Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SailPoint Identity Mgmt and Governance. Experience: 5-8 Years.

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025

We are seeking an experienced, strategic, and hands-on Manager - Product Security to lead a growing team of penetration testers supporting BMCs IZOT product line. This team focuses on offensive security assessments across mainframe-based solutions and modern application ecosystems. Leadership & Management Lead and mentor a team of penetration testers with diverse skill sets (mainframe, distributed, web, and cloud security). Define and execute the teams roadmap, goals, and priorities in alignment with product and organizational objectives. Foster a culture of innovation, continuous learning, and technical excellence in security testing. Manage staffing, performance, and career development of team members. REQUIRED SKILLS: Bachelor's or master's degree in computer science, Information Security, or related field. 8+ years in cybersecurity roles, with 3+ years in technical leadership or management capacity. Proven experience leading or performing penetration testing on both mainframe and modern platforms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe and modern systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF, JCL Security tools: Nmap, Burp Suite, Wireshark, custom scripts Proficient in scripting and automation skills (Python, REXX, Bash, or similar). Experience delivering technical and executive-level security reports. Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services.

The Security Testing teams mission is to partner with Atlassian internal teams globally to provide innovative and holistic security testing to secure Atlassian products, platforms and customers. This role supports Atlassian s security team, Engineers and Customers by performing high quality penetration testing on our software, platforms and services. This role supports Atlassian s security team, Engineers and Customers by providing world class technical assurance of our software, platforms and services through high quality manual penetration testing and code review. Working at Atlassian Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company. ","responsibilities":" You will support others in technically validating the state of Atlassian s technical security controls, working closely with both our security and engineering teams. You enjoy vulnerability hunting and get excited when you find vulnerabilities that typical automated toolsets can t. You must have a strong ability to work with colleagues to understand our products and then come up with ways to strengthen security. Since we work closely with our product engineering teams, the ability to read and understand code is very important. Our products are built using a number of different languages but Java, Go, and Python are the most common. ","qualifications":" On your first day, well expect you to have: 3+ years working in a penetration testing/appsec/manual code review role Strong understanding of web application security Experience in cloud security architecture and infrastructure Experience coding in Java, Python, or Go, and at least one scripting language An ability to reason about security decisions Experience leading projects from start to finish and mentoring other security practitioners Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams Its great, but not required, if you have: Submitted bug bounty reports to third party companies Published contributions to the security community Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN CVE s to your name Presentation experience at industry events Developed security tools Experience working with compliance, privacy, IT, networking or related functions Benefits & Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit

Sr. Cyber Security Analyst POSITION PURPOSE: This role is responsible for assessing, managing, and enhancing the security measures of Bayer s systems, networks, and data. Especially using data analytics for monitoring of Bayers security systems and applications. YOUR TASKS AND RESPONSIBILITIES: Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact. Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols. Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organizations security framework. Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR. Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements. Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications. Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies. Investigate incidents and respond to events in real time. WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field, though relevant working experience may be considered an equivalent with 8+years of experience Experience in IT audit, network operations, enterprise risk management, penetration testing, red team/incident response, or as a junior security operations analyst Experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800. Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS Further certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA, EC-Council (CSA) SOC Experience monitoring SIEM systems and tools Experience with network and security technologies, such as firewalls, IDS/IPS Experience configuring and utilizing vulnerability assessment technologies Experience with monitoring networks, detecting threats, and responding to incidents Proficiency in report writing, investigational techniques, and communicating to large audiences Ever feel burnt out by bureaucracy? Us too. Thats why were changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here https: / / www.bayer.com / enfstrategyfstrategy Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext. Please don t rely upon any unsolicited email from email addresses not ending with domain name bayer.com or job advertisements referring you to an email address that does not end with bayer.com . For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM. Division: Enabling Functions Reference Code: 847153

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA's (90-95%), response time and resolution time TAT Mandatory Skills: Microsoft Entra ID. Experience: 5-8 Years.

