320 Phishing Jobs - Page 13

Certifications, Qualification And Experience Bachelor / PG degree with any of the certifications - ISO 27001, CBCP, CISA, CISM, CRISC, CISSP 2 years to 20 years of applied work experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management. Job Description Implements security controls, risk assessment framework (ISO 31000, NIST), and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances client business objectives. Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves client security positioning through process improvement, policy, automation, and the continuous evolution of capabilities. Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts. Defines and documents business process responsibilities and ownership of the controls in GRC tool (e.g. ServiceNow GRC, Archer, OneTrust, SAP GRC). Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports. Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and compliance such PCI DSS, SOX, SOC2, HIPAA, RBI Guideline, ISO standards Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Assists other staff in the management and oversight of security program functions. Trains, guides, and acts as a resource on security assessment functions to other departments within Client sites. Remains current on best practices and technological advancements and acts as the Client’s technical resource for security assessment and regulatory compliance. Performs other related duties as assigned. Show more Show less

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

We help the world run better At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Summary An SAP Global Cyber Incident Response and Recovery Investigator is a crucial front-line defender and core part of SAP’s digital enterprise. Our Cyber Incident Investigators are responsible for triaging security events detected by security monitoring operations tools, analyzing all available data to determine severity and priority, doing an initial assessment whether a cyber-attack is occurring. Then the Investigator will escalate to a Global Security Operations Investigator in scoping the extent of a suspected attack, coordinating efforts to contain attacks, and supporting forensic investigation to determine the details around the attack. What you'll do Our Global Cyber Security Incident Response and Recovery Investigator are our first line of response for security event and incidents with a global scope. They are responsible for triaging security alerts detected by Enterprise Detection and SIEM, analyzing available data to determine scope, severity, and priority to determine follow on actions, which could include escalation to a GSO Investigator. In escalation cases, they then work in a supportive capacity to further validate if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, supporting forensic investigations to determine the details around an attack, and providing guidance on remediation actions. In this role, you will not only conduct an initial assessment of the event, but also help scope and determine root cause analysis, support development of attack remediation strategies and coordinate the communication and handling of escalations of security activities. This role also triages operational response processes like those intervening in phishing campaigns. You will also assist in the review and updating of incident handling processes, standard operating procedures, playbooks and runbooks. You will work with Detection and SIEM teams to make improvements to detection and alerting mechanisms and support forensic investigations to determine incident details and provide supporting evidence. What you bring You should have demonstrated experience in cyber-attack analysis and of working in a similar 24/7 environments managing cases with enterprise SIEM or Incident Management systems. Previous experience of supporting multi-function, cross-organizational teams is also highly desirable. We are looking for analytical, critical thinkers, who have an eye for detail and are solution orientated. You should be quick to learn and adapt and operate in a dynamic environment. You typically will have most of the following technical skills and experience: 7 to 8 years’ of experience in a similar incident Investigator role or equivalent combination of education, certifications, and trainings Security certification (e.g. Security+, GCIA, GCIH, CISSP) Knowledge APT actors; their tools, techniques, and procedures (TTPs) Knowledge of TTP methods and frameworks Knowledge of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB Solid knowledge of one or more: Windows/AD file system, registry functions and memory artifacts Unix/Linux file systems and memory artifacts Mac file systems and memory artifacts Database, web application, cloud, or mobile device cyber incident response principals and techniques Cybersecurity automation Web servers and web applications. SIEM Security tools: IPS, Web proxy, Email proxy, pDNS, Deception, EDR etc.... Experience with one or more scripting languages (Powershell, Python, Bash, etc.) Experience with integration of threat hunting and cyber threat intelligence into the incident response process Experience with information security compliance audit frameworks and requirements e.g. ISO, FISMA, FedRAMP, SOC, SOX, PCI, GDPR and Data Privacy Bring out your best SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best. We win with inclusion SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world. SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training. EOE AA M/F/Vet/Disability: Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability. Successful candidates might be required to undergo a background verification with an external vendor. Requisition ID: 411769 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid.

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support EngineerMandatory Skills : Phishing, Threat Attack, Cyber SecurityExperience: 3 to 5 YearsLocation : HyderabadNotice Period : Immediate to 15 Days Job Description:Key ResponsibilitiesConduct email analysis and reverse engineer to identify and mitigate threats.Perform static and dynamic analysisAnalyze network traffic and develop heuristic signatures to detect malicious activities.Investigate security incidents, including data breaches, system intrusions, and policyviolations.Collaborate with cross-functional teams to improve detection capabilities andresponse.Develop and implement incident response plans and coordinate incidentinvestigations.Classify, Maintain and update real-time block lists and URL block lists.Write and review regular expressions for phish, spam and fraud detection.Perform URL and email grading to assess and categorize potential threats.Engage in security response activities to address and resolve security incidents.Conduct threat hunting to proactively identify and address potential detection gaps. Basic QualificationsBachelor's or Master's degree in Computer Science, Computer Engineering,Information Security, or a related field.Strong understanding of computer security, network architecture, and threatlandscape.Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS).Strong knowledge of networking concepts and OSI layers.Understanding of enterprise IT architecture, operating systems, and file systems.Excellent analytical skills and ability to identify patterns and trends.Strong research skills and ability to analyze and present complex data.Good logical reasoning and deep analytical skills.Good communication skills and attention to detail.Ability to perform well under stress, particularly in critical response situations.Basic qualities of a researcher, including curiosity, persistence, and attention todetail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identifyindicators of compromise (IOCs), and respond to incidents promptly.Phishing Detection and Mitigation: Expertise in identifying and mitigating phishingattacks, including spear-phishing and whaling.Malware Analysis: Skills in analyzing email-borne malware, understanding itsbehavior, and developing countermeasures.Cryptography: Knowledge of encryption techniques to secure emailcommunications and protect sensitive data.Network Security: Understanding of network protocols and security measures todetect and prevent email-based attacks.Programming and Scripting: Proficiency in languages like Kusto, Python,PowerShell, or Bash for automating security tasks and analyzing email logs.Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, andothers that impact email security practices. ToolsSecure Email Gateways (SEGs): Tools like Microsoft Defender for Office,Proofpoint, Mimecast, or Barracuda to filter and block malicious emails.Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME(Secure/Multipurpose Internet Mail Extensions) for encrypting email content.Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box likeThreatConnect or Recorded Future to gather and analyze threat intelligence data.Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo AltoNetworks WildFire to safely analyze suspicious email attachments.Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond tophishing attempts.Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to sohail.s@s3staff.com

