193 Product Security Jobs

The Network Security advisor will engage in daily maintenance and operations of the Firewall, Prisma, Routing & Switching and AWS cloud Networking. The Network Security Advisor will work primarily with Network Security products from Palo Alto, The Network Security advisor would design, confirm, determine and/or troubleshoot traffic flows, security implementation and configurations etc. Network Security Services include daily maintenance and operations of multiple customers network security infrastructure. The successful candidate will be required to troubleshoot firewall and network traffic flows, as well as maintain accurate documentation of network and security products, support activities and processes. The candidate will also be required to work independently and remotely when troubleshooting and must have the ability to solve problems with minimal client input and ability to escalate when solution is not readily apparent. The Network Security Advisor would work on Requests, Changes, Incidents and Problem records to support our customers network security environment. Implement Network Security solutions and provide operational support in a customer environment. Support Palo Alto, Prisma SASE solution. Will provide technical escalation to L1 support engineers. Provide On-call support for high severity incidents in a 24x7 environment. Detect security issues, create customer tickets, and manage problems until closure. Ensure that Service Level Agreements and operational standards are met. Perform system maintenance, checkups and maintain current documentation. Provide resolution plans for device issues. Propose service, process, and technical improvements to management. Experience and at least 5 years Network Security administration experience. Excellent Time Management skills required to properly manage operations duties and other task that will assist in the optimization of the firewall team. Working with internal tools to complete configuration backup/restore as well as monitoring and reporting. Responsibilities included assisting in Daily Steady State operations in request and change management as well as weekly on-call rotation support. Complete Weekly/Monthly Health Status checks across all support network security platforms. Working with multiple customers support environment to complete upgrades, patches, overall operational support. Assist in conducting rule set reviews to improve overall security footprint for our customers. Provide operational support of the Network & Security environments. Detect security issues, create customer tickets and manage problems until closure. Ensure that Service Level Agreements and operational standards are met. Perform system maintenance, checkups and maintain current documentation. Provide resolution plans for device issues. Propose service, process and technical improvements to management. Minimum 8-9 overall years experience in Networking 5 years of Palo Alto, NGFW, SASE Location - Bengaluru,India,Hyderabad,Chennai,Coimbatore,Pune

As an Engineering Manager focused on Product Security at Medtronic, your role will involve leading a dynamic team dedicated to developing, implementing, and monitoring security solutions for Medtronic's cardiac medical devices and infrastructure. You will be required to drive product security initiatives, ensure compliance with regulatory standards, and foster collaboration across various teams. Your responsibilities will include: - Leading and managing a team of engineers and cybersecurity professionals - Executing a comprehensive Product Security strategy aligned with business objectives and regulatory requirements - Collaborating with cross-functional global teams to integrate security practices throughout the product lifecycle - Overseeing the identification and remediation of vulnerabilities - Establishing and maintaining security standards, frameworks, and best practices - Monitoring industry trends and emerging technologies to inform security strategies - Communicating complex security concepts clearly to diverse stakeholders - Fostering a culture of security awareness and continuous improvement - Managing project timelines, budgets, and resources - Driving best-in-class Product Security design for new cardiac product development - Building and sustaining a product security team capable of assessing and testing new and released cardiac products Basic Qualifications: - Education: Bachelor's degree in engineering, Computer Science, or a related field; advanced degree preferred - Experience: Minimum of 15+ years of experience in engineering or cybersecurity roles - Proven expertise in product security, particularly in medical device or other highly regulated industries - Strong understanding of cybersecurity principles, risk management processes, and regulatory requirements - Demonstrated ability to lead and develop high-performing teams - Excellent communication and interpersonal skills Desirable Qualifications: - CISSP, OSCP or similar cybersecurity certifications - Experience with IoT devices, embedded, mobile, cloud security, and data protection architectures - Familiarity with security incident management and operations center practices - Knowledge of national and international laws related to medical device cybersecurity - Experience in healthcare or other heavily regulated industries - Understanding compliance with FDA, GDPR, EUMDR, and other international regulations Joining Medtronic will allow you to be part of a team dedicated to making a positive impact in the lives of patients worldwide. The company offers a collaborative and inclusive work environment where you can thrive and advance your career. Together, you can contribute to shaping the future of healthcare.,