Essential Services: Role & Location fungibility To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service. The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role At ICICI Bank, Information Security Group believes in providing services to its customers in the safest and most secure manner keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. Our support application team performs application vulnerability assessments and document vulnerabilities which were found and provides recommendations for remediation according to BFSI guidelines and industry best practices. As an Application Security Manager, you will provide guidance to the application team on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. You will work along with cross functional business teams to get closure of identified gaps and utilize escalation matrix effectively wherever necessary. You will conduct application security assessment results review and mitigation approval. You will keep abreast of new technologies to ensure that the organization remains at the forefront of security. Key Responsibilities Support and Testing: Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets with security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc. Analysis: Perform in-depth analysis of VAPT results, Review assessment reports to provide risk mitigation & recommendations on that basis. Collaborate: Collaborate with the application team and provide them guidance on application security best practices, support remediation effort and track open issues and follow up to ensure remediation Key Qualifications & Skills Education Qualifications: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent Certifications: OSCP Compliance: Knowledge of cyber security trends & hacking techniques, MITRE ATT&CK framework with hacker mindset. Network Security: Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Key Technologies: Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance, Knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends.

Certbar Security is looking for Junior Security Analyst to join our dynamic team and embark on a rewarding career journey. Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans

locationsBangalore, Indiaposted onPosted 14 Days Ago job requisition id30672 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity We are seeking a skilled and proactive Cybersecurity Engineer/Analyst to join our Product Security Testing Team. This team helps ensure that our products and clients are protected and maintain trust in our security processes. We protect the FICO brand and our products by engaging with development teams at every step of the product development lifecycle. We assess and influence product design, analyze applications for flaws that may lead to security issues, and provide security testing to help ensure our products are secure. We seek candidates who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work. This role focuses on validating secure coding practices, conduct and coordinate security testing/pen testing .- Sr Manager, Cyber Security What You'll Contribute Collaborate with engineers, consultants and leadership to identify security risks and recommend mitigations within the Secure Development Lifecycle (SDLC). Perform activities such as secure code reviews, security testing and vulnerability triage across various applications. Regularly interact with internal and external customers on security-related projects and operational tasks. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks. Analyse test results, draw conclusions from results, and develop targeted exploit examples. Clearly and professionally document root cause and risk analysis of findings. Consult with operations and software development teams to help ensure potential weaknesses are tracked and addressed. Collaborate with other teams to improve the overall security posture of applications/infrastructure. Stay current on security best practices, vulnerabilities, and attacker tactics, techniques, and procedures. Develop and test effective functional security testing strategies for new/emerging product security requirements. Suggest improvements to existing processes/tooling; ideate and implement automation where possible. What We're Seeking Bachelor's degree in computer science, Cybersecurity, or a related field. Relevant cyber security certifications (e.g., CEH, CCSP, CISSP, OSCP etc) are highly desirable. Proven experience of at least 3 years in a similar role within Cybersecurity. Strong understanding of AWS infrastructure and cloud security principles. In-depth knowledge of cybersecurity principles, methodologies, frameworks and best practices. (OSI, NIST, OWASP, SANS, PCI etc) Knowledge of secure coding principles and experience with code review processes and tools. Experience with Pen testing, infrastructure as a code scan reviews and dynamic application security testing (DAST) methodologies and tools. Knowledge and experience in CI/CD, shift left security. Strong analytical and problem-solving skills with a keen attention to detail. Strong written and oral communication skills with the ability to convey complex security concepts to non-technical stakeholders. Strong organizational and interpersonal skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Job Title: VAPT Consultant Note: Looking only for candidates who can join within 30 days. Qualifications: BE/B. Tech with specialization in cyber security, MCA, M. Tech / Masters in Information security, or Forensics Analysis Knowledge 2-5 years hands on experience working in VAPT, working for cybersecurity industry. Candidate must have cybersecurity related certifications such as eJPT or eWPT or CRTP or CRTO or OSCP. Candidates having hands on experience in red teaming or source code review or cloud configuration review in addition to VAPT are preferable Role and Responsibility: • Conduct Network/ System Vulnerability Assessments, Penetration Testing using tools to evaluate attack vectors, identify system vulnerabilities, and provide appropriate remediation plans for mitigation of the identified vulnerabilities. • Conduct Application vulnerability assessments, Penetration Testing for web applications, identify and report vulnerabilities, provide recommendations, and track closure of identified vulnerabilities. • Perform Configuration compliance assessments for Endpoints / Assets /network devices and help maintain the security settings at compliant level with Specific Security Standards. • Perform regular monitoring of patch compliance of the assets in the network, Analyze Patch Advisories and provide remediation steps for the stakeholders. • Performing comprehensive review and threat adversary modeling for web applications. • Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting • Conduct and compile findings on new vulnerabilities, new tools for departmental use. • Create project deliverables / reports and assist the client with remediations and discussions. • Abide by the project timelines and maintain project discipline. Technical Skills Required: • Hands-on Experience is performing Network Security Assessment and vulnerability Assessment. • Good understanding of OSI layers and fundamental Operating system concepts, security settings for various flavors of Windows and Linux platforms. • Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. • Familiar working with Publicly available exploits codes. • Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp Suite, Paros Proxy Nessus, nexpose, Wireshark, sqlmap etc. • Sound knowledge about infrastructure vulnerability scans, identifying security vulnerabilities, weaknesses, threats, and assessing related risks that exists within an IT Infrastructure or business processes. • Sound knowledge about Application vulnerability assessments and relevant knowledge of OWASP top 10 vulnerabilities and SANS. • Good understanding of firewalls, Switches, and Routers configuration settings and policies, relevant experience in performing rule base reviews and configuration reviews for network devices

