qualification 15 years full time education

Security Architecture Design Design and implement security frameworks for blockchain applications Ensure secure interactions between the blockchain platform and external systems Data Protection and Encryption Required Candidate profile Experience in securing blockchain-based applications. Familiarity with decentralized identity solutions Security certifications such as CISSP, CEH, CISM, or Blockchain Security Professional (CBSP)

Description: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India Requirements: - Must have 15+ years of experience in cyber security areas - Must be efficient in medical domain security - Must have experience with medical device security: threat modelling, pen testing, SAST, DAST - Must be hands on with pen testing of medical devices, application and cloud Job Responsibilities: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India What We Offer: Exciting Projects: We focus on industries like High-Tech, communication, media, healthcare, retail and telecom. Our customer list is full of fantastic global brands and leaders who love what we build for them. Collaborative Environment: You Can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities! Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules, opportunities to work from home, and paid time off and holidays. Professional Development: Our dedicated Learning & Development team regularly organizes Communication skills training(GL Vantage, Toast Master),Stress Management program, professional certifications, and technical and soft skill trainings. Excellent Benefits: We provide our employees with competitive salaries, family medical insurance, Group Term Life Insurance, Group Personal Accident Insurance , NPS(National Pension Scheme ), Periodic health awareness program, extended maternity leave, annual performance bonuses, and referral bonuses. Fun Perks: We want you to love where you work, which is why we host sports events, cultural activities, offer food on subsidies rates, Corporate parties. Our vibrant offices also include dedicated GL Zones, rooftop decks and GL Club where you can drink coffee or tea with your colleagues over a game of table and offer discounts for popular stores and restaurants!

Position Overview: We are seeking a highly skilled and motivated IoT / Embedded Security Engineer to join our team. The ideal candidate must have a strong background in IoT / embedded systems security, with a proven track record in identifying vulnerabilities and implementing robust security measures. Roles and Responsibilities: Conduct security assessments and risk analysis of embedded medical devices. Develop and implement security protocols and solutions for medical devices. Design and execute penetration testing and vulnerability assessments. Research and stay updated on emerging threats, vulnerabilities, and security trends in IoT and embedded systems. Collaborate with cross-functional teams to integrate security measures into the development lifecycle of products. Provide technical guidance and support to internal teams on security best practices. Participate in the design and architecture of secure IoT and embedded systems. Mandatory Skills: Bachelor's or Master's degree in Electrical Engineering, Computer Science or Electronic field. Proven experience (5 years) in IoT and embedded systems security. Strong knowledge of IoT protocols (e.g., UART, I2C, JTAG, MQTT, CoAP, HTTP) and embedded system architecture Experience with reverse engineering ARM/MIPS/x86 code architecture. Hands on with hardware attacks such as PCB reversing, Component identification,Side channel attacks,memory extraction methods. Knowledge of radio frequency (RF) protocols and related security implications such as BLE, WIFI, LoRa,DSP, SDR, etc. Understanding of industrial IoT (IIoT) security considerations. Experience with various hardware security assessment tools/frameworks. Familiarity with hardware security concepts such as secure boot, encryption, and secure firmware updates. Proficiency in programming languages commonly used in embedded systems (C/C++, Python). Proactive, problem-solver and the ability to work independently and within a team. Good to Have: Understanding of cryptographic algorithms and protocols. Knowledge of exploit development techniques, buffer overflows, and other memory corruption vulnerabilities applicable to embedded systems. Knowledge of secure coding practices and principles specific to embedded systems, including memory management and input validation. Familiarity with regulatory compliance and standards in IoT security. Any certification in IoT security, Embedded device security or similar, is a plus

Role & responsibilities Conduct vulnerability assessment and penetration testing for network, web applications, mobile applications and thick-client application Conduct configuration reviews for OS, DB, Firewall, Routers, Switches and other infrastructure components Conduct red-team assessments using social engineering, physical security compromise and other techniques Be well-versed with internal privilege escalation techniques Conduct source-code review using automated and manual approaches Prepare detailed reports as per NII format Ensure timely delivery of status updates and final reports to clients Handle client queries Keep oneself updated on the latest IT Security news, exploits, hacks Contribute technical content chapter meetings, blogposts Conduct internal and external trainings on various topics related to security assessment