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SOAR Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps SOAR playbooks for security use cases, such as phishing incident response, vulnerability triage, or threat hunting on Google SecOps based on specific threat models.Integration of Google SecOps SOAR with other security capabilities and tools such as SIEM, EDR, NDR threat intelligence platform, and ticketing systems.Design testing and conduct validation of SOAR playbooks before deployment to live environment.Write custom actions, scripts and/or integrations to extend SOAR platform functionality.Monitor performance and perform timely actions to scale SOAR deployment, especially in a high-volume security environment.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Develop SOAR playbooks to provide case handling and Incident response as per triage needsCreation of SOAR assets such as reports etc.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Google SecOps SOAR experience in the areas of responsibility for at least 1 yearCoding experience in one or more general purpose languages.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SIEM experience of 1 year in integration of log sources, extension of pre-built UDMs and creation of custom parsers, creation of dashboards, creation of custom rules using YARA-L 2.0 etc.Knowledge and experience in SOAR platformsKnowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSPExperience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC.Demonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills (English), and the ability to develop high-quality technical documentation and presentation materials. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 years of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a Google SecOps Platform Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates will provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Spearhead the architecture and implementation of Google SecOps environment on GoogleCloud Platform for large scale deployments and migration.Strategic design and implementation of data pipelines & effective data storage mechanisms to meet functional and nonfunctional requirements of Google SecOps customers.Design, plan and implement data migrations from existing SIEM SOAR platforms of customers to Google SecOps.Hardening of critical infrastructures and platform services leveraged by Google SecOps.Integration of Google SecOps with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend Google SecOps platform functionality.Monitor performance and perform timely actions to scale Google SecOps deployment, especially in a very high-volume security environment.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Professional & Technical Skills: Bachelors degree in computer science, Engineering or related technical field or equivalent practical experience.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience in architecting, developing, or maintaining secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityDemonstrated experience on consulting or ownership of Security during high-speed environment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English, and the ability to develop high-quality technical documentation and presentation materials.Google SecOps experience in the areas of responsibility for at least 1 year.Ability to be located in Mumbai, India for at least 1 year.Hands on and deep knowledge of security principles.Demonstrated experience in Cloud Security delivered within the context of customer facing roles. Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.10+ years' experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : Security Information and Event Management (SIEM) Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Client accelerates organizations ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage cutting-edge technology all on the cleanest cloud in the industry. Role & Responsibilities:As a SIEM Engineer, you will be responsible for strategic delivery helping our customers securely adopt Google SecOps. You will provide best practices on secure build of Google SecOps platform, foundational cloud implementation for Google SecOps, tackle difficult problems that businesses are facing when building Google SecOps, and more. Candidates provide prescriptive guidance in ensuring customers receive the best of what Google SecOps can offer and you will ensure that customers have the best experience in migrating, building, modernizing, and maintaining Google SecOps. Additionally, you will work closely with Product Management and Product Engineering to drive excellence of Google SecOps and features.Lead the design and implementation of Google SecOps data ingestion from diverse sources, various mechanisms for integration and normalization of logs.Extension of pre-built UDMs in Google SecOps and creation of custom parsers were required for log sources.Integration of Google SecOps SIEM with other security capabilities and tools such as SOAR, EDR, NDR, threat intelligence platform, and ticketing systems.Write custom actions, scripts and/or integrations to extend SIEM platform functionality.Monitor performance and perform timely actions to scale SIEM deployment, especially in a very high-volume security environment.Creation of SIEM assets such as detection rules using YARA-L, dashboards, parsers etc.Migration of existing assets from existing customers SIEM SOAR to SecOps and assisting in implementing the SIEM SOAR phase-out, phase-in approach.Testing and deployment of newly created and migrated assets such as rules, playbooks, alerts, dashboards.Design and implement solutions to handle alert fatigue encountered in SIEM correlation.Creation of custom SIEM dashboards to meet customer requirements.Guide on building or maturing cloud security programs and the implementation of tools and approaches used for improving cloud security.Debug