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Oracle HCM Cloud Core HR Good to have skills : Oracle Applications Development, Security GovernanceMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will engage in proactive monitoring of systems to identify vulnerabilities and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security audits and assessments to identify areas for improvement.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Oracle HCM Cloud Core HR.- Good To Have Skills: Experience with Oracle Applications Development, Security Governance.- Strong understanding of security frameworks and compliance standards.- Experience with risk assessment and management methodologies.- Familiarity with incident response and threat detection tools. Additional Information:- The candidate should have minimum 5 years of experience in Oracle HCM Cloud Core HR.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Cloud Security PlanningMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer (Tester), you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. You will perform continuous testing for security, API, and regression suite, create automation strategy, automated scripts, and support data and environment configuration. You will also participate in code reviews, monitor, and report defects to support continuous improvement activities for the end-to-end testing process. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Implement innovative testing strategies to enhance product quality.- Conduct thorough security testing to identify vulnerabilities and risks.- Develop and execute test plans, test cases, and test scripts.- Collaborate with cross-functional teams to ensure quality standards are met.- A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches for Cloud Native platforms.- Recommend security controls and identify solutions that support a business objective- Conduct Threat Model Assessment leveraging STRIDE Model- Help review Application & Infrastructure components to operation Mission Critical Cloud Platform- Provide specialist advice and recommend approaches across teams and various stakeholders- Communicate widely with other CISO stakeholders- Advise on important security-related technologies and assess the risk associated with proposed changes- Inspire and influence others to execute security principles across the engineering platforms Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Good To Have Skills: Experience with Cloud Security Planning.- Strong understanding of security testing methodologies.- Knowledge of security tools and technologies.- Experience in conducting vulnerability assessments and penetration testing.- Ability to analyze and interpret security data for actionable insights. Additional Information:- The candidate should have a minimum of 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About the Role We are seeking candidates having experience in Network security. Infrastructure security Engineer is responsible for safeguarding the Banking Client's network infrastructure by implementing and managing robust security measures. The Engineer will work on-site at Client's Datacenter with coverage of 16X6 Support. Key Responsibilities Escalation support for L1 team, plus regular management, and administration tasks. Responsibility for diagnosis and problem management. Provide inputs to Level 3 team for consulting, IT Infrastructure planning and change management. Configure, Manage and Modify the IT Infrastructure Incident Management and suggesting changes as and when required Addressing network issues on Routing, Switching and Configurations. IP Address Management –Configure, Manage and Modify Managing configuration changes based on user request Incident Management and suggesting changes as and when required Basic Qualifications BE/B. Tech (CSE, ECE/IT) or MCA /MSc (CS) with Science background. Minimum 5 years of experience in managing network operations services with a minimum CCNP or equivalent certifications Network security, VPN, SWG will be preferred. Preferred Qualifications CCNP- Security Certification ITILv4 Certification