Karthika Consulting & Solutions Pvt Ltd is looking for Information Technology Professional to join our dynamic team and embark on a rewarding career journey Manage and adapt forecasting tools to effectively monitor inventory, consolidate financial and operational KPI's (SharePoint). Design for new LAN cabling including patch panels, UTP, switches, router. Work on many different customer migrations including IIS, email, DNS, SQL and others programs. Assist in collection, maintenance, and management of employee records, biweekly payroll processing, and benefits submissions. Install and troubleshoot company wireless internet. Migrate Linux DNS servers into Microsoft environment. Possess administrative access to install and troubleshoot software. Utilize Kali Linux to test for vulnerabilities against internal and external infrastructure. Install and configure secured environments, VPN Internet connectivity of virtualize server environment and clients. Implement network services including data backups/restores, security, wireless connectivity, VPN and terminal servers. Maintain ERP system including troubleshooting, relationship management, contract negotiation, and new system proposal and comparison. Develop user/reader-friendly company intranet (SharePoint) to promote better collaboration, and ensure crisp succinct communications across all corporate channels.

Key Skills: Web Application Security, Penetration Testing Roles and Responsibilities: Conduct in-depth security assessments of medical device software using SAST and DAST tools, identifying and reporting vulnerabilities Analyze software bills of materials (SBOMs) to identify and mitigate supply chain risks Develop and maintain comprehensive security testing strategies and procedures Collaborate with software development teams to integrate security best practices into the development lifecycle Investigate and respond to security incidents and vulnerabilities Stay up-to-date on the latest security threats and trends in the medical device industry Assess Security Issue Findings: Assess the findings from SAST and DAST security issue reports to determine true/false positives Create custom rules for Veracode to enable the scanning tool to accurately identify custom security modules and libraries used by development teams, thereby reducing false positive findings Work with software developers and architects to determine appropriate mitigations for security issues Perform Manual Penetration Testing: Use Burp Suite, browser, or other tools to find security issues such as business logic-related issues and issues not usually found by automated security scanning tools Validate the implementation of security mitigations in addressing security issues using manual penetration testing techniques and tools Create and Execute Security Test Cases: Create and execute detailed security testing scripts using manual or automated approaches Create reusable test scripts for common security requirements In the process of creating security test cases, evaluate security requirements for gaps and research best practices for security issue remediation Consolidate testing results into standard templates for inclusion in regulatory documentation systems Map security requirements and functional or system requirements to show traceability Security Tools: Create and execute plans to evaluate new security tools Curate standard approaches in tools such as threat modeling tools to enable reuse Skills Required: Minimum of 5 years of experience in application security testing, with a focus on SAST, DAST, and SBOM analysis Minimum of 3 years of software development or practical automation using Python, Java, C#, or JavaScript Strong understanding of software development methodologies and programming languages Experience with security tools such as Fortify, AppScan, Veracode, or similar Knowledge of industry standards and regulations (e.g., FDA, IEC 62443) Excellent problem-solving, analytical, and communication skills Ability to work independently and as part of a team Preferred Qualifications: CISSP, CISM, or other relevant security certifications Experience in the medical device industry Knowledge of cloud security and DevOps practices Education: Bachelor's degree in Computer Science, Information Security, or a related field and Master's degree in Computer Science, Information Security, or a related field

Responsibilities Manage a team of senior Networking and Security personnel. Serves as the subject matter expert (SME) on Cloud networking and security, having previously worked in a senior technical network or security role. Help deliver and manage projects that apply the companys security policies and standards for use in cloud environments. Communicate security concepts to different audiences ranging from business leaders to engineers, as well as customers. Serve as a key subject matter expect in security and networking topics and support delivery of core services from a network security perspective. Mentor and influence team members in implementing and delivering projects and performing ongoing security and network monitoring. Help design security frameworks and effective solutions for vulnerability remediation. Develops standards, policies, and procedures as well as best practices documentation. Able to translate technical requirements into business requirements. Assist team members to update their security and networking skills and knowledge. Collaborate with other IT teams, developers, and business stakeholders to ensure alignment on network and security requirements. Stay up-to-date with the latest cloud networking and security trends and technologies. Develop and execute security roadmaps and initiatives. Drive change and improvements in security delivery of our Cloud security services. Education / Qualifications A university qualification of Bachelor's degree level in Engineering/IT, or a related field. Skills Required: Strong experience in a Security and networking leadership role (5 years+ in a management role combined with previous experience working at a senior technical level for 5 years+ in network/security role). Extensive security management experience in an environment leveraging Azure and/or AWS public cloud platforms. Strong Application, Networking, Cloud Security knowledge and experience. Previous experience working in environments that leverage public Cloud. Extremely knowledgeable in security and networking technical matters. Experience of compliance standards, including ISO27001 and/or SOC2. Familiarity with directives such as GDPR and NIS2/DORA. Experience of team management and interview protocols. Strong understanding of penetration testing and vulnerability assessments. Experience with project management and security project delivery. Solid understanding of application development and SDLC. Security certifications a strong plus (eg CISSP). Fluent English speaker. Desired technical skills or knowledge areas: Expertise in Azure and AWS networking and security services. Proficiency in network protocols and technologies (e.g., TCP/IP, DNS, VPN, routing). Knowledge of security frameworks and standards (e.g., NIST, CIS). Experience with SIEM, IDS/IPS, and vulnerability management tools. Strong practical experience with Fortinet security solutions (FortiGate, FortiAnalyzer, etc.). Proficiency in using Rapid7 security tools (Insight IDR VM) for vulnerability management and forensic investigation. Experience with tooling used for malware analysis and threat prevention. Experience with ManageEngine suite of products, especially PAM360 and Patch Manager Plus. Scripting and automation knowledge (e.g., Python, PowerShell, Terraform).