and solve customer issues in ingestion, parsing, normalization of data.Develop SOAR playbooks to provide case handling and Incident response as per triage needs.Professional & Technical Skills: SIEM experience in the areas of responsibility for at least 1 year.Implementation experience of YARA-L 2.0 and at least one more general-purpose language.Experience managing customer projects to completion, working with engineering teams, sales and partners.Experience architecting, developing, or maintaining SIEM and SOAR platforms & secure Cloud solutions.Strong verbal and written communication skills and the ability to develop high-qualityExperience in Prevention, Detection and response to cyber threatsGoogle SecOps SOAR experience of 1 year in creation of playbooks, testing and validation of playbooks, integration with custom actions using bespoke scripts, or other SOAR platformsKnowledge and experience in SIEM platformsDemonstrated experience on consulting or ownership of Security during high-speedenvironment migration for large-scale businesses with regulatory requirementsStrong verbal and written communication skills English and the ability to develop high-qualitytechnical documentation and presentation materials.Knowledge in GCP, including Google Cloud Professional Certifications Security, Architect and other industry certifications CISSP, CCSP.Experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs for cloud.Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures.Excellent organizational, problem-solving, articulating and influencing skills.Experience with industry compliance frameworks e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC. Additional Information:Bachelors degree in Computer Science, Engineering or related technical field or equivalent practical experience. 15 year's of education is required.8+ years experience in leading projects and delivering technical solutions related to securityAbility to be located in Mumbai, India for at least 1 year Qualification 15 years full time education

About the Opportunity Job Type: PermanentApplication Deadline: 31 July 2025 Title: Technical Specialist - Network Security Department: Enterprise Infrastructure Services (EIS) Location: Bangalore Reports To: Senior Technical Manager - ENS Level 4 About Fidelity International Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $611.4 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals. Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $471 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures. Find out more about what we do, our history, and how you could be a part of our future at . Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more. As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. About your team The Enterprise Network Services team are responsible for innovative network and firewall design solutions, supporting operations and delivering these services to the FIL business units. The ENS team have global responsibilities, delivering a regional support service through a virtual model, with staff located in our UK, European, India and Asia offices. About your role A Technical Specialist within Network and Firewall Operations will be expected to have an excellent knowledge of Firewalls, Security appliances, DNS (dynamic), Load Balancing, Proxy Services, IPS technologies from best of breed vendors. This knowledge should be underpinned with a fundamental network (Cisco) understanding. This highly technical and customer facing position will involve Operational support, Network and Firewall Governance and project delivery from concept, scoping, design through to implementation. The ability to work as a member of a diverse geographical based team is essential. Part of ENS team, delivering a regional support function identifying and driving tasks and initiatives to maintain stability deliver operational improvement. Incorporating service management, risk management, systems management (including monitoring) lifecycle management and reporting. Responsible for supporting all areas of the Fidelity business - including the Web (critical). The ability to work well with incident managers and interact with service delivery managers and project managers is fundamental; also need to be able to work under pressure in a busy and reactive environment. About you Degree holder in Computer Engineering, Telecommunications, or related disciplines. Be considered as a network security expert, with deep subject matter expertise in a number of technologies and a broad understanding across network security and non-network technology. Strong hands on experience of managing Firewall and security products including but not limited: Palo Alto Firewalls including Panarama (VPN/IPS/Wildfire) ZScaler Cloud Proxies F5 server load balancing and security technology (GTM/LTM/ASM/AFM) Excellent understanding of network security architecture, design and support. Excellent business scenes for a technical support environment. Proven Service Management (ITIL) experience, specifically incident, problem and change management Good analytical skill and able to solve complicated problem logically Good command of spoken and written English Good interpersonal skills, communication skills, project management skills and vendor management skills Must be flexible in approach to work content and responsibilities. Able to work under pressure within a busy environment and effectively multi-tasking Must be a self-starter and able to work with a minimum of supervision. For starters, well offer you a comprehensive benefits package. Well value your wellbeing and support your development. And well be as flexible as we can about where and when you work finding a balance that works for all of us. Its all part of our commitment to making you feel motivated by the work you do and happy to be part of our team.