VFX AI is building the next-generation AI-native video platform for enterprises and creators. Our platform enables users to upload, edit, enhance, and intelligently analyze video/audio through advanced AI agents. We support multi-tenant workspaces, enterprise-grade access control, and integrations like SSO, SCIM, and AI-powered video intelligence. Were preparing for SOC 2 Type II and GDPR compliance and are seeking an experienced Penetration Tester to identify and help resolve potential vulnerabilities in our system. Responsibilities: Conduct black-box and gray-box penetration testing of our: Web application (Next.js) REST and GraphQL APIs (FastAPI + NestJS) File upload and media pipelines Cloud infrastructure (AWS: S3, EC2, RDS, Redis, VPC) SSO, SCIM, and RBAC access control flows Simulate real-world attack scenarios to uncover: OWASP Top 10 vulnerabilities Multi-tenant access control issues AI/ML injection or misuse pathways Storage or media-processing vulnerabilities Analyze security of AI agent orchestration endpoints and 3rd-party integrations (e.g., TwelveLabs) Identify misconfigurations in IAM roles, S3 bucket policies , and cloud networking Produce detailed technical reports with: Vulnerability descriptions CVSS severity scores Reproduction steps and recommended mitigations Collaborate with engineering teams to validate and prioritize fixes Optionally provide a SOC 2-aligned attestation letter and retesting Required Qualification: 3+ years of hands-on penetration testing experience. Deep understanding of: Web & API security (OWASP Top 10, JWT, CSRF, SSRF, IDOR) AWS security (IAM, S3, EC2, VPC, Secrets Manager) Multi-tenant architecture and RBAC testing File upload, MIME spoofing, and media injection risks Experience with: Pen testing tools (Burp Suite, Postman, Nmap, Trivy, AWS Inspector) Exploiting authentication systems (SSO, SCIM, OAuth, OIDC) Familiarity with AI/ML threat vectors (prompt injection, model abuse) Ability to document findings clearly for technical and non-technical stakeholders Optional: SOC 2 or ISO 27001 audit collaboration experience Preferred Certifications: OSCP, OSWE, CEH, CREST, or equivalent AWS Security Specialty (a plus) What We Offer What We Offer: Opportunity to shape the security posture of a fast-growing AI SaaS product Potential long-term security consulting engagement post-test Access to our engineering and DevSecOps team for collaboration.

About the Role An experienced Cybersecurity Risk & Compliance Analyst to proactively address and manage the risks of the increasingly sophisticated cyber threats. This role aims to strengthen our overall security posture, ensure we meet compliance obligations (like SOC2, HITRUST, PCI DSS), and reduce our risk exposure by shifting towards more proactive measures. Your Area of Focus Threat & Vulnerability Management: l Systematically scan our systems/applications for vulnerabilities. l Analyze findings, prioritize risks based on impact. l Maintain crucial asset inventories (including SBOM/HBOM). l Collaborate closely with IT/DevOps to track and ensure timely remediation of vulnerabilities (patching, configuration changes). Manage Third-Party Penetration Testing Partners: l Develop and maintain a process for ensuring testing coverage for inscope systems. l Collaborate with internal engineering and product teams to define the scope for each penetration test. l Once a vulnerability has been remediated, coordinate with the penetration testing partner to perform retesting and validate the effectiveness of the fix. Governance, Risk & Compliance (GRC) Support: l Manage evidence gathering and preparation for audits (SOC2, HITRUST, PCI DSS, etc.). Reduce audit burden on technical teams. l Assist in developing and maintaining security policies and standards relevant to our operations. l Track compliance status and identify gaps. Risk Management: l Conduct regular risk assessments to find potential security weaknesses and control gaps. l Maintain a risk register and track mitigation efforts. l Monitor emerging technology risks (e.g., GenAI) and assess their potential impact on our environment. Ensure we stay ahead of new threat vectors. Security Support & Guidance: l Serve as a point of contact for security-related questions and provide guidance on best practices. l Support incident investigations and customer security inquiries/audits. Your Professional Qualifications l Solid experience 3 years in cybersecurity, specifically focusing on risk management and compliance. l Strong understanding of vulnerability management, risk assessment methodologies (NIST RMF, ISO 27001). l Experience with compliance frameworks (SOC2, HITRUST, PCI DSS mandatory). l Excellent analytical skills and ability to collaborate effectively across teams (especially IT/DevOps). Perks & Benefits Healimpilo offers best in market perks and benefits to its Employees. Healimpilo is an equal opportunity employer. All applicants will be considered for employment without attention to age, race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