This role has positions based out of Bangalore and Pune; candidates may be considered for either location based on the interview process. Responsibilities:Application Security Testing/Penetration Testing (Web-based, Thick client, web services, Mobile Android & IOS, Network PT)API TestingSecurity defect Tracking and working closely with Developers to fix the issueStrong experience with the following tools – Burp Suite, Wireshark, Nmap, Metasploit, Checkmarx/Fortify, and Nessus.Excellent English communication skills (verbal and written) Requirements:CEH/ OSCP/ OSCE and ISCP certification and 2+ years of work experience in VAPT Benefits of working with us:Benefits of both the worlds - Enthusiasm & Learning Curve of a Start-Up, Deliveries & Performance of an Enterprise Service Provider.The sky's the limit when it comes to learning, growth & and ideas.We do not follow the typical corporate hierarchy ladder.Medical insurance, gratuity, and provident fund.As part of our dedication to an inclusive and diverse workforce, Kratikal is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. About Us: Kratikal Tech Private Limited is a leading B2B cybersecurity firm offering cutting-edgecybersecurity solutions and services such as Network Security Audits, Compliance Implementation, IoT Security, and VAPT. Serving over 150+ enterprise customers and 1825+ SMEs across industries including E-commerce, Fintech, BFSI, NBFC, Telecom, Consumer Internet, Cloud Service Platforms, Manufacturing, and Healthcare, Kratikal is dedicated to helping organizations combat cybercriminals using advanced, technology-driven cybersecurity solutions. The company also develops in-house cybersecurity products, including AutoSecT, competing with industry giants, alongside TSAT (Threatcop Security Awareness Training), TDMARC (Threatcop DMARC), and TPIR (Threatcop Phishing Incident Response). These products have received numerous awards and recognitions for their innovationand effectiveness. Kratikal has been honored as the Top Cyber Security Startup at the 12th Top 100 CISO Awards. With a global reach, Kratikal collaborates with renowned organizations to secure their digital landscapes. For more information, visit our websites at www.kratikal.com and www.threatcop.com.

About the Role: We are seeking an experienced and passionate Threat & Vulnerability Trainer to join our team in Kochi. The ideal candidate will be responsible for delivering comprehensive training programs focused on cybersecurity threats, vulnerability assessments, and remediation strategies. You will work closely with technical teams and trainees to upskill professionals and ensure readiness to tackle evolving cyber threats. Key Responsibilities: Design and deliver in-depth training sessions on cybersecurity topics including: Threat intelligence Vulnerability scanning and management Common attack vectors (phishing, malware, zero-day exploits, etc.) Security frameworks (NIST, ISO 27001, OWASP Top 10) Remediation techniques and best practices Develop customized training materials, hands-on labs, and assessments. Conduct workshops, webinars, and classroom sessions for internal and external learners. Continuously update training content to align with industry trends and threat landscapes. Assess the effectiveness of training sessions through feedback, tests, and practical evaluations. Collaborate with SMEs, SOC teams, and IT departments to understand training needs and integrate real-world scenarios into modules. Required Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. 3+ years of experience in cybersecurity, with a focus on threat and vulnerability management. Proven experience in delivering technical training or mentoring. Familiarity with tools like Nessus, Qualys, Rapid7, Metasploit, Burp Suite, etc. Strong knowledge of CVEs, threat modeling, penetration testing basics, and SIEM concepts. Excellent communication, presentation, and facilitation skills. Preferred Qualifications: Certifications such as CEH, CompTIA Security+, OSCP, CISSP, or similar. Experience working in a SOC or red/blue team environment. Prior experience with learning management systems (LMS) or e-learning content creation. Work Location & Schedule: Location: Kochi (mandatory on-site presence) Work Hours: Monday to Friday, 9:00 AM – 6:00 PM Job Type: Full-time Benefits: Flexible schedule Internet reimbursement Schedule: Day shift Evening shift Monday to Friday Morning shift US shift Experience: total work: 4 years (Required) Language: English (Required) Work Location: Hybrid remote in Kochi, Ernakulam, Kerala Expected Start Date: 13/05/2025