As a Product Security Engineer II in Cyber Security at FICO, you will play a crucial role in supporting security governance for a wide range of customer-facing products and services throughout the entire product development lifecycle. Your responsibilities will include executing security review processes, managing exceptions, and collaborating with development teams to ensure the delivery of secure and trustworthy products. Reporting to the Sr Manager, Cyber Security, your focus will be on managing end-to-end security sign-off processes, coordinating security review workflows, leading the security exception management program, and facilitating cross-functional security program meetings and stakeholder communications. Additionally, you will be responsible for developing and maintaining security program metrics, dashboards, and executive reporting, overseeing security risk posture documentation, and coordinating AI governance processes for generative AI implementations. You will also drive process improvements and automation opportunities within security operations, establish and maintain security program documentation, standards, and operating procedures, and must possess skills in Security Program Management, Stakeholder Management, Product Security, Process Documentation & Analysis, and SDLC. The ideal candidate for this role will have 4-8 years of experience in program/project coordination, preferably in security or risk domains. Strong organizational and coordination skills with attention to detail, experience with security review processes and exception management, knowledge of security frameworks and risk management principles, and an understanding of AI/ML project lifecycles and governance considerations are required. Additionally, good communication skills with the ability to work effectively across technical and business teams, proficiency in tracking tools, documentation systems, and process management tools like JIRA, ServiceNow, Confluence, SDLC, and Risk management, as well as security-related certifications or training like Security+ (CompTIA), CISSP Associate, or AI/ML Security are essential. Experience in financial services or regulated industries, a background in security operations or product development support, and experience in incorporating agentic AI solutions into internal business processes, preferably on AWS Bedrock, are preferred. The role requires weekday working hours from 2 to 11 PM IST (UK shift). FICO offers an inclusive culture that reflects core values such as Acting Like an Owner, Delighting Customers, and Earning the Respect of Others. You will have the opportunity to make an impact, develop professionally, and leverage your unique strengths through valuable learning experiences. The company provides highly competitive compensation, benefits, and rewards programs to encourage you to bring your best every day and be recognized for your contributions. Additionally, you will enjoy an engaging, people-first work environment that promotes work/life balance, employee resource groups, and social events to foster interaction and camaraderie.,

As a Software Engineer at Wabtec Corporation, you will have the opportunity to demonstrate leadership in communicating business goals, programs, and processes for an area or business segment. You will play a crucial role in utilizing your experience and expertise to solve problems, develop and execute objectives for yourself and others, and contribute to achieving short-term and long-term business goals. In this role, you will be a key member of the Digital Mining Software team, responsible for representing high-quality design and development practices. Your responsibilities will include developing multi-threaded C++ applications running under an embedded Linux operating system, as well as working on Embedded JAVA and Qt/QML. You will be tasked with creating high-performing, scaling, and innovative end-to-end web applications. Collaboration is a key aspect of this role, as you will work closely with system engineers, frontend developers, and software developers to implement solutions that align with shared platforms and solutions. Utilizing principles of Software Development Life Cycle (SDLC) and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring, and Testing Techniques will be essential. Your role will involve writing code that meets standards and delivers desired functionality using the selected technology for the project. Additionally, you will build features such as web services and Queries on existing tables, understand performance parameters, and assess application performance. Working on core data structures, design patterns, and algorithms and implementing them in C++ 14 or higher will also be part of your responsibilities. Participating actively in design and code reviews will be crucial to ensure the quality and efficiency of the software development process. You will be expected to have a Bachelor's degree in information systems, Information Technology, Computer Science, or Computer/Electronic Engineering. Experience with software development and hands-on coding in various high-level programming languages and embedded platforms and processors is required. Desired characteristics for this role include a Master's degree in relevant fields, along with at least 5+ years of experience in software development and hands-on coding. Proven history in delivering successful high-quality embedded software products in C/C++, under embedded real-time operating systems such as Linux or QNX is preferred. Experience with various technologies and protocols like Linux device drivers, Cortex ARM range of microprocessors, common communication protocols, Bluetooth, WIFI, GPS tracking, and mining methods/vehicle types will be advantageous. Experience with web applications, front-end technologies, and exposure to Microsoft Technologies, .NET, DCOM, ATL, VC++, VB, SQL Server, Internet Technologies, SOA, Java, JBOSS, or XML is desirable. Knowledge of TDD, BDD, DevOps, CI/CD, data structures, algorithms, and software engineering principles is a plus. Strong oral and written communication skills, as well as interpersonal and leadership skills, are essential for this role. At Wabtec Corporation, we are committed to embracing diversity and inclusion, investing in our employees, and creating a culture where everyone belongs and is welcomed and appreciated. We value the variety of experiences, expertise, and backgrounds that bring us together and recognize that diverse perspectives make us better as a company.,