We are keenly looking for a resource with 10+ years of experience who had both technical and managerial experience to execute a lead position from offshore. Primary Skill: Azure DevOps, Jfrog Artifactory, SonarQ, DevSecOps(SAST & DAST), Azure native App Security Secondary Skill: Containerization and Orchestration tools. Shift details: Day shift overlapping with EST (2PM-10:30PM) Technical Leadership & team management at Offshore: • Technical Leadership: Provide guidance to ensure best practices and quality standard are maintained in deliverables. Understand Selective standards and help ensure deliverables meets and adhere to the standards. If standards are missing collaborate with the core team to build standards as needed/required • Team Guidance: Lead and support DevOps engineers to achieve project goals. • Team Management: Lead and coordinate offshore DevOps teams. • Sprint Planning: Assist with offshore sprint planning, estimates, and timelines for the work aligned. • Work Execution: Run stand-ups and manage work execution. • Resource Optimization: Optimize team member capacity utilization. • Risk Management: Identify and mitigate risks aligned to the work • Documentation: Maintain detailed documentation of processes and projects Mature Offshore-Driven Operations and Operational capabilities : • SOP Development: Create standard operating procedures for operational tasks. • Communication: Establish clear channels with DevOps service consumers and stakeholders. • Continuous Improvement: Encourage innovation and automation. • SRE for key DevOps tooling: Build Site Reliability Engineering around DevOps platforms and tools. Build health checks for the key platforms. • Keeping platforms/tooling evergreen. Report/track on tech currency • Improve & automate operational onboarding - drive platform Self service capabilities for our end customer Collaboration and Coordination: • Stakeholder Updates: Provide regular updates to stakeholders. • Team Collaboration: Work with development, QA, and operations teams. • Performance Tracking: Develop and monitor key performance indicators (KPIs).

i. BE/B. TECH/BCA/B.SC/M.SC/MCA/M. Tech-(Computers/Electronics/IT) ii. Minimum one certification such as CEH/CPTC/OSCP/ECSA/CEPT and/or equivalent. iii. Having at least 5+ years of post-qualification relevant work experience including appearance before court of law while presenting the extracted cyber evidence. iv. Experience of managing large scale digital evidence media. v. Comprehensive knowledge on forensic digital device data preservation, acquisition, analysis and documentation. vi. Experience in-depth practical knowledge on Ethical Hacking, Penetration Testing, OSINT, Deep and Dark Net Investigations. vii. Experience in handling real-life cyber- crime cases would be preferred. viii. Experience in investigation on Web Defacement/Site Down activities ix. Experience in investigation of Email and VOIP call Analysis and trace Down Methods. x. Experience in investigation on Web SMS/Image/Reverse Image/Video Source tracing methods. xi. Experience in practical knowledge multiple enterprise and open source which have industry benchmark. xii. Experience in comprehensive knowledge on System, Mobile Forensics, Internet Forensics, Cloud Forensics, CC Footage/AV Forensics, Database Forensics, Network Forensics, Malware Forensics, Stegano and Crypto Forensics, Memory Forensics, UAV Forensics and /or other variety of Forensic formats. xiii. Experience in-depth practical knowledge on Malware Forensics, Memory Analysis, Ethical Hacking, Penetration Testing, OSINT, Deep and Dark Net Investigations, Advanced persistent threats (APTs), Sophisticated analysis of malware, cyber security incident (Packet tracing, Web Logs, taking a copy of the mail store and aggregated log analysis), performing threat modeling, and producing intelligence threat assessments. xiv. Experience in practical knowledge on multiple enterprise, open-source tools, Static and Dynamic Malware Analysis Tools. xv. Experience in generating forensic documents for case investigation. xvi. Graduation from premier institutes (IITs, NITs, NFSL, IIIT, etc.) shall be preferred. xvii. Bug-bounty program winners will be preferred. .

Job Title: Specialist I - Information Security | Vulnerability Management - Subject Matter Expert (SME) Location:, Hyderabad , Chennai , Bangalore , Trivandrum , Cochin Experience: 7-9 years Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. Job Summary: We are seeking a highly experienced and knowledgeable Subject Matter Expert (SME) to join our Vulnerability Management team. The ideal candidate will possess deep expertise in cybersecurity, particularly in vulnerability management processes, tools, and best practices. This role demands strong analytical skills, excellent communication, and a proactive approach to security risk mitigation. Key Responsibilities: Lead and manage the vulnerability management program end-to-end. Conduct vulnerability assessments and penetration testing. Use tools like Qualys VMDR, MS Defender, and CrowdStrike to detect, analyze, and report vulnerabilities. Create dashboards and detailed reports with actionable recommendations. Prioritize vulnerabilities based on business risk and exploitability. Collaborate with technical teams for remediation planning and execution. Stay current with emerging threats, trends, and technologies. Deliver training on vulnerability management processes and tools. Support incident response efforts with expertise in vulnerability exploitation and mitigation. Ensure compliance with security frameworks and regulatory standards.