Job Responsibilities: Responsibilities: Hardware Support: Provide first-level technical support for all company-issued hardware, including desktops, laptops, printers, peripherals (e.g., keyboards, mouse, monitors), and mobile devices. Diagnose and troubleshoot hardware malfunctions, perform basic repairs or replacements, and escalate complex issues to senior IT staff or external vendors as necessary. Assist with the setup, configuration, and deployment of new hardware. Maintain an inventory of hardware assets and track hardware-related issues. Provide guidance to users on the proper use and maintenance of hardware. Email Support: Provide comprehensive support for the company's email system (e.g., Microsoft Exchange, Google Workspace). Troubleshoot email-related issues, including account setup, password resets, email client configuration (e.g., Outlook, webmail), sending/receiving errors, spam filtering, and mailbox management. Assist users with email archiving, folder organization, and other email productivity features. Address issues related to email security and phishing attempts, providing user education as needed. Help Desk Operations: Serve as the initial point of contact for all hardware and email-related support requests via phone, email, and in-person. Log all support requests accurately and efficiently in the help desk ticketing system. Prioritize and manage tickets according to severity and impact. Follow up with users to ensure their issues are resolved to their satisfaction. Maintain a knowledge base of common hardware and email issues and their solutions. Contributes to the development of user guides and FAQs. Assist with other IT-related tasks as assigned. Stay up to date with the latest hardware technologies and email systems. Adhere to company IT policies and procedures. Provide training to the clients and team members about the products and services of the organization. Qualifications: High school diploma or equivalent; Associate's or bachelor’s degree in information technology or a related field is preferred. Strong understanding of computer hardware components, operating systems (Windows, macOS), and basic networking. Proficiency in configuring and troubleshooting various email clients (e.g., Microsoft Outlook, web browsers, mobile email apps). Updated email platforms (e.g., Microsoft Exchange, Google Workspace). Familiarity with help desk ticketing systems. Excellent problem-solving and analytical skills. Strong communication (both verbal and written) and interpersonal skills. Ability to work independently and as part of a team. Basic understanding of IT security best practices related to hardware and email. Skills: Hardware troubleshooting and repair Email client configuration and troubleshooting Operating system support (Windows, macOS) Basic networking concepts Help desk ticketing system. Job Type: Full-time Pay: ₹10,000.00 - ₹15,000.00 per month Shift: Evening shift Work Location: In person

The Security & Compliance Manager will lead the organization’s IT security and compliance initiatives, acting as the Single Point of Contact (SPOC) for all third-party audits, especially from BFSI clients. This role ensures adherence to regulatory, data protection, and industry standards. Key Responsibilities Act as the Single Point of Contact (SPOC) for all BFSI customer audits, third-party assessments, and compliance reviews.Maintain and enforce security policies, risk registers, audit trails, and compliance documentation.Ensure ongoing compliance with ISO 27001, SOC 2, RBI, GDPR, TRAI, and other applicable BFSI regulations.Conduct internal audits, gap analyses, and drive remediation plans to closure.Coordinate with legal, IT, DevOps, and business teams to ensure audit readiness and evidence collection.Lead incident response planning, security drills, and business continuity testing.Manage vendor risk assessments, NDAs, and third-party compliance documentation.Perform regular risk assessments and maintain an up-to-date risk register.Conduct vulnerability scans across infrastructure, APIs, applications, and endpoints.Coordinate with external vendors for annual penetration testing and ensure timely remediation.Track, prioritize, and patch vulnerabilities based on CVSS scores and business impact.Develop and maintain a compliance calendar to track all audit and certification timelines.Own and manage the Information Security Management System (ISMS) lifecycle.Prepare and present audit reports, dashboards, and risk summaries to senior leadership.Ensure data privacy and protection controls are implemented across all CPaaS services.Conduct security awareness training and phishing simulations for employees.Review and approve security controls for new projects, vendors, and cloud deployments.Maintain incident logs, RCA reports, and ensure timely closure of security incidents.Collaborate with product and engineering teams to embed security-by-design principles.Stay updated with regulatory changes in the BFSI sector and translate them into actionable controls.Lead external certification audits (e.g., ISO, SOC 2) and manage evidence collection and walkthroughs. Required Skills And Qualifications Bachelor’s degree in information security, IT, or related field.6+ years of experience in IT security, audit, and compliance.Strong knowledge of BFSI regulatory frameworks and data privacy laws.Experience with GRC tools, audit frameworks, and documentation.Certifications: CISA, CISM, ISO 27001 Lead Auditor, or equivalent preferred.Excellent communication and stakeholder management skills.

Key Responsibilities - Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Work closely with Blue Teams in Purple Team exercises to enhance detection and response capabilities. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Required Skills & Experience - Deep understanding and extensive experience in penetration testing methodologies and tools. Strong technical knowledge of various technologies and the ability to quickly learn and adapt to new ones. A passion for learning new technologies and breaking them apart is essential. Expertise in Active Directory attacks and defenses. Proficiency with tools such as Metasploit, Cobalt Strike, BloodHound, and similar offensive security frameworks. Knowledge of hacking methods and frameworks like MITRE ATT&CK. Strong scripting skills (Python, PowerShell, Bash) and experience in manual exploitation techniques. Certifications such as OSCP, OSEP, CRTO, or equivalent are highly valued. What We Offer Competitive salary and benefits package. Exciting projects that challenge your skills and creativity. A collaborative environment where you’ll learn and grow alongside top talent. Access to cutting-edge tools and resources to stay ahead in the cybersecurity field. Opportunities to shape the future of offensive security and contribute to meaningful projects. Job Type: Full-time Schedule: Day shift Work Location: In person