Serko is a cutting-edge tech platform in global business travel & expense technology. When you join Serko, you become part of a team of passionate travellers and technologists bringing people together, using the world’s leading business travel marketplace. We are proud to be an equal opportunity employer, we embrace the richness of diversity, showing up authentically to create a positive impact. There's an exciting road ahead of us, where travel needs real, impactful change. With offices in New Zealand, Australia, North America, and China, we are thrilled to be expanding our global footprint, landing our new hub in Bengaluru, India. With rapid a growth plan in place for India, we’re hiring people from different backgrounds, experiences, abilities, and perspectives to help us build a world-class team and product. We're seeking a visionary Head of Engineering to lead our dynamic engineering team and drive technological excellence. Requirements Your leadership will bridge the gap between technical execution and business objectives, ensuring that our engineering efforts align with our company's goals. In this pivotal role, you will be instrumental in scaling high-performing teams, aligning technical execution with business objectives, and fostering a culture of innovation. What you'll do Champion the long-term technical vision for the organization, ensuring it aligns with company strategy while encouraging innovation through emerging technologies. Support and grow engineering leaders by mentoring Senior Engineering Managers and Senior Principal Engineers—empowering them to lead with confidence, make impactful decisions, and drive execution. Facilitate cross-functional collaboration by aligning priorities, navigating complexity, and simplifying technical direction for executive and business stakeholders. Translate strategy into outcomes by defining clear OKRs and KPIs for team performance, delivery reliability, and engineering excellence. Guide architecture for critical systems, finding the right balance between innovation, technical sustainability, and business value. Continuously improve engineering practices across Agile workflows, code reviews, and CI/CD pipelines—enhancing productivity and quality at scale. Steward budgets and resourcing thoughtfully, ensuring teams have what they need to succeed while maintaining responsible investment across people, tools, and initiatives. Nurture a thriving engineering culture —one that supports career growth, celebrates diversity, and promotes inclusive, global collaboration across teams. What you'll bring to the team Technical Leadership: Experience leading engineering teams of various sizes, ideally in high-growth or product-led environments. You’ve delivered complex solutions and supported the development of other leaders. Strategic Execution: A strong ability to align engineering direction with business goals—balancing technical depth with pragmatic decision-making. Collaborative Mindset: You work effectively across functions, building trusted relationships with peers in Product, Design, Operations, and beyond. Operational Rigor: Familiarity with Agile delivery, continuous improvement, and using data to guide and improve engineering processes. Clear Communication: You can translate technical ideas into clear priorities, decisions, and updates for both technical and non-technical audiences. Team Growth & Culture: A commitment to building inclusive, engaged, and high-performing teams. You may have experience designing org structures, defining career paths, or nurturing a strong engineering culture across geographies. Benefits At Serko we aim to create a place where people can come and do their best work. This means you’ll be operating in an environment with great tools and support to enable you to perform at the highest level of your abilities, producing high-quality, and delivering innovative and efficient results. Our people are fully engaged, continuously improving, and encouraged to make an impact. Some of the benefits of working at Serko are: A competitive base pay Medical Benefits Discretionary incentive plan based on individual and company performance Focus on development: Access to a learning & development platform and opportunity for you to own your career pathways Flexible work policy. Apply Hit the ‘apply’ button now, or explore more about what it’s like to work at Serko and all our global opportunities at www.Serko.com .