Senior Advisor - Business Security Location: Thane/Vikhroli 5 days work from office in a MONTH Shift: 1.30 P.M. to 10.30 P.M. The Company: UK based one of the largest MNCs is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. One of the oldest MNCs, has more than 42,000 employees serving more than 142 countries. Business Unit The mission of the Business Information Security team is to be Information and Cyber Security trusted advisors to senior business and technology stakeholders. When they're forming strategy and delivering business change, we aim to help them ensure that their business continues to be secure and compliant in line with our information and cyber security policies and standards. Job Summary As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices. Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organizations information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. This role resides in our Information & Cyber Security (ICS) team within Corporate IT. Roles & Responsibilities Build and maintain effective relationship with technology teams and ICS stakeholders Foster a culture of information and cyber security best practices though awareness and support Stay up to date with the latest application security developments and security trends to continually improve internal processes Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities Work with development teams to improve the secure software development lifecycle Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats Ability to coordinate and execute security testing for applications and cloud environments Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA Demonstrate a good understanding of security regulations and data privacy laws Support the risk identification & exceptions management process Manage and oversee adhoc projects related to maturing information and cyber security controls across the organizationR. Education Qualification: Degree in a relevant Business or Information Technology area Experience Band: 5 - 12 yrs. Technical Skills: Need to have Degree in a relevant Information Technology area preferably with a focus on information security Significant experience in managing and patching vulnerabilities across a host of assets Expert understanding of all aspects of information security principles, policy and its application in business and technology areas Understanding of core cloud security principles Knowledge and experience on supporting information security audits Technical Skills: Nice to have Client focus: ability to engage positively with clients and business stakeholders. Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH) Full JD will be shared on email Best Regards, Uma SW +91 98 22 780 197 uma@starlighthr.com I https://starlighthr.com/

Senior Advisor - Business Security Location: Thane/Vikhroli 5 days work from office in a MONTH Shift: 1.30 P.M. to 10.30 P.M. The Company: UK based one of the largest MNCs is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. One of the oldest MNCs, has more than 42,000 employees serving more than 142 countries. Business Unit The mission of the Business Information Security team is to be Information and Cyber Security trusted advisors to senior business and technology stakeholders. When they're forming strategy and delivering business change, we aim to help them ensure that their business continues to be secure and compliant in line with our information and cyber security policies and standards. Job Summary As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices. Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organizations information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. This role resides in our Information & Cyber Security (ICS) team within Corporate IT. Roles & Responsibilities Build and maintain effective relationship with technology teams and ICS stakeholders Foster a culture of information and cyber security best practices though awareness and support Stay up to date with the latest application security developments and security trends to continually improve internal processes Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities Work with development teams to improve the secure software development lifecycle Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats Ability to coordinate and execute security testing for applications and cloud environments Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA Demonstrate a good understanding of security regulations and data privacy laws Support the risk identification & exceptions management process Manage and oversee adhoc projects related to maturing information and cyber security controls across the organizationR. Education Qualification: Degree in a relevant Business or Information Technology area Experience Band: 2 - 6 yrs. Technical Skills: Need to have Degree in a relevant Information Technology area preferably with a focus on information security Significant experience in managing and patching vulnerabilities across a host of assets Expert understanding of all aspects of information security principles, policy and its application in business and technology areas Understanding of core cloud security principles Knowledge and experience on supporting information security audits Technical Skills: Nice to have Client focus: ability to engage positively with clients and business stakeholders. Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH) Full JD will be shared on email Best Regards, Uma SW +91 98 22 780 197 uma@starlighthr.com I https://starlighthr.com/