Responsibilities Assist in Data Discovery & Classification to identify sensitive data across systems.Support File Upload Security Solutions by monitoring and analyzing file uploads for threats.Participate in Attack Surface Management (ASM) to identify and mitigate vulnerabilities.Assist in Breach & Attack Simulation (BAS) and Red Team exercises under supervision.Conduct Phishing Simulation campaigns and report on user awareness.Monitor Active Directory (AD) Security for suspicious activities.Support IT Governance, Risk & Compliance (GRC) efforts by maintaining security policies.Assist in deploying and monitoring Decoy (Honeypot) systems for threat detection.Help manage Mobile Device Management (MDM) policies and security controls.Support Secure Data Backup & Recovery (Ransomware Protection) processes.Assist in enforcing Network Access Control (NAC) policies. Qualifications2–5 years of experience in cybersecurity operations.Hands-on experience with SIEM, BAS, ASM, and NAC tools.Strong knowledge of phishing, ransomware defense, and AD security.Experience in GRC frameworks (ISO 27001, NIST and GDPR).Familiarity with honeypots, incident response, and threat intelligence.Certifications like CISSP, CISM, OSCP, or CASP+ preferred.

At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether it’s medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable. Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity. We are seeking a Security Lead with a strong background in cloud infrastructure security, security operations, and compliance. The ideal candidate will provide technical leadership across multi-cloud environments (AWS and Azure), security frameworks (ISO27001, PCI DSS, SOC 2), and modern security tools while bringing experience in SOC operations, vulnerability management, and security governance. This leadership role requires someone who can build and direct security teams, implement robust security controls, manage security incidents, and ensure compliance with industry standards. The Security Lead must excel at developing, implementing, and maintaining a comprehensive suite of security policies and procedures that align with organizational objectives and regulatory requirements. What You’ll Be Doing Security Leadership Lead the security team to deliver effective security services across the organizationContribute to security strategy and roadmap aligned with business objectivesProvide technical guidance and mentorship to team membersServe as the security subject matter expert for managementDrive security maturity improvements based on industry best practicesLead security governance meetings and present security metrics to stakeholders Security Policy Framework Development & Management Lead the development, implementation, and maintenance of the organization's comprehensive security policy framework including:Identity and Access Management & Asset Management ProceduresAccess Control PolicyAcceptable Usage PolicyData Classification and Protection PoliciesInformation Security Management System (ISMS) ManualCloud Security Policy and Cyber Security PolicyCryptography and Key Management PolicyNetwork Security ProceduresApplication Security StandardsVulnerability Management ProceduresThird Party Security Standards and PoliciesSoftware Development Lifecycle ProceduresRisk Management ProceduresEnsure policies adhere to ISO27001 requirements and maintain the Statement of ApplicabilityOversee the development and maintenance of Standard Operating Procedures for IT, DevOps, Admin, Product Support, Application, and Information Security teamsLead regular reviews and updates of the Risk Register and security policies Multi-Cloud Security Implementation Lead the implementation and management of security architecture across AWS and Azure environmentsDesign and implement consistent security controls across multi-cloud platformsOversee WAF solutions to protect web applications from threatsDirect configuration and management of cloud security controls across cloud environmentsGuide implementation of container security measuresOversee cryptographic key management and security automationImplement cloud security best practices for both AWS and Azure Security Operations & Monitoring Lead SOC team to ensure efficient cybersecurity monitoring, incident response, and threat managementOversee implementation and management of SIEM solutionsGuide detection strategy and custom rule developmentEnsure effective incident response and threat managementCoordinate security incident management and response Business Continuity & Disaster Recovery Lead the development and maintenance of Business Continuity Plan and Disaster Recovery PlanCoordinate with stakeholders to ensure plans are regularly tested and updatedImplement backup policies and procedures to ensure data availability Governance, Risk & Compliance Act as the primary liaison for internal, external, and regulatory auditsLead compliance efforts for ISO27001, PCI DSS, and SOC 2Coordinate vendor risk management activitiesContribute to defining roles and responsibilities for ISMS, IT, and DevOps teamsLead preparation of documentation and evidence for compliance audits Physical & Environmental Security Guide development and implementation of physical and environmental security standardsOversee secure disposal processesCoordinate implementation of clear desk and clear screen procedures Vulnerability Management Lead the organization's vulnerability management programCoordinate vulnerability assessment and penetration testing initiativesOversee remediation effortsGuide risk assessments and threat modelingLead patch management implementation Security Awareness & Training Develop security awareness strategy and training programsCoordinate phishing simulation campaignsFoster security culture development initiativesStrong leadership and team coordination abilitiesTactical execution with ability to align security initiatives with business objectivesExceptional ability to develop clear, comprehensive, and effective security policiesStrong analytical, troubleshooting, and problem-solving skillsExcellent communication skills for collaborating with cross-functional teams and managementExperience working as security lead across multiple business unitsAbility to translate complex security concepts for non-technical stakeholdersProactive approach to identifying and addressing security challenges This leadership position offers the opportunity to lead security initiatives across multiple business entities while implementing cutting-edge security solutions and best practices. The role requires a candidate who can provide technical leadership and excel at developing and maintaining the comprehensive policy framework that governs the organization's security posture. Who You Are 6+ years of information security experience with focus on cloud security and security operationsExperience in a security leadership or team lead roleStrong hands-on experience with multi-cloud platforms (AWS and Azure) and their security servicesDemonstrated experience implementing security frameworks and maintaining certifications (ISO27001, PCI DSS, SOC 2)Proven track record in developing, implementing, and managing comprehensive security policiesBackground in security monitoring, incident response, and vulnerability managementExperience with container security and Kubernetes environmentsSecurity policy development and implementationSecurity team leadership and coordinationMulti-cloud security implementation (AWS and Azure)Security monitoring and SIEM implementation (Wazuh, CrowdStrike Falcon)Cloud security tools and WAF configuration (Reblaze, AWS WAF, Azure WAF)Container security (NeuVector, Kubernetes security controls)Vulnerability assessment and penetration testing coordinationIdentity and access management, implementing least privilege principlesSecurity automation and infrastructure as codeISO27001 Implementation experience will be a plusPCI DSS compliance expertise will be a plusSOC 2 compliance expertise will be a plusCloud security certifications (AWS Security, Azure Security) will be a plusSecurity certifications (CISSP, CISM)will be a plus Who we are: FourKites®, the leader in AI-driven supply chain transformation for global enterprises and pioneer of real-time visibility, turns supply chain data into automated action. FourKites’ Intelligent Control Tower™ breaks down enterprise silos by creating a real-time digital twin of orders, shipments, inventory and assets. This comprehensive view, combined with AI-powered digital workers, enables companies to prevent disruptions, automate routine tasks, and optimize performance across As the leader in AI-driven supply chain transformation, FourKites pioneered the Intelligent Control Tower™ powered by the world’s largest real-time visibility network. Our platform creates comprehensive digital twins of your supply chain with AI-powered digital workers to automate resolution, improve collaboration and drive outcomes across all stakeholders. Unlike traditional control towers, we enable true real-time execution and intelligent fulfillment, transforming both your supply and customer. Benefits Medical benefits start on first day of employment36 PTO days( Sick, Casual and Earned) , 5 recharge days, 2 volunteer days Home Office setups and Technology reimbursementLifestyle & Family benefits Annual Swags/ Festive SwagsOngoing learning & development opportunities ( Professional development program, Toast Master club etc.)