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Roles & Responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights.Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information:-Bachelors or masters degree in engineering or computer science, Information Security, or a related field.-Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Security Architect Enterprise AI Strategy, Scalable ML Platforms, and Secure AI DesignWe are looking for a seasoned and visionary AI Architect with 12+ years of experience in designing, securing, and leading scalable, responsible AI systems. This role blends AI solution architecture with security architecture and is ideal for professionals who bring together deep technical knowledge, strategic thinking, and a passion for trustworthy, ethical innovation.As an AI Architect, you will define the enterprise AI and security architecture, embed secure-by-design practices across AI platforms, and ensure alignment with privacy, compliance, and ethical standards across the entire ML lifecycleRoles & Responsibilities:Own the architectural vision for enterprise-wide AI and ML platforms, ensuring scalability, resilience, security, and regulatory compliance.Develop and maintain architectural blueprints for secure and responsible AI, covering areas such as bias mitigation, explainability, threat modeling, and data protection.Define and implement AI security architecture practices, including secure access to models, datasets, APIs, and ML pipelines.Collaborate with MLOps, engineering, DevSecOps, and cloud security teams to develop standardized, reusable, and secured AI infrastructure components.Ensure AI systems comply with global regulations and standards (e.g., GDPR, ISO 42001, NIST AI RMF, and ISO/IEC 27001).Evaluate and introduce tools and frameworks that support privacy-preserving AI, adversarial robustness, model security, and interpretability.Lead efforts to design and enforce secure AI development workflows, from data ingestion to model deployment and monitoring.Partner with Security Architects and Risk teams to identify and mitigate AI-specific attack surfaces, including adversarial attacks and model poisoning.Conduct risk assessments and threat modeling for AI systems, including LLMs, generative models, and federated learning architectures.Collaborate with internal InfoSec, Privacy, and Legal stakeholders to align AI initiatives with enterprise cybersecurity strategies.Establish monitoring and incident response guidelines for AI workloads, including model drift, data leakage, and compliance alerts.Lead and mentor a multidisciplinary team of AI engineers, ML architects, and AI security specialists.Drive cross-functional initiatives with stakeholders in cloud, legal, compliance, and business domains to ensure holistic AI strategy implementation.Serve as a strategic advisor on AI and ML security topics across various business units and projects.Support the development and enforcement of enterprise-wide AI security and governance policies.Lead architecture review boards focused on AI and ensure consistent application of best practices across AI platforms.Professional & Technical Skills: Strong experience designing and deploying secure, large-scale ML systems in cloud and hybrid environments.Deep understanding of secure development practices, identity and access management (IAM) for ML workloads, model versioning, and auditability.Familiarity with:oCloud-native security tools (AWS IAM, KMS, GCP Workload Identity, Azure Key Vault)oAI attack mitigation (e.g., adversarial training, input sanitization, model watermarking)oSecure MLOps and CI/CD for AIoTools for model explainability (SHAP, LIME), monitoring (Prometheus, Grafana), and compliance tracking.Experience with data privacy, encryption techniques (at rest/in transit/in use), and secure federated learning is a plus.Proven leadership in AI security architecture and secure ML engineering practices.Exceptional stakeholder communication and ability to advocate for responsible AI across technical and executive teams.Strategic mindset with an ability to balance innovation with risk mitigation.Strong documentation, risk assessment, and audit reporting skills in security-centric environments.Proven success in building and securing AI platforms with strong focus on privacy, ethical AI, and regulatory compliance.- Additional Information:Bachelors or Masters degree in Computer Science, Artificial Intelligence, Information Security, or related field.Industry certifications preferred:Cloud AI (e.g., AWS Certified Machine Learning Specialty, GCP ML Engineer)Security (e.g., CISSP, CCSP, Certified AI Security Professional, TOGAF)- 12+ years of experience in AI/ML solution architecture with 4+ years focused on AI security, governance, or compliance.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organizations AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks.Roles & Responsibilities:Define and execute the AI red teaming strategy across the organization.Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts.Review AI/ML system architecture to identify security gaps and advocate for secure design patterns.Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing.Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies.Contribute to secure development practices for model deployment pipelines and lifecycle management.Lead and mentor a specialized team of AI security analysts and red teamers.Represent AI security strategy in executive forums and drive cross-functional alignment.Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles.Drive internal policy-making efforts around responsible and secure AI development practices.Own and lead remediation initiatives, translating findings into actionable improvements across teams.Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders.Proven experience managing high-impact security initiatives and leading diverse teams.Strategic thinker capable of aligning AI security objectives with business goals.Passionate about AI safety, responsible innovation, and emerging threat landscapes.Strong analytical and problem-solving skills in high-pressure environments.Hands-on expertise in red teaming AI/ML systems at scale.Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics.Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF.Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices.Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities.Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments.- Additional Information:Bachelors or Masters degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus.- 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards.Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262.Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem.Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements.Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies, procedures, and guidelines to ensure compliance with regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Product Security.- Good To Have Skills: Experience with Google Cloud Data Services.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and tools.- Ability to design and implement security controls in cloud environments. Additional Information:- The candidate should have minimum 7.5 years of experience in Product Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements.Roles & Responsibilities:Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS.Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems.Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs.Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi.Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts.Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance.Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations.Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements.Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols.Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262.Professional & Technical Skills: Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 34 years focused on penetration testing, diagnostics security, or secure ECU architecture.Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular.Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways.Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering.Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication.Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms.Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams.Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262).Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation.Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information:5+ years experience implementing and performing Automotive CybersecurityExperience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Design and deliver enterprise-scale application solutions Lead architecture, coding, code reviews, testing, and deployment activities Collaborate with cross-functional teams including Product, QA, and DevOps Drive adoption of best practices in performance, security, and observability Mentor junior engineers and support technical leadership initiatives Immediate to 30 days (preferred)

Job Description Summary We are looking for an Sr Product Security Analyst, with a focus in vulnerability management and incident response capability. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the product incident response team. Job Description Roles and Responsibilities In this role, you will: Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment Engage in incident response methods lead incident response processes related to product cyber Create and track meaningful metrics around product cyber risk and compensating controls Create vulnerability and incident trend analysis to improve product design Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components Engage and administer End Of Life processes for digital products Consult, architect on security requirements and utilize best practices to meet them Engage in application and domain-specific threat modeling and attack surface analysis/reduction Help prepare reports at appropriate levels of confidentiality for stakeholders to view Responding promptly and in detail to customer-sponsored penetration tests Provides guidance on automated testing tools and techniques Education Qualification For roles outside USA: Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with advanced experience. For roles in USA:Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with minimum years of experience4years Desired CharacteristicsTechnical Expertise: Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance Program and Project Management experience; expertise with Agile development teams Experience with secure coding principles; code signing; secure boot Experience with penetration testing and ethical hacking Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) Experienced in developing web services (SOAP/REST) Must be available for on call for potential security response Knowledge of application risk identification and evaluation techniques Knowledge of Cyber Security and full knowledge of multiple related engineering functions Experience securing applications within cloud platforms such as AWS, Azure and alike. Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment Note Note: To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used. This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Job Description Summary We are looking for an Sr Product Security Analyst, with a focus in vulnerability management and incident response capability. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the product incident response team. Job Description Roles and Responsibilities In this role, you will: Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment Engage in incident response methods lead incident response processes related to product cyber Create and track meaningful metrics around product cyber risk and compensating controls Create vulnerability and incident trend analysis to improve product design Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components Engage and administer End Of Life processes for digital products Consult, architect on security requirements and utilize best practices to meet them Engage in application and domain-specific threat modeling and attack surface analysis/reduction Help prepare reports at appropriate levels of confidentiality for stakeholders to view Responding promptly and in detail to customer-sponsored penetration tests Provides guidance on automated testing tools and techniques Education Qualification For roles outside USA: Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with advanced experience. For roles in USA:Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with minimum years of experience4years Desired CharacteristicsTechnical Expertise: Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance Program and Project Management experience; expertise with Agile development teams Experience with secure coding principles; code signing; secure boot Experience with penetration testing and ethical hacking Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) Experienced in developing web services (SOAP/REST) Must be available for on call for potential security response Knowledge of application risk identification and evaluation techniques Knowledge of Cyber Security and full knowledge of multiple related engineering functions Experience securing applications within cloud platforms such as AWS, Azure and alike. Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment Note Note: To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used. This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager. Additional Information Relocation Assistance Provided: Yes

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars security We are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities: Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware. Perform hardware penetration testing to identify vulnerabilities in electronic systems. Assess the security of medical devices, ensuring compliance with industry regulations and standards. Identify and address security risks associated with healthcare information systems and connected medical instruments. Evaluate and prioritize security risks based on potential impact and likelihood. Provide recommendations and collaborate with cross-functional teams to implement effective security controls. Stay current with emerging security threats, vulnerabilities, and testing methodologies. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle. Document security testing processes, findings, and remediation recommendations. Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. Ability to manage multiple tasks and deadlines. Hands on experience with penetration testing tools and methodologies. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments. Knowledge of secure coding practices and the ability to review code for security vulnerabilities. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines. Experience with threat modeling and risk assessment frameworks. Familiarity with secure development practices for embedded systems. Understanding of regulatory requirements for medical device security. Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information: -Bachelors or masters degree in engineering or computer science, Information Security, or a related field. -Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). - 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security. - This position is based at our Bengaluru office - A 15 years full time education is required. Show more Show less