Role & Responsibilities Proficiency in conducting Web Application VAPT (Black/Gray/White box) activities to identify and mitigate security vulnerabilities. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security vulnerabilities. Proficiency in Conducting external and internal infra-Penetration testing. Assessing and scoping application security penetration test requirements Proficient in writing end to end penetration testing report including management and technical sections. Hands on experience on penetration testing tools such as Burp Suite, Qualys, Kali Linux, POSTMAN, SOAPUI, HCL AppScan Experience Required: Candidate must have 2+ years of relevant experience in VAPT. Certification: Must have CEH. Certification: Desired - eWAPT, ECSA, OSCP, GWAPT, eWPTX. Proficient in handling the Nexus vulnerability Management tool Should have working experience on configuring the Qualys Authentications, asset tags, asset groups, option profiles, reporting templates, policy compliance templates, scanning schedules etc. Should have experience in creating and providing vulnerability remediation updates to customer. Must have excellent customer handing and communication skills Experience Required: Candidate must have 2+ years of relevant experience in vulnerability management using Qualys

Job Description: At least 5 to 12+ years of software development and testing in web applications. Proficient in implementing security fixes and addressing vulnerabilities. Experience in version upgrade and issue troubleshooting. Proficient in Microsoft web technologies such as ASP.net framework 4.5 & above with C# programming language. Proficient in handing database such as SQL Server 2019 & above. Responsible, organized and hard working with excellent communication skills. Experience developing in an Agile environment. Experience with adaptive/responsive development techniques. Proficient in web markup HTML 5/CSS, Bootstrap, Client-side script such as JavaScript frameworks, including, jQuery and AJAX, partial page updates, asynchronous request handling. Knowledge of best practices for front end performance, accessibility and usability. Proficient understanding of cross-browser compatibility issues and ways to work around them. Experience working in with GitLab repos and pipelines. Understand business requirements and provide engineering estimates. Collaborate with other developers and quality assurance engineers to deliver high quality products. Communicate status and identify project risks. Should be smart, good in logical thinking and fast in implementation.

Project Role : Tech Delivery&Op Excellence Practitioner Project Role Description : Understand how to deliver value to clients, and use that commercial competency to apply methods or certifications appropriately. Attention to detail and deep expertise allow them to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Must have skills : Governance Risk Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Tech Delivery & Op Excellence Practitioner, you will understand how to deliver value to clients and apply methods or certifications appropriately. Attention to detail and deep expertise allow you to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Key responsibility:- Risk and Compliance senior Analyst works with the Application service delivery organization and other compliance related functions to help:- Perform audits/reviews to assess risks in Application development and maintenance service environment- Manage risk in Application development and maintenance service to an acceptable level - Increase the level of awareness of and compliance with policy and process related matters - Support successful completion of various external compliance certification programs and internal compliance assessments- Introduce continual improvement including lessons learned from matters requiring intervention- This successful candidate for this role will be a member of a dedicated team operating a Controls and Compliance function, which will perform audit style reviews of Application Development & Maintenance Services outsourcing engagements covering compliance matters and operational service management and service delivery good practice.Must-Have Skills/ Qualifications:- Minimum of 1-year experience in Auditing principles and practices (sample qualifications*:CISA, ISO 27001 Lead Auditor)- Minimum of 1-year experience in Application security/audit roles in Application development & maintenance service industry(sample qualifications*:EC-Councils CASE (Certified Application Security Engineer), CEH(Certified Ethical Hacker), - Agile Methodology( Certified Scrum Master), DevOps Certification, CMMI for Development- Knowledge of secure SDLC models, secure coding standards, OWASP Top 10, threat modeling, SAST(Static Application security testing), DAST (Dynamic Application security testing), single sign on, Encryption - Minimum of 1-year experience in Operational compliance requirements)- Contract Management / Service Reporting(including Service Level Agreements and Operational Level Agreements)- Risk management or assessment (sample qualification*:CRISC)- Knowledge of cloud environment and services (sample qualification*:Microsoft Azure/AWS/Google Certifications)- Team and stakeholder managementNice-to-Have Skills/ Qualifications:- Data privacy and protection (sample qualifications*:CIPM, CIPT, CIPP)- CISSP*, CISM*, CISA*, CCSK*, CCSP*- SOC1 and SOC2 (SSAE16 / ISAE3402) awareness- Business Continuity and Disaster Recovery awareness (ISO 22301) Professional Attributes:1:Good communication2:Teamwork3:Problem Solving Capabilities4:Work Planning and Management 5:Quick Learner6:Eager to take on responsible task7:Dedicated and Focused Educational Qualification:1:MBA-Information Security/ IT2:BE/B-Tech with CS/IT/related domain3:BSc- IT Additional Information:(i.e., travel, overtime %)1:Occasional within country travel 2:Flexibility in working hours Qualification 15 years full time education