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support EngineerMandatory Skills : Phishing, Threat Attack, Cyber SecurityExperience: 3 to 5 YearsLocation : HyderabadNotice Period : Immediate to 15 Days Job Description:Key ResponsibilitiesConduct email analysis and reverse engineer to identify and mitigate threats.Perform static and dynamic analysisAnalyze network traffic and develop heuristic signatures to detect malicious activities.Investigate security incidents, including data breaches, system intrusions, and policyviolations.Collaborate with cross-functional teams to improve detection capabilities andresponse.Develop and implement incident response plans and coordinate incidentinvestigations.Classify, Maintain and update real-time block lists and URL block lists.Write and review regular expressions for phish, spam and fraud detection.Perform URL and email grading to assess and categorize potential threats.Engage in security response activities to address and resolve security incidents.Conduct threat hunting to proactively identify and address potential detection gaps. Basic QualificationsBachelor's or Master's degree in Computer Science, Computer Engineering,Information Security, or a related field.Strong understanding of computer security, network architecture, and threatlandscape.Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS).Strong knowledge of networking concepts and OSI layers.Understanding of enterprise IT architecture, operating systems, and file systems.Excellent analytical skills and ability to identify patterns and trends.Strong research skills and ability to analyze and present complex data.Good logical reasoning and deep analytical skills.Good communication skills and attention to detail.Ability to perform well under stress, particularly in critical response situations.Basic qualities of a researcher, including curiosity, persistence, and attention todetail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identifyindicators of compromise (IOCs), and respond to incidents promptly.Phishing Detection and Mitigation: Expertise in identifying and mitigating phishingattacks, including spear-phishing and whaling.Malware Analysis: Skills in analyzing email-borne malware, understanding itsbehavior, and developing countermeasures.Cryptography: Knowledge of encryption techniques to secure emailcommunications and protect sensitive data.Network Security: Understanding of network protocols and security measures todetect and prevent email-based attacks.Programming and Scripting: Proficiency in languages like Kusto, Python,PowerShell, or Bash for automating security tasks and analyzing email logs.Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, andothers that impact email security practices. ToolsSecure Email Gateways (SEGs): Tools like Microsoft Defender for Office,Proofpoint, Mimecast, or Barracuda to filter and block malicious emails.Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME(Secure/Multipurpose Internet Mail Extensions) for encrypting email content.Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box likeThreatConnect or Recorded Future to gather and analyze threat intelligence data.Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo AltoNetworks WildFire to safely analyze suspicious email attachments.Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond tophishing attempts.Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to renu.a@s3staff.com

Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response : Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation : Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis : Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography : Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security : Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting : Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance : Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs) : Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools : Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms : Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions : Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools : Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools

Job Description As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Senior Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Lead the development of enhanced cloud and application security control integrations and architectural best practices. Lead the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Lead the maintenance and monitoring security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Lead adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 7+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 05/17/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335954

Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products.Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices.Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements.Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements.Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function.Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues.Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures.Monitor and log the actual service provided, compared to that required by service level agreements.Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results.Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities.Assist in maintaining security infrastructure and performing system updates.Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues.Work closely with cross-functional Infrastructure teams on Automation and Orchestration.Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools.Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream.Working experience in cloud environments AWS must have and good to have Azure, or GCP.Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles.Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks.Familiarity with software development/delivery lifecycle and related technologies3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions.Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms..Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP).Ideally AWS certified.Good interpersonal and communication skills (verbal and written).Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable.Proven record of delivering high-quality results.Product and customer-centric approach.Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 05/15/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R342306

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products.Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle.Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues.Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner.Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls.Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements.Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues.Monitor and log the actual service provided, compared to that required by service level agreements.Assist in maintaining security infrastructure and performing system updates.Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues.Work closely with cross-functional Infrastructure teams on Automation and Orchestration.Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools.Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream.3+ years of hands-on experience working with proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles.Good to have experience in cloud environments AWS, Azure, or GCP.Familiarity with software development/delivery lifecycle and related technologiesFamiliarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks.Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP).Ideally AWS certified.Good interpersonal and communication skills (verbal and written).Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable.Proven record of delivering high-quality results.Product and customer-centric approach.Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 04/28/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R341160