As a Software Developer at Ericsson, you will play a crucial role in constructing customer solutions during the building phase of the Software Development Life Cycle (SDLC). Your responsibilities will include designing and developing detailed software solutions, integrating various software components, and actively participating in software component and system testing. You will work closely with the System Architect to ensure adherence to specifications and contribute to early testing phases. You will be involved in coding software components, supporting system testing, and ensuring compliance with the organization's best practices for software development. Additionally, you will play a key role in pre-sales activities and the delivery of software solutions. Your expertise in Cloud Technologies (such as Kubernetes, Docker, AWS), Security, DevSecOps, Front End Development, and Agile methodology will be essential in this role. Key Responsibilities: - Design and develop detailed software solutions. - Develop and integrate various software components. - Actively participate in software component and system testing. - Support pre-sales and delivery of software. - Ensure compliance with organization's best practices for software development. - Contribute to asset creation and reuse in software design and development. Skills Required: - Cloud Technologies (Kubernetes, Docker, AWS, Container, Microservices, Spring Boot). - Security Reliability Model (SRM). - Application and Product security. - IT security and compliance. - Agile methodology. - Vulnerability Management. - CI/CD. - Back End Development. - Java Spring Boot Framework. - Tools for CI/CD (Git, Gerrit, Jenkins, Sonar, Helm). Join our team at Ericsson and be part of a dynamic environment where your skills and expertise will be valued in shaping innovative software solutions.,

The BMC Product Security Group (PSG) is looking for a passionate Product Development Engineer with strong engineering skills and a deep understanding of secure software development practices. This role is ideal for someone with a solid foundation in Java development , DevSecOps , container orchestration , and security tooling , who is passionate about integrating security into the software development lifecycle. You will work closely with product, engineering, and security teams to embed security into every phase of the product lifecyclefrom development to deployment. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Develop and maintain secure, high-quality Java code for tools, integrations, or product features. Design and implement secure CI/CD pipelines with DevSecOps practices. Manage containerization and orchestration using Docker and Kubernetes. Automate security-related tasks and processes using Python or other scripting languages. Collaborate with development teams to integrate security controls and static/dynamic analysis tools into CI/CD workflows. Implement and manage product security tools (e.g., SAST, DAST, SCA, container scanning). Advocate for security best practices across engineering teams through training, documentation, and tooling. Monitor the security landscape for new vulnerabilities, tools and threats relevant to our tech stack To ensure youre set up for success, you will bring the following skillset & experience: 5+ years of experience in software engineering or product security engineering. Strong proficiency in Java and experience developing secure applications. Hands-on experience with containers (Docker) and Kubernetes in production environments. Deep understanding of DevSecOps principles and secure SDLC. Proficiency in scripting languages like Python , Bash, or similar. Familiarity with security tools such as Fortify, JFrog, Checkmarx, Aqua, Sonatype, Blackduck etc. Experience with CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI). Solid grasp of application and cloud security principles. Knowledge of cloud-based development, AI/ML, GenAI frameworks is a plus.

Define, plan, and drive schedules for leveraged programs on Software and firmware activities Collaborate with the Product Security team to identify the Embedded product's specific security vulnerabilities, finalize fixes with the team and ensure the fixes go into all the product line in a timely manner Defining cross functional ownership and managing membership and effective performance of the core team Engage with internal and external stakeholders in product planning, development, and validation activities Driver Product security initiatives within the Engineering function in alignment with the organizational expectations. Drive and improve security fix metrics for the BU Manage internal and external dependencies across all Programs Track and report team status vs objectives throughout the lifecycle of project Data and metric generation, visualization and decision-making Support senior management to drive execution excellence, tracking reporting of key metrics Assist in developing and implementing project management best practices, tools, templates and metrics to drive continuous process improvement within engineering PREFERRED EXPERIENCE: Technical background in semiconductor industry with 5 years hands on technical work, 5 years of program management experience and an overall industry experience of 15+ years Experience leading software and firmware workstreams in Embedded domain Awareness of Product Security and knowledge of driving products and software security vulnerabilities Deft in planning, scheduling, and tracking of activities including assessing and monitoring the risks and dependencies closely. Horizontal leadership/Matrix management experience Managed or experienced working with external vendors or ODCs Handling of cross functional engagements Ability to structure and execute complex analysis, draw insights, and communicate summary findings/recommendations to senior management. Ability to network, build relationships, and drive effective decision-making across multiple functions and levels within the organization Highly organized, able to prioritize, and juggle multiple work streams to tight deadlines Flexible working schedule to manage global (Asia and North America) program execution teams Experience using tools such as JIRA, Confluence, SharePoint MS Project Strong analytical and problem-solving skills ACADEMIC CREDENTIALS: Engineering degree in Computer science / Electrical / Electronics Communications with 15+ years of industry experience PMP certification is preferred, but not mandatory. Excellent communication and inter-personal skills.