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities: Expected to be an SME in Security Architecture Design. Collaborate and manage the team to perform effectively. Responsible for team decisions and ensuring adherence to security best practices. Engage with multiple teams and contribute to key decisions. Expected to provide solutions to problems that apply across multiple teams. Ensure the implementation of robust security controls. Conduct risk assessments and vulnerability testing. Develop and maintain security policies and procedures. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST). Hands-on experience with security tools and technologies. Good To Have Skills:Experience with cloud platforms such as AWS or Azure. Additional Information: The candidate should have a minimum of 12 years of experience in Security Architecture Design. This position is based in Mumbai. A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Develop and implement security architecture solutions. Conduct security assessments and provide recommendations. Stay updated on the latest security trends and technologies. Lead security architecture design reviews. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Architecture Design. Strong understanding of cloud security principles. Experience with security tools and technologies. Knowledge of risk management and compliance. Good To Have Skills: Experience with cloud security platforms. Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Architecture Design. This position is based at our Chennai office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Lead security architecture design discussions Develop security architecture solutions Conduct security assessments and audits Professional & Technical Skills: Must To Have Skills: Proficiency in Security Architecture Design Strong understanding of cloud security principles Experience with security tools and technologies Knowledge of security compliance standards Hands-on experience in implementing security controls Additional Information: The candidate should have a minimum of 5 years of experience in Security Architecture Design This position is based at our Noida office A 15 years full time education is required Qualifications 15 years full time education

Responsible for planning and designing new software and web applications. Analyzes, tests and assists with the integration of new applications. Documents all development activity. Assists with training non-technical personnel. Has in-depth experience, knowledge and skills in own discipline. Usually determines own work priorities. Acts as a resource for colleagues with less experience. Core Responsibilities Work with Application owners to collect information and scope out assessments. Perform software security testing and code analysis using static source code analyzers Analyze attack chains and recommend efficient methods for mitigation Help advance the goal of building-in security to all Comcast products Work with platforms that identify indicators of compromise (IOC) and act on the results Employees at all levels are expected to: Familiarity with penetration testing techniques and tools, including identifying attack surfaces of interest, loop-back proxies, fuzzing, disassembling, and reverse-engineering Knowledge of common errors in programming, cryptographic implementations, network/service configurations Understanding of vulnerability scanning, cataloging, and remediation strategies Understanding of embedded software, middleware, and application architectures Able to understand and explain vulnerabilities listed in CVE databases and the OWASP top 10 Passion for cybersecurity, an entrepreneurial spirit, persistence, and resourcefulness A cool and casual work environment with chances to showcase your skills A team-centric culture of collaboration, innovation, and continuous learning Training, support, and mentoring to expand and evolve your expertise Opportunity to impact the security of Comcast products in millions of homes and businesses Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. Education Bachelors Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago time left to applyEnd DateJune 10, 2025 (30+ days left to apply) job requisition idJR0035385 Job Title: Product Manager - Data Platform(Cyber security ) About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: Senior Product Manager II - Data platform About the role Lead the strategy, design, and development of the shared data platform to meet company objectives founded on a thorough understanding of business unit strategies and objectives, the competitive landscape, and current and potential future business challenges. Use a data-focused approach to ensure each initiative on our product roadmap delivers a meaningful impact to our business and users. Voice of Customer Partner with pre and post sales teams as well as Trellix partners to understand the customer pain points and translate that into product strategy and bring clarity to engineering teams for execution of that strategy. Develop deep and trusted relationships with key customers, partners, and other key stakeholders. Drive Results - Attack everything with drive and energy with an eye on both the bottom line and customer success Create a talent plan designed to develop, motivate/coach, and retain top product management talent. Influence others, with strong attention to detail, excellent organization skills, and ability to manage multiple projects and responsibility. About you You bring 7+ years of cybersecurity experience (SIEM, XDR, EDR, NDR, SOC Analyst, Threat Research) and a track record of success at leading technology and product organizations while being both a strategist and executor. A customer-centric software product leader and domain expert with a history of developing a product strategy that aligns with the corporate strategy and delivering results in a fast-paced, dynamic environment. You bring years of product management experience in a product led company, developing, and executing against a product roadmap that delivers revenue growth. You bring experience building and evangelizing products that cater to security operations centers and clearly understands the day-to-day workflows that take place in those organizations such as event ingestion, enrichment, detection, analysis and response. You bring a high level of technical understanding in the areas of virtual infrastructure, container architecture, event processing, normalization and parsing, database architecture, detection engines, event transfer protocols and mechanisms and UX. You have highly effective communication & data presentation skills, enabling you to influence both business and technical teams, from executive leadership to the company. Ability to prioritize & handle multiple requests concurrently and consistently deliver superior results in a timely fashion. Effective change agent, can lead change, think out of the box, & make new ideas happen. Ability to communicate vision and strategy. You are collaborative, diplomatic, and humble. You have no problem rolling up your sleeves to help when needed. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.