Position Overview ABOUT APOLLO Apollo is a high-growth, global alternative asset manager. In our asset management business, we seek to provide our clients excess return at every point along the risk-reward spectrum from investment grade to private equity with a focus on three investing strategies: yield, hybrid, and equity. For more than three decades, our investing expertise across our fully integrated platform has served the financial return needs of our clients and provided businesses with innovative capital solutions for growth. Through Athene, our retirement services business, we specialize in helping clients achieve financial security by providing a suite of retirement savings products and acting as a solutions provider to institutions. Our patient, creative, and knowledgeable approach to investing aligns our clients, businesses we invest in, our employees, and the communities we impact, to expand opportunity and achieve positive outcomes. OUR PURPOSE AND CORE VALUES Our Clients Rely On Our Investment Acumen To Help Secure Their Future. We Must Never Lose Our Focus And Determination To Be The Best Investors And Most Trusted Partners On Their Behalf. We Strive To Be The leading provider of retirement income solutions to institutions, companies, and individuals. The leading provider of capital solutions to companies. Our breadth and scale enable us to deliver capital for even the largest projects – and our small firm mindset ensures we will be a thoughtful and dedicated partner to these organizations. We are committed to helping them build stronger businesses. A leading contributor to addressing some of the biggest issues facing the world today – such as energy transition, accelerating the adoption of new technologies, and social impact – where innovative approaches to investing can make a positive difference. We are building a unique firm of extraordinary colleagues who: Outperform expectations Challenge Convention Champion Opportunity Lead responsibly Drive collaboration As One Apollo team, we believe that doing great work and having fun go hand in hand, and we are proud of what we can achieve together. Our Benefits Apollo relies on its people to keep it a leader in alternative investment management, and the firm’s benefit programs are crafted to offer meaningful coverage for both you and your family. Please reach out to your Human Capital Business Partner for more detailed information on specific benefits. Position Overview Apollo’s Cybersecurity team is currently seeking an Associate Director of Cyber Services, to join our dynamic and distributed Cyber Security team. The team is responsible for protecting the environment from cyber risks, responding to threats, educating resources on cyber best practices, and running cyber controls. As Associate Director, Cyber Services, you will be the local leader of Cyber service-delivery and troubleshooting for Apollo users. The Associate Director, Cyber Services is also responsible for investigation of global business-centric data security alerts and an assortment of Cyber-internal and business-centric processes. The ideal candidate will have significant team leadership experience in both Cybersecurity and IT support, have a strong security background, and experience testing/validating security controls. The ideal candidate will also demonstrate problem-solving skills at both the technical and business level, with a clear penchant for offering solutions. You will work closely with other members of information security and information technology. You will participate in a 24x7 follow-to-sun model of cyber assistance for our corporate workforce. This is an exciting opportunity on a growing team that is scaling and investing in their people, process, and technology. This role requires working flexible hours when needed to support the cybersecurity mission at Apollo. The ideal candidate will have experience in all the above areas, management, and a demonstrated ability to work well with stakeholders from diverse backgrounds. If you are a candidate looking to be a part of a dynamic team, that continuously challenges itself, is committed to learning and improving, and passionate about cybersecurity, then this could be the right opportunity for you! Primary Responsibilities You will be expected to be an expert in troubleshooting cyber tools and finding acceptable workarounds that satisfy both cyber policies and standards as well as satisfy and support business needs. Join the cybersecurity leadership team representing in-region interests and execution.Serve as the local leader of the Cyber Defense team, with primary responsibility of ensuring in-region success of cyber initiatives and follow-the-sun support on investigations and incidents.Ensure our Cyber Defense controls are operating as expectedPartner effectively with the global Client Services teams and act as the primary point of contact for stakeholders and business users regarding cyber security matters. Deliver the highest level of client service with professionalism and promote Cyber’s brand.Oversee Data Security and Insider Threat initiatives, ensuring the protection of sensitive information.Monitor Data Protection and Insider Threat systems for alerts and follow-up effectively to mitigate risk in a timely and careful manner.Conduct and manage insider threat investigations, identifying and mitigating potential risks.Support business users with technical issues related to cyber defense tools, including SSL decryption, firewalls, and troubleshooting security-related problems.Create effective and efficient procedures for global Cyber Services teams to follow.Collaborate with global cyber security teams to align local practices with organizational standards.Exhibit exceptional leadership skills in building and developing team members; cultivate strong teams focused on innovation, agile delivery, and compliance.Drive continuous improvement of governance and controls within the Cyber Defense organization, including capturing evolving metrics and developing processes that leverage cyber tools.Stay updated on the latest cyber threats and trends to proactively address potential vulnerabilities. Qualifications & Experience Bachelor’s degree in computer science, Information Technology, or related field.Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC a plus experience Required: 5-8 years of experience in Enterprise Cybersecurity, or with a reputed Services / consulting firm offering security operations consulting or equivalent public sector experience5-8 years of experience as a successful team manager, including both a service queue and project work.Extensive experience communicating with internal and external business stakeholders.Experience engaging in a 24x7 operational environment.Experience in Data Protection: discovery, classification, labelling, and policy enforcement.Experience implementing, supporting, and tuning Cyber Security technical controls, such as host firewalls, URL filtering, endpoint detection, NGAV, IPS system, email security, anti-phishing controls.Experience with SQL and scripting (such as PowerShell and Python).Results oriented and the ability to manage multiple tasks and deadlines with attention to detail.Strong communication and self-management skills, especially reporting across time zones.Apollo provides equal employment opportunities regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, colour, nationality, ethnic or national origin, religion or belief, veteran status, gender/sex or sexual orientation, or any other criterion or circumstance protected by applicable law, ordinance, or regulation. The above criteria are intended to be used as a guide only – candidates who do not meet all the above criteria may still be considered if they are deemed to have relevant experience/ equivalent levels of skill or knowledge to fulfil the requirements of the role. Any job offer will be conditional upon and subject to satisfactory reference and background screening checks, all necessary corporate and regulatory approvals or certifications as required from time to time, and entering into definitive contractual documentation satisfactory to Apollo.