Role & responsibilities 1. Vulnerability Assessment & Management. • Coordinate with IT teams to patch systems and applications based on critical vulnerabilities. • Assess and mitigate security risks associated with new software, systems, and third-party services. 2. Compliance & Risk Management • Ensure compliance with industry standards (ISO 27001, NIST, GDPR, SOC 2) and regulatory requirements. • Perform risk assessments to evaluate the effectiveness of existing security controls. • Work with internal teams to implement best practices for secure configurations and data protection. 3. Security Architecture & Implementation • Assist in designing and implementing secure architectures for cloud, on-premises, and hybrid environments. • Evaluate and recommend new cybersecurity tools and technologies. Required Qualifications Bachelors degree in computer science, Information Security, or a related field. Experience in cybersecurity roles such as security analyst, incident responder, or similar. Strong understanding of cybersecurity frameworks (NIST, ISO 27001) and regulatory compliance requirements. Experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and endpoint security solutions. Proficiency in conducting vulnerability assessments, penetration testing, and risk management. Strong knowledge of cloud security (AWS, Azure, GCP). Preferred Qualifications Industry certifications such as CISSP, CEH, CISM, or OSCP. Experience with DevSecOps, CI/CD pipelines, and secure software development practices. Familiarity with Zero Trust, EDR/XDR solutions, and threat intelligence platforms. Ability to work both independently and as part of a team. Excellent communication and documentation skills. Preferred candidate profile Experience: 5-7 Years Employment: Permanent Full Time Mode: Hybrid Location: Pune / Chennai / Bangalore / Mumbai ***** LOOKING FOR CANDIDATES WHO CAN JOIN MAX WITHIN 15 DAYS ONLY***** If interested kindly share your resume to lakshmi.naidu@citiustech.com with below details: Total Experience: Relevant Experience in Security Analyst: Current CTC: Expected CTC: Notice Period: Current Location: Preferred Location:

About The Role Project Role : Security Architect Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities:. Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware. Perform hardware penetration testing to identify vulnerabilities in electronic systems. Assess the security of medical devices, ensuring compliance with industry regulations and standards. Identify and address security risks associated with healthcare information systems and connected medical instruments. Evaluate and prioritize security risks based on potential impact and likelihood. Provide recommendations and collaborate with cross-functional teams to implement effective security controls. Stay current with emerging security threats, vulnerabilities, and testing methodologies. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle. Document security testing processes, findings, and remediation recommendations. Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: . Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. Ability to manage multiple tasks and deadlines. Hands on experience with penetration testing tools and methodologies. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments. Knowledge of secure coding practices and the ability to review code for security vulnerabilities. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines. Experience with threat modeling and risk assessment frameworks. Familiarity with secure development practices for embedded systems. Understanding of regulatory requirements for medical device security. Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information:. Bachelors or master's degree in engineering or computer science, Information Security, or a related field. Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Product Security Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will provide enterprise-level advice to make organizations cyber resilient. Your typical day will involve engaging with various stakeholders to assess their security posture, identifying vulnerabilities, and recommending strategies to enhance their defenses against cyber threats. You will also facilitate discussions on best practices and ensure that digital assets are protected while fostering trust within the organization and with external partners. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Conduct regular security assessments and audits to identify potential risks.- Develop and implement security policies and procedures to enhance organizational resilience. Professional & Technical Skills: - Must To Have Skills: Proficiency in Product Security.- Experience with threat modeling and risk assessment methodologies.- Strong understanding of security frameworks and compliance standards.- Ability to analyze security incidents and develop response strategies.- Familiarity with security tools and technologies for vulnerability management. Additional Information:- The candidate should have minimum 12 years of experience in Product Security.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education