About KnowBe4 KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by tens of thousands of organizations around the globe. KnowBe4 enables organizations to manage the ongoing problem of social engineering by helping them train employees to make smarter security decisions, every day. Fortune has ranked us as a best place to work for women, for millennials, and in technology for four years in a row! We have been certified as a "Great Place To Work" in 8 countries, plus we've earned numerous other prestigious awards, including Glassdoor's Best Places To Work. Our team values radical transparency, extreme ownership, and continuous professional development in a welcoming workplace that encourages all employees to be themselves. Whether working remotely or in-person, we strive to make every day fun and engaging; from team lunches to trivia competitions to local outings, there is always something exciting happening at KnowBe4. Please submit your resume in English. KnowBe4’s Site Reliability Engineers help ensure that our platforms are reliable, secure, scalable, and efficient. They work alongside other engineers in a fast-paced, agile development environment, and share solutions to advance the technologies running our systems, improve their safety and reliability, and make the complex distributed services that deliver our platforms easy to understand. The ideal member of our team gets excited about new AWS service releases, stays up-to-date on industry trends and design patterns, and has excellent time-management and communication skills. Some Of The Technologies We Use Programming Languages - Python, Ruby, RustInfrastructure as Code - Terraform, AWS CDKSource Code Management and CI/CD - GitLab, SnykObservability - DataDog, AirbrakeContainerized Workloads - DockerCloud-native infrastructure in AWS - ECS, Lambda, Step Functions, SNS/SQS, Transit Gateway, Aurora, DynamoDB, CloudFront, S3, AppSync, API Gateway, and many more. Responsibilities Work with other Site Reliability Engineers to build highly scalable and resilient applications and infrastructure in AWSMaintain and improve extensible infrastructure-as-code using TerraformLearn, maintain, and improve our existing deployment strategiesDeliver effective observability, monitoring, and alerting patterns for KnowBe4’s applications and infrastructure Requirements BS/MS/Ph.D. or equivalent plus 2 years experienceTraining in secure coding practices (preferred)Comfortable maintaining existing scripts in one or more programming languages (e.g. Python, Ruby, Javascript).Experience maintaining infrastructure in AWSExperience maintaining workflows for continuous integration and continuous deployment (CI/CD) - GitLab is preferredEffective communication skills Our Fantastic Benefits We offer company-wide bonuses based on monthly sales targets, employee referral bonuses, adoption assistance, tuition reimbursement, certification reimbursement, certification completion bonuses, and a relaxed dress code - all in a modern, high-tech, and fun work environment. For more details about our benefits in each office location, please visit www.knowbe4.com/careers/benefits. Note: An applicant assessment and background check may be part of your hiring procedure. Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit www.knowbe4.com/careers/request-accommodation. No recruitment agencies, please.

Who We Are Addepar is a global technology and data company that helps investment professionals provide the most informed, precise guidance for their clients. Hundreds of thousands of users have entrusted Addepar to empower smarter investment decisions and better advice over the last decade. With client presence in more than 50 countries, Addepar’s platform aggregates portfolio, market and client data for over $7 trillion in assets. Addepar’s open platform integrates with more than 100 software, data and services partners to deliver a complete solution for a wide range of firms and use cases. Addepar embraces a global flexible workforce model with offices in Silicon Valley, New York City, Salt Lake City, Chicago, London, Edinburgh, Pune, and Dubai. The Role Part of the broader Addepar Data Management & Quality, the Portfolio Data Ops team is responsible for ensuring Addepar's clients have timely and high quality data. This will include overseeing the processing of portfolio transactions and positions, diligently completing verification checks, and assisting clients with their data support questions. The Portfolio Data Ops group sits at the nexus of Addepar's activity and requires daily communications with financial data providers, clients, and other personnel across the company. IMPORTANT: The working schedule for this position is from 6:30 PM to 3:30 AM IST, U.S. business days. What You’ll Do Perform daily internal verification checks to ensure client portfolio data is accurate and made available within SLAsInvestigate and troubleshoot data pipeline issues and data feed processing exceptions, and triage with level 2 and 3 support when neededAddress data related inquiries and requests from clients, members of Sales and Services organizations, and external data providers/partners in a timely mannerProvide assistance to regional counterparts on common operations workflows and projectsMaintain team resources and procedural documentation, and ensure metrics are accurately recorded for internal analyticsCollaborate with Product and Engineering to identify and implement process improvements and tooling enhancements that increase data quality as well as increase operational efficiency Who You Are Minimum 5+ years of work experience in the financial investment/advisory industry with deep knowledge of capital markets, trade processing and lifecycle, and middle/back-office operations systemsDemonstrates strong attention to details and meticulous execution of established processesExcellent communication and interpersonal skills for engaging with internal and external data partnersConsistent track record of multitasking and prioritizing effectively in a fast paced environment, and remaining calm under pressureTeam-oriented, proactive self-motivation, and forward thinkingWilling to work flexible hoursTechnical skills preferred in any or all of the following: Microsoft Excel, Google Suite, Atlassian Jira/Confluence, SQL, Salesforce, Bloomberg, Thomson Reuters, or other common financial services systems and applications Our Values Act Like an Owner - Think and operate with intention, purpose and care. Own outcomes.Build Together - Collaborate to unlock the best solutions. Deliver lasting value. Champion Our Clients - Exceed client expectations. Our clients’ success is our success. Drive Innovation - Be bold and unconstrained in problem solving. Transform the industry. Embrace Learning - Engage our community to broaden our perspective. Bring a growth mindset. In addition to our core values, Addepar is proud to be an equal opportunity employer. We seek to bring together diverse ideas, experiences, skill sets, perspectives, backgrounds and identities to drive innovative solutions. We commit to promoting a welcoming environment where inclusion and belonging are held as a shared responsibility. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. PHISHING SCAM WARNING: Addepar is among several companies recently made aware of a phishing scam involving con artists posing as hiring managers recruiting via email, text and social media. The imposters are creating misleading email accounts, conducting remote “interviews,” and making fake job offers in order to collect personal and financial information from unsuspecting individuals. Please be aware that no job offers will be made from Addepar without a formal interview process. Additionally, Addepar will not ask you to purchase equipment or supplies as part of your onboarding process. If you have any questions, please reach out to TAinfo@addepar.com.

Who We Are Addepar is a global technology and data company that helps investment professionals provide the most informed, precise guidance for their clients. Hundreds of thousands of users have entrusted Addepar to empower smarter investment decisions and better advice over the last decade. With client presence in more than 50 countries, Addepar’s platform aggregates portfolio, market and client data for over $7 trillion in assets. Addepar’s open platform integrates with more than 100 software, data and services partners to deliver a complete solution for a wide range of firms and use cases. Addepar embraces a global flexible workforce model with offices in Silicon Valley, New York City, Salt Lake City, Chicago, London, Edinburgh, Pune, and Dubai. The Role We are seeking a versatile Senior Recruiter to join our global recruiting team and assist in our hiring efforts for various technical and non-technical positions. In this role, you will work closely with recruiters and hiring managers to identify and connect with premier talent, ensuring a diverse pipeline of candidates for Addepar's open roles. You will have strong experience in end to end recruitment lifecycle and sourcing and screening talent through various channels including, LinkedIn Recruiter, Greenhouse, social media, and open-source communities. If you're motivated, resourceful, and thrive in a fast-paced environment, we would love to hear from you. What You’ll Do Collaborate with hiring managers, recruiters, and sourcers to understand the hiring needs and job requirements for product, engineering, sales, data operations and services teamsProvide innovative and scalable sourcing solutions to help drive a pipeline of talent to meet our hiring needsLeverage Greenhouse, LinkedIn, and other channels to source passive and active candidates at all levels (intern to senior)End to end recruiting experience right from getting the requirement upto getting the candidate onboarded. Maintain accurate and up-to-date data in the ATS, ensuring data integrity and compliance with internal processes and guidelinesPartner with recruiters and coordinators to schedule interviewsStay up to date with industry trends, market insights, and talent acquisition best practices, sharing knowledge and recommendations with the recruiting team Who You Are Minimum 8+ years of recruiting experience with strong experience in end to end recruiting lifecyclePrevious experience recruiting for technical and non-technical roles on a global scale with a focus on APAC (primarily India)You have a passion for connecting with professionals, and aligning them to jobs that fit their experience and motivationHave the ability to build deep relationships with candidates, hiring managers, and the broader recruiting teamExcellent organizational skills, with the ability to manage multiple priorities at once, and meet deadlines in a fast-paced environmentYou enjoy solving problems, and have the ability to think creatively to identify top-tier talentYou have deep knowledge of the regional and global talent market for technology and non-tech roles, along with the employment laws and regulationsYou know how to use data and market intelligence to influence the overall hiring strategyMust have experience with using modern ATS such as Greenhouse and other recruiting tools and sources Important Note - This role requires working from our Pune office 3 days a week (Hybrid work model) Our Values Act Like an Owner - Think and operate with intention, purpose and care. Own outcomes.Build Together - Collaborate to unlock the best solutions. Deliver lasting value. Champion Our Clients - Exceed client expectations. Our clients’ success is our success. Drive Innovation - Be bold and unconstrained in problem solving. Transform the industry. Embrace Learning - Engage our community to broaden our perspective. Bring a growth mindset. In addition to our core values, Addepar is proud to be an equal opportunity employer. We seek to bring together diverse ideas, experiences, skill sets, perspectives, backgrounds and identities to drive innovative solutions. We commit to promoting a welcoming environment where inclusion and belonging are held as a shared responsibility. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. PHISHING SCAM WARNING: Addepar is among several companies recently made aware of a phishing scam involving con artists posing as hiring managers recruiting via email, text and social media. The imposters are creating misleading email accounts, conducting remote “interviews,” and making fake job offers in order to collect personal and financial information from unsuspecting individuals. Please be aware that no job offers will be made from Addepar without a formal interview process. Additionally, Addepar will not ask you to purchase equipment or supplies as part of your onboarding process. If you have any questions, please reach out to TAinfo@addepar.com.